satellite/modules/nixos/cloudflared.nix

{ config, lib, ... }:
let
  cfg = config.satellite.cloudflared;
in
{
  options.satellite.cloudflared = {
    tunnel = lib.mkOption {
      type = lib.types.str;
      description = "Cloudflare tunnel id to use for the `satellite.cloudflared.at` helper";
    };

    domain = lib.mkOption {
      description = "Root domain to use as a default for configurations.";
      type = lib.types.str;
      default = config.satellite.dns.domain;
    };

    at = lib.mkOption {
      description = "List of hosts to set up ingress rules for";
      default = { };
      type = lib.types.attrsOf (
        lib.types.submodule (
          { name, config, ... }:
          {
            options = {
              subdomain = lib.mkOption {
                description = ''
                  Subdomain to use for host generation.
                  Only required if `host` is not set manually.
                '';
                type = lib.types.str;
                default = name;
              };

              port = lib.mkOption {
                description = "Localhost port to point the tunnel at";
                type = lib.types.port;
              };

              host = lib.mkOption {
                description = "Host to direct traffic from";
                type = lib.types.str;
                default = "${config.subdomain}.${cfg.domain}";
              };

              protocol = lib.mkOption {
                description = "The protocol to redirect traffic through";
                type = lib.types.str;
                default = "http";
              };

              url = lib.mkOption {
                description = "External https url used to access this host";
                type = lib.types.str;
              };
            };

            config.url = "https://${config.host}";
          }
        )
      );
    };
  };

  config.services.cloudflared.tunnels.${cfg.tunnel}.ingress = lib.attrsets.mapAttrs' (
    _:
    {
      port,
      host,
      protocol,
      ...
    }:
    {
      name = host;
      value = "${protocol}://localhost:${toString port}";
    }
  ) cfg.at;

  config.satellite.dns.records =
    let
      mkDnsRecord =
        { subdomain, ... }:
        {
          type = "CNAME";
          at = subdomain;
          zone = cfg.domain;
          value = "${cfg.tunnel}.cfargotunnel.com.";
          enableCloudflareProxy = true;
        };
    in
    lib.attrsets.mapAttrsToList (_: mkDnsRecord) cfg.at;
}
Set up microbin 2024-05-09 15:20:03 +02:00			`{ config, lib, ... }:`
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`let`
			`cfg = config.satellite.cloudflared;`
Set up microbin 2024-05-09 15:20:03 +02:00			`in`
			`{`
			`options.satellite.cloudflared = {`
			`tunnel = lib.mkOption {`
Update disko + fix `types.string` usage 2024-05-21 01:56:53 +02:00			`type = lib.types.str;`
Commit after not doing it for weeks 2024-07-06 19:32:14 +02:00			description = "Cloudflare tunnel id to use for the `satellite.cloudflared.at` helper";
Set up microbin 2024-05-09 15:20:03 +02:00			`};`

Custom octodns setup! 2024-07-08 03:06:27 +02:00			`domain = lib.mkOption {`
			`description = "Root domain to use as a default for configurations.";`
			`type = lib.types.str;`
			`default = config.satellite.dns.domain;`
			`};`

Commit after not doing it for weeks 2024-07-06 19:32:14 +02:00			`at = lib.mkOption {`
Add basic forgejo config 2024-05-11 01:09:43 +02:00			`description = "List of hosts to set up ingress rules for";`
			`default = { };`
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`type = lib.types.attrsOf (`
			`lib.types.submodule (`
			`{ name, config, ... }:`
			`{`
			`options = {`
			`subdomain = lib.mkOption {`
			`description = ''`
			`Subdomain to use for host generation.`
			Only required if `host` is not set manually.
			`'';`
			`type = lib.types.str;`
			`default = name;`
			`};`
Custom octodns setup! 2024-07-08 03:06:27 +02:00
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`port = lib.mkOption {`
			`description = "Localhost port to point the tunnel at";`
			`type = lib.types.port;`
			`};`
Set up microbin 2024-05-09 15:20:03 +02:00
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`host = lib.mkOption {`
			`description = "Host to direct traffic from";`
			`type = lib.types.str;`
			`default = "${config.subdomain}.${cfg.domain}";`
			`};`
Custom octodns setup! 2024-07-08 03:06:27 +02:00
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`protocol = lib.mkOption {`
			`description = "The protocol to redirect traffic through";`
			`type = lib.types.str;`
			`default = "http";`
			`};`

			`url = lib.mkOption {`
			`description = "External https url used to access this host";`
			`type = lib.types.str;`
			`};`
			`};`
Custom octodns setup! 2024-07-08 03:06:27 +02:00
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`config.url = "https://${config.host}";`
			`}`
			`)`
			`);`
Set up microbin 2024-05-09 15:20:03 +02:00			`};`
			`};`
Add basic forgejo config 2024-05-11 01:09:43 +02:00
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`config.services.cloudflared.tunnels.${cfg.tunnel}.ingress = lib.attrsets.mapAttrs' (`
			`_:`
			`{`
			`port,`
			`host,`
			`protocol,`
			`...`
			`}:`
			`{`
Add basic forgejo config 2024-05-11 01:09:43 +02:00			`name = host;`
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`value = "${protocol}://localhost:${toString port}";`
			`}`
			`) cfg.at;`
Custom octodns setup! 2024-07-08 03:06:27 +02:00
			`config.satellite.dns.records =`
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`let`
			`mkDnsRecord =`
			`{ subdomain, ... }:`
			`{`
			`type = "CNAME";`
			`at = subdomain;`
			`zone = cfg.domain;`
			`value = "${cfg.tunnel}.cfargotunnel.com.";`
Fix octodns setup 2024-10-11 14:11:52 +02:00			`enableCloudflareProxy = true;`
Set up forgejo ssh 2024-09-11 16:30:19 +02:00			`};`
			`in`
			`lib.attrsets.mapAttrsToList (_: mkDnsRecord) cfg.at;`
Set up microbin 2024-05-09 15:20:03 +02:00			`}`