use hastebin nixos module
This commit is contained in:
Joakim Repomaa
@@ -1,17 +1,34 @@
|
||||
{ lib, pkgs, config, inputs, ... }:
|
||||
{ lib, config, inputs, ... }:
|
||||
let
|
||||
cfg = config.modules.services.bin;
|
||||
fqdn = "${cfg.subdomain}.${config.networking.domain}";
|
||||
KiB = 1024;
|
||||
MiB = 1024 * KiB;
|
||||
GiB = 1024 * MiB;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
inputs.hastebin.nixosModules.default
|
||||
];
|
||||
|
||||
options.modules.services.bin = {
|
||||
enable = lib.mkEnableOption "Enable Rustypaste";
|
||||
subdomain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 3600;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.hastebin = {
|
||||
enable = true;
|
||||
settings = {
|
||||
port = cfg.port;
|
||||
host = "::1";
|
||||
max_size = 1 * GiB;
|
||||
default_extension = "txt";
|
||||
data_dir = "/var/lib/hastebin";
|
||||
mime_overrides = {
|
||||
"text/plain" = [
|
||||
"log"
|
||||
@@ -30,41 +47,6 @@ let
|
||||
};
|
||||
auth_tokens_file = "/var/secrets/hastebin-tokens";
|
||||
};
|
||||
|
||||
hastebinConfig = (pkgs.formats.yaml { }).generate "hastebin.yml" settings;
|
||||
hastebin = inputs.hastebin.packages.${pkgs.system}.default;
|
||||
in
|
||||
{
|
||||
options.modules.services.bin = {
|
||||
enable = lib.mkEnableOption "Enable Rustypaste";
|
||||
subdomain = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 3600;
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.hastebin = {
|
||||
enable = true;
|
||||
description = "Hastebin pastebin";
|
||||
environment = {
|
||||
HASTEBIN_CONFIG = hastebinConfig;
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStart = "${hastebin}/bin/hastebin";
|
||||
WorkingDirectory = "/var/lib/hastebin";
|
||||
StateDirectory = "hastebin";
|
||||
DynamicUser = true;
|
||||
BindReadOnlyPaths = [ "/var/secrets/hastebin-tokens" ];
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
confinement = {
|
||||
enable = true;
|
||||
packages = [ hastebinConfig ];
|
||||
};
|
||||
};
|
||||
|
||||
modules.services.webserver = {
|
||||
@@ -72,7 +54,7 @@ in
|
||||
vHosts.${fqdn}.locations."/" = {
|
||||
proxyPort = cfg.port;
|
||||
extraConfig = ''
|
||||
client_max_body_size ${toString (settings.max_size / MiB)}m;
|
||||
client_max_body_size ${toString (config.services.hastebin.settings.max_size / MiB)}m;
|
||||
proxy_send_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
send_timeout 300;
|
||||
|
||||
Reference in New Issue
Block a user