sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: adjust wireguard accessors to use globals

Browse source
This commit is contained in:
oddlama 2025-09-13 21:14:50 +02:00
parent 157c303f38
commit b885d1062b
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
28 changed files with 169 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/sire/guests/paperless.nix
View file

@ -7,8 +7,6 @@
...
}:
let
sentinelCfg = nodes.sentinel.config;
wardWebProxyCfg = nodes.ward-web-proxy.config;
paperlessDomain = "paperless.${globals.domains.me}";
paperlessBackupDir = "/var/cache/paperless-backup";
in
@ -37,7 +35,10 @@ in
nodes.sentinel = {
services.nginx = {
upstreams.paperless = {
servers."${config.wireguard.proxy-sentinel.ipv4}:${toString config.services.paperless.port}" = { };
servers."${
globals.wireguard.proxy-sentinel.hosts.${config.node.name}.ipv4
}:${toString config.services.paperless.port}" =
{ };
extraConfig = ''
zone paperless 64k;
keepalive 2;
@ -65,7 +66,10 @@ in
nodes.ward-web-proxy = {
services.nginx = {
upstreams.paperless = {
servers."${config.wireguard.proxy-home.ipv4}:${toString config.services.paperless.port}" = { };
servers."${
globals.wireguard.proxy-home.hosts.${config.node.name}.ipv4
}:${toString config.services.paperless.port}" =
{ };
extraConfig = ''
zone paperless 64k;
keepalive 2;
@ -129,8 +133,8 @@ in
PAPERLESS_ALLOWED_HOSTS = paperlessDomain;
PAPERLESS_CORS_ALLOWED_HOSTS = "https://${paperlessDomain}";
PAPERLESS_TRUSTED_PROXIES = lib.concatStringsSep "," [
sentinelCfg.wireguard.proxy-sentinel.ipv4
wardWebProxyCfg.wireguard.proxy-home.ipv4
globals.wireguard.proxy-home.hosts.ward-web-proxy.ipv4
globals.wireguard.proxy-sentinel.hosts.sentinel.ipv4
];
# Authentication via kanidm