{ config, pkgs, lib, ... }: let cfg = config.services.microbin; domain = "p.feal.no"; address = "127.0.1.2"; max_upload_mb = 1024; port = 5006; in { services.microbin = { enable = true; passwordFile = config.sops.secrets."microbin/secrets".path; settings = { MICROBIN_BIND = address; MICROBIN_DISABLE_TELEMETRY = true; MICROBIN_ENABLE_BURN_AFTER = true; MICROBIN_ETERNAL_PASTA = true; MICROBIN_FOOTER_TEXT = "Be nice or go away"; MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB = max_upload_mb; MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB = max_upload_mb; MICROBIN_PORT = port; MICROBIN_PUBLIC_PATH = "https://${domain}/"; MICROBIN_QR = true; MICROBIN_TITLE = "felixalbs pasta collection"; }; }; sops.secrets."microbin/secrets" = { }; services.nginx.virtualHosts."${domain}" = { forceSSL = true; enableACME = true; listen = [ { addr = "192.168.10.175"; port = 43443; ssl = true; } { addr = "192.168.10.175"; port = 43080; ssl = false; } ]; extraConfig = '' client_max_body_size ${toString max_upload_mb}M; ''; locations."/" = { proxyPass = "http://${address}:${toString port}"; }; }; }