Infra/proxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
proxy/validation/endpoints.nix
Katharina Heidenreich eee6905637 feat: add livekit
2026-04-05 20:25:28 +02:00

63 lines
No EOL
2.7 KiB
Nix
Raw Blame History

let
lib = import <nixpkgs/lib>;
tunnelPorts = import ./tunnel_ports.nix;
assertAttrset = context: value:
if builtins.isAttrs value then
value
else
throw "${context} must be an attrset.";
assertString = context: value:
if builtins.isString value && value != "" then
value
else
throw "${context} must be a non-empty string.";
assertInt = context: value:
if builtins.isInt value then
value
else
throw "${context} must be an int.";
validateForwarding = index: endpoint:
let
content = assertAttrset "config/endpoints.nix[${toString index}].content" endpoint.content;
_ = assertInt "config/endpoints.nix[${toString index}].content.port" content.port;
__ = if tunnelPorts.isAllowedTunnelPort content.port then null else throw "config/endpoints.nix[${toString index}].content.port is not in config/network.nix tunnel.allowedPorts.";
___ = if !(content ? tls) || builtins.isBool content.tls then null else throw "config/endpoints.nix[${toString index}].content.tls must be a bool.";
in
endpoint;
validateProxy = index: endpoint:
let
content = assertAttrset "config/endpoints.nix[${toString index}].content" endpoint.content;
_ = assertString "config/endpoints.nix[${toString index}].endpoint" endpoint.endpoint;
__ = assertString "config/endpoints.nix[${toString index}].content.host" content.host;
___ = assertInt "config/endpoints.nix[${toString index}].content.port" content.port;
____ = if !(endpoint ? force_ssl) || builtins.isBool endpoint.force_ssl then null else throw "config/endpoints.nix[${toString index}].force_ssl must be a bool.";
_____ = if !(content ? websocket) || builtins.isBool content.websocket then null else throw "config/endpoints.nix[${toString index}].content.websocket must be a bool.";
in
endpoint;
validateEndpoint = index: endpoint:
let
_ = assertAttrset "config/endpoints.nix[${toString index}]" endpoint;
__ = if endpoint ? type && (endpoint.type == "forwarding" || endpoint.type == "proxy") then null else throw "config/endpoints.nix[${toString index}].type must be \"forwarding\" or \"proxy\".";
___ = assertInt "config/endpoints.nix[${toString index}].listenPort" endpoint.listenPort;
____ = assertString "config/endpoints.nix[${toString index}].domain" endpoint.domain;
in
if endpoint.type == "forwarding" then
validateForwarding index endpoint
else
validateProxy index endpoint;
getEndpointsConfig = endpoints:
if builtins.isList endpoints then
lib.imap0 validateEndpoint endpoints
else
throw "config/endpoints.nix must evaluate to a list.";
in
{
inherit getEndpointsConfig;
}
Reference in a new issue View git blame Copy permalink