Services: add Cockpit
This commit is contained in:
parent
dd8e3cc2ff
commit
446c0afd75
|
@ -234,11 +234,11 @@
|
|||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1722808247,
|
||||
"narHash": "sha256-86DGPkJh8dXSS/M5F6a0M7roGdn3QSTGY0X5fUyZk/M=",
|
||||
"lastModified": 1723834524,
|
||||
"narHash": "sha256-MmOQDY6EjyzyX0HLFjOV3EgUqtHrcXRdjhc6eIE/wyc=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "1cc4e1ea861931fccbfd7d7ca8e364ca277138d6",
|
||||
"revCount": 57,
|
||||
"rev": "6ca21756c9f3653a0f1e60c5cb7abc8ea5ab0d46",
|
||||
"revCount": 58,
|
||||
"type": "git",
|
||||
"url": "file:./nix-secrets"
|
||||
},
|
||||
|
|
|
@ -11,6 +11,7 @@ let
|
|||
|
||||
subdomains = [
|
||||
config.secrets.services.airsonic.url
|
||||
config.secrets.services.cockpit.url
|
||||
config.secrets.services.forgejo.url
|
||||
config.secrets.services.gremlin-lab.url
|
||||
config.secrets.services.jellyfin.url
|
||||
|
@ -141,6 +142,11 @@ in
|
|||
domain = config.secrets.networking.primaryDomain;
|
||||
url = config.secrets.services.airsonic.url;
|
||||
};
|
||||
cockpit = {
|
||||
enable = true;
|
||||
domain = config.secrets.networking.primaryDomain;
|
||||
url = config.secrets.services.cockpit.url;
|
||||
};
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
autostart = false;
|
||||
|
|
61
modules/services/cockpit.nix
Normal file
61
modules/services/cockpit.nix
Normal file
|
@ -0,0 +1,61 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.aux.system.services.cockpit;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
aux.system.services.cockpit = {
|
||||
enable = lib.mkEnableOption "Enables Cockpit monitoring.";
|
||||
domain = lib.mkOption {
|
||||
default = "";
|
||||
type = lib.types.str;
|
||||
description = "The root domain that Cockpit will be hosted on.";
|
||||
example = "example.com";
|
||||
};
|
||||
url = lib.mkOption {
|
||||
default = "";
|
||||
type = lib.types.str;
|
||||
description = "The complete URL where Cockpit is hosted.";
|
||||
example = "https://cockpit.example.com";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
services = {
|
||||
nginx.virtualHosts."${cfg.url}" = {
|
||||
useACMEHost = cfg.domain;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:9090";
|
||||
extraConfig = ''
|
||||
# Taken from https://garrett.github.io/cockpit-project.github.io/external/wiki/Proxying-Cockpit-over-NGINX
|
||||
# Required to proxy the connection to Cockpit
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# Required for web sockets to function
|
||||
proxy_http_version 1.1;
|
||||
proxy_buffering off;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
cockpit = {
|
||||
enable = true;
|
||||
port = 9090;
|
||||
settings = {
|
||||
WebService = {
|
||||
Origins = "https://${cfg.url} wss://${cfg.url}";
|
||||
ProtocolHeader = "X-Forwarded-Proto";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd.services.nginx.wants = [ config.systemd.services.cockpit.name ];
|
||||
|
||||
};
|
||||
}
|
|
@ -1 +1 @@
|
|||
Subproject commit 1cc4e1ea861931fccbfd7d7ca8e364ca277138d6
|
||||
Subproject commit 6ca21756c9f3653a0f1e60c5cb7abc8ea5ab0d46
|
Loading…
Reference in a new issue