62 lines
1.7 KiB
Nix
62 lines
1.7 KiB
Nix
|
{ config, lib, ... }:
|
||
|
|
let
|
||
|
|
cfg = config.aux.system.services.cockpit;
|
||
|
|
in
|
||
|
|
{
|
||
|
|
options = {
|
||
|
|
aux.system.services.cockpit = {
|
||
|
|
enable = lib.mkEnableOption "Enables Cockpit monitoring.";
|
||
|
|
domain = lib.mkOption {
|
||
|
|
default = "";
|
||
|
|
type = lib.types.str;
|
||
|
|
description = "The root domain that Cockpit will be hosted on.";
|
||
|
|
example = "example.com";
|
||
|
|
};
|
||
|
|
url = lib.mkOption {
|
||
|
|
default = "";
|
||
|
|
type = lib.types.str;
|
||
|
|
description = "The complete URL where Cockpit is hosted.";
|
||
|
|
example = "https://cockpit.example.com";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
config = lib.mkIf cfg.enable {
|
||
|
|
|
||
|
|
services = {
|
||
|
|
nginx.virtualHosts."${cfg.url}" = {
|
||
|
|
useACMEHost = cfg.domain;
|
||
|
|
forceSSL = true;
|
||
|
|
locations."/" = {
|
||
|
|
proxyPass = "http://127.0.0.1:9090";
|
||
|
|
extraConfig = ''
|
||
|
|
# Taken from https://garrett.github.io/cockpit-project.github.io/external/wiki/Proxying-Cockpit-over-NGINX
|
||
|
|
# Required to proxy the connection to Cockpit
|
||
|
|
proxy_set_header Host $host;
|
||
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
|
|
||
|
|
# Required for web sockets to function
|
||
|
|
proxy_http_version 1.1;
|
||
|
|
proxy_buffering off;
|
||
|
|
proxy_set_header Upgrade $http_upgrade;
|
||
|
|
proxy_set_header Connection "upgrade";
|
||
|
|
'';
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
cockpit = {
|
||
|
|
enable = true;
|
||
|
|
port = 9090;
|
||
|
|
settings = {
|
||
|
|
WebService = {
|
||
|
|
Origins = "https://${cfg.url} wss://${cfg.url}";
|
||
|
|
ProtocolHeader = "X-Forwarded-Proto";
|
||
|
|
};
|
||
|
|
};
|
||
|
|
};
|
||
|
|
};
|
||
|
|
systemd.services.nginx.wants = [ config.systemd.services.cockpit.name ];
|
||
|
|
|
||
|
|
};
|
||
|
|
}
|