From 617dd624903cdb23951f1484c19bc1574b10fa74 Mon Sep 17 00:00:00 2001
From: Linnnus <linnnus@users.noreply.github.com>
Date: Sun, 16 Mar 2025 13:22:12 +0100
Subject: ahmed: Add certificates for local DNS

---
 hosts/ahmed/torrenting/reverse-proxy.nix | 23 +++++++----------------
 1 file changed, 7 insertions(+), 16 deletions(-)

(limited to 'hosts/ahmed/torrenting')

diff --git a/hosts/ahmed/torrenting/reverse-proxy.nix b/hosts/ahmed/torrenting/reverse-proxy.nix
index 1cee18f..7f8db3e 100644
--- a/hosts/ahmed/torrenting/reverse-proxy.nix
+++ b/hosts/ahmed/torrenting/reverse-proxy.nix
@@ -1,20 +1,8 @@
 # This module configures a reverse proxy for the various services that are
 # exposed to the internet.
-{
-  pkgs,
-  config,
-  lib,
-  ...
-}: let
-  baseDomain = "internal";
-  qbDomain = "qbittorrent.${baseDomain}";
-  jellyfinDomain = "jellyfin.${baseDomain}";
-
+{config, ...}: let
   # The internal port where qBittorrents web UI will be served.
   qbWebUiPort = 8082;
-
-  # Whether to use ACME/Letsencrypt to get free certificates.
-  useACME = true;
 in {
   services.qbittorrent = {
     openFirewall = false;
@@ -32,14 +20,14 @@ in {
 
   # Use NGINX as a reverse proxy.
   services.nginx = {
-    virtualHosts.${qbDomain} = {
+    virtualHosts."qbittorrent.${config.linus.local-dns.domain}" = {
       locations."/" = {
         proxyPass = "http://localhost:${toString qbWebUiPort}";
         recommendedProxySettings = true;
       };
     };
 
-    virtualHosts.${jellyfinDomain} = {
+    virtualHosts."jellyfin.${config.linus.local-dns.domain}" = {
       locations."/" = {
         # This is the "static port" of the HTTP web interface.
         #
@@ -62,5 +50,8 @@ in {
     };
   };
 
-  # See also `hosts/ahmed/dns/default.nix`.
+  linus.local-dns.subdomains = [
+    "qbittorrent"
+    "jellyfin"
+  ];
 }
-- 
cgit v1.2.3