Files
nix-stuff/triple-dezert/proxied/options.nix
2025-02-21 16:10:34 -08:00

74 lines
1.9 KiB
Nix

{ lib, config, ... }:
let
inherit (lib) mkOption types;
outerConfig = config;
ip4Segment = "[0-9]{1,3}";
ip4Address = types.addCheck (types.strMatching (
lib.concatStringsSep "\\." [
ip4Segment
ip4Segment
ip4Segment
ip4Segment
]
)) (s: lib.all (p: (lib.toInt p) < 255) (lib.splitString "." s));
# Note: This accepts plenty of strings that aren't valid ipv6 addresses, this is just to catch when you accidentally put an ipv4 or something else in
ip6Address = types.strMatching "([a-fA-F0-9]{4}::?){1,7}[a-fA-F0-9]{4}";
ipAddress = types.either ip4Address ip6Address;
in
{
# vacu.proxiedServices.habitat
options.vacu.proxiedServices = mkOption {
default = { };
type = types.attrsOf (
types.submodule (
{ name, config, ... }:
{
options = {
enable = mkOption {
type = types.bool;
default = false;
};
name = mkOption {
default = name;
type = types.str;
};
fromContainer = mkOption {
default = null;
type = types.nullOr types.str;
};
port = mkOption { type = types.port; };
ipAddress = mkOption { type = ipAddress; };
domain = mkOption { type = types.str; };
forwardFor = mkOption {
type = types.bool;
default = false;
};
maxConnections = mkOption {
type = types.int;
default = 500;
};
useSSL = mkOption {
type = types.bool;
default = false;
};
};
config = lib.mkMerge [
(lib.mkIf (config.fromContainer != null) {
ipAddress = outerConfig.containers.${config.fromContainer}.localAddress;
})
];
}
)
);
};
}