Skip to content

Commit

Permalink
WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
rhoriguchi committed Sep 18, 2024
1 parent 5ab18ca commit ab4f443
Show file tree
Hide file tree
Showing 6 changed files with 120 additions and 37 deletions.
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ secrets, ... }: {
{ config, secrets, ... }: {
imports = [
../common.nix

Expand All @@ -20,5 +20,7 @@
authProtocols = [ "WPA-PSK" ];
};
};

firewall.allowedTCPPorts = [ config.services.nginx.defaultHTTPListenPort config.services.nginx.defaultSSLListenPort ];
};
}
Original file line number Diff line number Diff line change
@@ -1,24 +1,35 @@
{ pkgs, ... }: {
hardware.printers.ensurePrinters = [{
name = "Default";

# lpinfo -v
deviceUri = "hp:/usb/ENVY_4500_series?serial=CN4CS2325205X4";

# lpinfo -m
model = "HP/hp-envy_4500_series.ppd.gz";

# lpoptions -p Default -l
ppdOptions = {
ColorModel = "KGray";
Duplex = "None";
InputSlot = "Auto";
MediaType = "Plain";
OptionDuplex = "False";
OutputMode = "Normal";
PageSize = "A4";
{ pkgs, config, secrets, ... }: {
# Required for sane
boot.kernelModules = [ "sg" "usblp" ];

hardware = {
printers.ensurePrinters = [{
name = "Default";

# lpinfo -v
deviceUri = "hp:/usb/ENVY_4500_series?serial=CN4CS2325205X4";

# lpinfo -m
model = "HP/hp-envy_4500_series.ppd.gz";

# lpoptions -p Default -l
ppdOptions = {
ColorModel = "KGray";
Duplex = "None";
InputSlot = "Auto";
MediaType = "Plain";
OptionDuplex = "False";
OutputMode = "Normal";
PageSize = "A4";
};
}];

sane = {
enable = true;

extraBackends = [ pkgs.hplipWithPlugin ];
};
}];
};

services = {
# lsusb
Expand Down Expand Up @@ -48,6 +59,10 @@
'';
};

saned.enable = true;

scanservjs.enable = true;

avahi = {
enable = true;

Expand All @@ -61,5 +76,31 @@
userServices = true;
};
};

infomaniak = {
enable = true;

username = secrets.infomaniak.username;
password = secrets.infomaniak.password;
hostnames = [ "scanner.00a.ch" ];
};

nginx = {
enable = true;

virtualHosts."scanner.00a.ch" = {
enableACME = true;
forceSSL = true;

locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.scanservjs.settings.port}";

extraConfig = ''
allow 192.168.1.0/24;
deny all;
'';
};
};
};
};
}
6 changes: 6 additions & 0 deletions configuration/devices/headless/router/adguardhome.nix
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,12 @@ in {
] ++ (map (domain: {
inherit domain;
answer = "${config.networking.hostName}.local";
}) config.services.infomaniak.hostnames) ++ (map (domain: {
inherit domain;
answer = "XXLPitu-Ulquiorra.local";
}) [ "scanner.00a.ch" ]) ++ (map (domain: {
inherit domain;
answer = "${config.networking.hostName}.local";
}) config.services.infomaniak.hostnames) ++ (map (domain: {
inherit domain;
answer = "XXLPitu-Server.local";
Expand Down
46 changes: 32 additions & 14 deletions configuration/devices/headless/router/web-proxy.nix
Original file line number Diff line number Diff line change
@@ -1,25 +1,50 @@
{ config, lib, ... }: {
{ config, lib, ... }:
let
getRoutings = host: domains:
let getRouting = host: domain: "${domain} ${host};";
in lib.concatStringsSep "\n" (map (domain: getRouting host domain) domains);

getVirtualHosts = hostName: domains:
lib.listToAttrs (map (domain:
lib.nameValuePair domain {
listen = map (addr: {
inherit addr;
port = config.services.nginx.defaultHTTPListenPort;
}) config.services.nginx.defaultListenAddresses;

locations."/".proxyPass = "http://${hostName}:80";
}) domains);

ulquiorraDomains = [ "scanner.00a.ch" ];
serverDomains = [ "*.00a.ch" ];

localDomains = let filter = virtualHost: builtins.all (domain: virtualHost != domain) (ulquiorraDomains ++ serverDomains);
in lib.filter filter (lib.attrNames config.services.nginx.virtualHosts);
in {
services.nginx = {
enable = true;

defaultSSLListenPort = 9443;

streamConfig = let
domains = lib.attrNames config.services.nginx.virtualHosts;
localRoutings = map (domain: "${domain} ${config.networking.hostName};") (lib.filter (domain: domain != "*.00a.ch") domains);
in ''
streamConfig = ''
resolver 127.0.0.1;
upstream ${config.networking.hostName} {
server 127.0.0.1:${toString config.services.nginx.defaultSSLListenPort};
}
upstream XXLPitu-Ulquiorra {
server XXLPitu-Ulquiorra.local:443;
}
upstream XXLPitu-Server {
server XXLPitu-Server.local:443;
}
map $ssl_preread_server_name $upstream {
${lib.concatStringsSep "\n" localRoutings}
${getRoutings config.networking.hostName localDomains}
${getRoutings "XXLPitu-Ulquiorra" ulquiorraDomains}
default XXLPitu-Server;
}
Expand All @@ -33,13 +58,6 @@
}
'';

virtualHosts."*.00a.ch" = {
listen = map (addr: {
inherit addr;
port = config.services.nginx.defaultHTTPListenPort;
}) config.services.nginx.defaultListenAddresses;

locations."/".proxyPass = "http://XXLPitu-Server.local:80";
};
virtualHosts = (getVirtualHosts "XXLPitu-Ulquiorra.local" ulquiorraDomains) // (getVirtualHosts "XXLPitu-Server.local" serverDomains);
};
}
18 changes: 18 additions & 0 deletions modules/default/scanservjs.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# TODO remove when merged https://nixpk.gs/pr-tracker.html?pr=249806

let
src = let
owner = "NixOS";
repo = "nixpkgs";
rev = "c861052eab51de685f2286ce75d6e67395f6eae5";
sha256 = "sha256:1j3drcp4mizf90dcpvnfajx1b49m8ijfq7w6a53kyfgx22r1x51i";
in builtins.fetchTarball {
name = "nixpkgs";
url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz";
inherit sha256;
};
in {
imports = [ "${src}/nixos/modules/services/hardware/scanservjs.nix" ];

nixpkgs.overlays = [ (_: super: { scanservjs = super.callPackage "${src}/pkgs/applications/graphics/scanservjs/default.nix" { }; }) ];
}
2 changes: 0 additions & 2 deletions modules/profiles/printing.nix
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,4 @@
nssmdns6 = true;
};
};

environment.systemPackages = [ pkgs.simple-scan ];
}

0 comments on commit ab4f443

Please sign in to comment.