From 2e3649cc9d510224c3c4d77963d1ead0c8feb357 Mon Sep 17 00:00:00 2001
From: Guanran Wang <guanran928@outlook.com>
Date: Sat, 19 Oct 2024 13:00:06 +0800
Subject: [PATCH] nixos/ports: use _module.args

---
 hosts/aws/tyo0/default.nix               |  3 ++-
 hosts/aws/tyo0/ports.nix                 | 14 ++++++--------
 hosts/aws/tyo0/services/keycloak.nix     |  7 ++++---
 hosts/aws/tyo0/services/prometheus.nix   |  2 +-
 hosts/aws/tyo0/services/vaultwarden.nix  |  9 +++++++--
 hosts/aws/tyo0/services/wastebin.nix     |  4 ++--
 hosts/vultr/sin0/default.nix             |  3 ++-
 hosts/vultr/sin0/ports.nix               |  6 ++----
 hosts/vultr/sin0/services/ip-checker.nix |  4 ++--
 hosts/vultr/sin0/services/redlib.nix     |  4 ++--
 10 files changed, 30 insertions(+), 26 deletions(-)

diff --git a/hosts/aws/tyo0/default.nix b/hosts/aws/tyo0/default.nix
index 3e7f5ca..a0d08e9 100644
--- a/hosts/aws/tyo0/default.nix
+++ b/hosts/aws/tyo0/default.nix
@@ -9,7 +9,6 @@
   imports = [
     "${modulesPath}/virtualisation/amazon-image.nix"
     ./anti-feature.nix
-    ./ports.nix
 
     ./services/forgejo.nix
     ./services/keycloak.nix
@@ -23,6 +22,8 @@
     ../../../nixos/profiles/sing-box-server
   ];
 
+  _module.args.ports = import ./ports.nix;
+
   boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
   system.stateVersion = "24.05";
 
diff --git a/hosts/aws/tyo0/ports.nix b/hosts/aws/tyo0/ports.nix
index cfc8374..dad08c3 100644
--- a/hosts/aws/tyo0/ports.nix
+++ b/hosts/aws/tyo0/ports.nix
@@ -1,11 +1,9 @@
 {
-  lib.ports = {
-    keycloak = 8010;
-    vaultwarden = 8040;
-    wastebin = 8050;
+  keycloak = 8010;
+  vaultwarden = 8040;
+  wastebin = 8050;
 
-    prometheus = 9010;
-    blackbox = 9020;
-    alertmanager = 9030;
-  };
+  prometheus = 9010;
+  blackbox = 9020;
+  alertmanager = 9030;
 }
diff --git a/hosts/aws/tyo0/services/keycloak.nix b/hosts/aws/tyo0/services/keycloak.nix
index a73d65d..40e0e05 100644
--- a/hosts/aws/tyo0/services/keycloak.nix
+++ b/hosts/aws/tyo0/services/keycloak.nix
@@ -1,11 +1,11 @@
 {
   lib,
-  config,
   pkgs,
+  ports,
   ...
 }:
 let
-  port = config.lib.ports.keycloak;
+  port = ports.keycloak;
 in
 {
   services.keycloak = {
@@ -13,9 +13,10 @@ in
     settings = {
       cache = "local";
       hostname = "id.ny4.dev";
+      http-enabled = true;
       http-host = "127.0.0.1";
       http-port = port;
-      proxy = "edge";
+      proxy-headers = "xforwarded";
     };
     database.passwordFile = toString (pkgs.writeText "password" "keycloak");
   };
diff --git a/hosts/aws/tyo0/services/prometheus.nix b/hosts/aws/tyo0/services/prometheus.nix
index 9c7eb59..87650b0 100644
--- a/hosts/aws/tyo0/services/prometheus.nix
+++ b/hosts/aws/tyo0/services/prometheus.nix
@@ -3,10 +3,10 @@
   pkgs,
   config,
   nodes,
+  ports,
   ...
 }:
 let
-  inherit (config.lib) ports;
   targets = lib.mapAttrsToList (_name: node: node.fqdn) nodes ++ [ "pek0.ny4.dev" ];
 in
 {
diff --git a/hosts/aws/tyo0/services/vaultwarden.nix b/hosts/aws/tyo0/services/vaultwarden.nix
index 8afbc61..1b5582e 100644
--- a/hosts/aws/tyo0/services/vaultwarden.nix
+++ b/hosts/aws/tyo0/services/vaultwarden.nix
@@ -1,6 +1,11 @@
-{ lib, config, ... }:
+{
+  lib,
+  config,
+  ports,
+  ...
+}:
 let
-  port = config.lib.ports.vaultwarden;
+  port = ports.vaultwarden;
 in
 {
   services.vaultwarden = {
diff --git a/hosts/aws/tyo0/services/wastebin.nix b/hosts/aws/tyo0/services/wastebin.nix
index 12c4e32..554f4e8 100644
--- a/hosts/aws/tyo0/services/wastebin.nix
+++ b/hosts/aws/tyo0/services/wastebin.nix
@@ -1,6 +1,6 @@
-{ lib, config, ... }:
+{ lib, ports, ... }:
 let
-  port = config.lib.ports.wastebin;
+  port = ports.wastebin;
 in
 {
   services.wastebin = {
diff --git a/hosts/vultr/sin0/default.nix b/hosts/vultr/sin0/default.nix
index 7632191..9060003 100644
--- a/hosts/vultr/sin0/default.nix
+++ b/hosts/vultr/sin0/default.nix
@@ -2,7 +2,6 @@
 {
   imports = [
     ./anti-feature.nix
-    ./ports.nix
 
     ./services/telegram-bot/danbooru_img_bot.nix
     ./services/ip-checker.nix
@@ -11,6 +10,8 @@
     ../../../nixos/profiles/sing-box-server
   ];
 
+  _module.args.ports = import ./ports.nix;
+
   system.stateVersion = "24.05";
 
   networking.firewall.allowedUDPPorts = [ 443 ];
diff --git a/hosts/vultr/sin0/ports.nix b/hosts/vultr/sin0/ports.nix
index 7f5843e..5319df2 100644
--- a/hosts/vultr/sin0/ports.nix
+++ b/hosts/vultr/sin0/ports.nix
@@ -1,6 +1,4 @@
 {
-  lib.ports = {
-    redlib = 8010;
-    ip-checker = 8020;
-  };
+  redlib = 8010;
+  ip-checker = 8020;
 }
diff --git a/hosts/vultr/sin0/services/ip-checker.nix b/hosts/vultr/sin0/services/ip-checker.nix
index d813c97..9f1a871 100644
--- a/hosts/vultr/sin0/services/ip-checker.nix
+++ b/hosts/vultr/sin0/services/ip-checker.nix
@@ -2,11 +2,11 @@
   lib,
   pkgs,
   inputs,
-  config,
+  ports,
   ...
 }:
 let
-  port = config.lib.ports.ip-checker;
+  port = ports.ip-checker;
 in
 {
   systemd.services."ip-checker" = {
diff --git a/hosts/vultr/sin0/services/redlib.nix b/hosts/vultr/sin0/services/redlib.nix
index 6535037..f35533f 100644
--- a/hosts/vultr/sin0/services/redlib.nix
+++ b/hosts/vultr/sin0/services/redlib.nix
@@ -1,6 +1,6 @@
-{ lib, config, ... }:
+{ lib, ports, ... }:
 let
-  port = config.lib.ports.redlib;
+  port = ports.redlib;
 in
 {
   services.redlib = {