nixos-config/hosts/defiant/services/microbin.nix

48 lines
1.2 KiB
Nix

{ config, pkgs, lib, ... }:
let
cfg = config.services.microbin;
domain = "p.feal.no";
address = "127.0.1.2";
max_upload_mb = 1024;
port = 5006;
in {
services.microbin = {
enable = true;
passwordFile = config.sops.secrets."microbin/secrets".path;
settings = {
MICROBIN_BIND = address;
MICROBIN_DISABLE_TELEMETRY = true;
MICROBIN_ENABLE_BURN_AFTER = true;
MICROBIN_ETERNAL_PASTA = true;
MICROBIN_FOOTER_TEXT = "Be nice or go away";
MICROBIN_MAX_FILE_SIZE_ENCRYPTED_MB = max_upload_mb;
MICROBIN_MAX_FILE_SIZE_UNENCRYPTED_MB = max_upload_mb;
MICROBIN_PORT = port;
MICROBIN_PUBLIC_PATH = "https://${domain}/";
MICROBIN_QR = true;
MICROBIN_TITLE = "felixalbs pasta collection";
};
};
sops.secrets."microbin/secrets" = { };
services.nginx.virtualHosts."${domain}" = {
forceSSL = true;
enableACME = true;
listen = [
{ addr = "192.168.10.175"; port = 43443; ssl = true; }
{ addr = "192.168.10.175"; port = 43080; ssl = false; }
];
extraConfig = ''
client_max_body_size ${toString max_upload_mb}M;
'';
locations."/" = {
proxyPass = "http://${address}:${toString port}";
};
};
}