init

2025-12-23 19:46:22 +01:00 · 2025-12-23 19:46:22 +01:00 · 2de1a62d2f
commit 2de1a62d2f
parent 7f5c5b718f
5 changed files with 246 additions and 0 deletions
--- a/modules/containers/nginx.nix
+++ b/modules/containers/nginx.nix
@ -0,0 +1,70 @@
+{
+  inputs,
+  outputs,
+  lib,
+  config,
+  pkgs,
+  ...
+}: let
+  inherit (lib) mkEnableOption mkIf mkOption types;
+  cfg = config.horseman.containers.nginx;
+in {
+  options = {
+    horseman.containers.nginx = {
+      enable = mkEnableOption "nginx container";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    networking.extraHosts = "192.168.100.1 koendev.nl *.koendev.nl";
+
+    containers.nginx = {
+      autoStart = true;
+      privateNetwork = true;
+      hostAddress = "172.16.0.1";
+      localAddress = "192.168.100.1";
+
+      bindMounts = {
+        "/var/www/portfolio" = {
+          hostPath = "/home/horseman/Programming/portfolio/_site";
+          isReadOnly = true;
+        };
+      };
+
+      config = {
+        config,
+        pkgs,
+        lib,
+        ...
+      }: {
+        services.nginx = {
+          enable = true;
+
+          virtualHosts = {
+            "koendev.nl" = {
+              # addSSL = false;
+              # enableACME = false;
+              root = "/var/www/portfolio";
+            };
+
+            "vault.koendev.nl" = {
+              locations."/" = {
+                proxyPass = "http://172.16.0.2";
+              };
+            };
+          };
+        };
+
+        networking = {
+          firewall = {
+            enable = true;
+            allowedTCPPorts = [80];
+          };
+          useHostResolvConf = lib.mkForce false;
+        };
+        services.resolved.enable = true;
+        system.stateVersion = "23.11";
+      };
+    };
+  };
+}