nox: add microbin
This commit is contained in:
parent
cbd38fc8f4
commit
1b052f57af
|
@ -37,6 +37,7 @@
|
||||||
../../profiles/web/services/netdata.nix
|
../../profiles/web/services/netdata.nix
|
||||||
../../profiles/web/services/nitter.nix
|
../../profiles/web/services/nitter.nix
|
||||||
#../../profiles/web/services/ntopng.nix
|
#../../profiles/web/services/ntopng.nix
|
||||||
|
../../profiles/web/services/microbin.nix
|
||||||
#../../profiles/web/services/owncast.nix
|
#../../profiles/web/services/owncast.nix
|
||||||
#../../profiles/web/services/paperless.nix
|
#../../profiles/web/services/paperless.nix
|
||||||
../../profiles/web/services/polaris.nix
|
../../profiles/web/services/polaris.nix
|
||||||
|
@ -83,6 +84,7 @@
|
||||||
services.domeneshop-updater.targets = [
|
services.domeneshop-updater.targets = [
|
||||||
"pbsds.net"
|
"pbsds.net"
|
||||||
"olavtr.pbsds.net"
|
"olavtr.pbsds.net"
|
||||||
|
"kuklef.se"
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO: remove? Move to where relevant?
|
# TODO: remove? Move to where relevant?
|
||||||
|
|
|
@ -4,13 +4,12 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
_module.args.mkDomain = mkDomain;
|
_module.args.mkDomain = mkDomain;
|
||||||
_module.args.allSubdomains = lib.sort (x: y: x<y) ( # TODO: deduplicate <-
|
_module.args.allSubdomains = lib.pipe config.services.nginx.virtualHosts [
|
||||||
lib.flatten (
|
(lib.mapAttrsToList (domain: vhost: [ domain ] ++ vhost.serverAliases))
|
||||||
lib.mapAttrsToList
|
(lib.mapAttrsToList (domain: vhost: [ domain ]))
|
||||||
(k: v: [k] ++ v.serverAliases)
|
lib.flatten
|
||||||
config.services.nginx.virtualHosts
|
(lib.sort (x: y: x<y))
|
||||||
)
|
];
|
||||||
);
|
|
||||||
|
|
||||||
security.acme.acceptTerms = true;
|
security.acme.acceptTerms = true;
|
||||||
security.acme.defaults.email = "pbsds+acme@hotmail.com";
|
security.acme.defaults.email = "pbsds+acme@hotmail.com";
|
||||||
|
|
|
@ -3,14 +3,17 @@ let
|
||||||
# TODO: support fully qualified urls as well
|
# TODO: support fully qualified urls as well
|
||||||
customDescriptions = rec {
|
customDescriptions = rec {
|
||||||
index = "This page";
|
index = "This page";
|
||||||
links = "Linktree";
|
"links.pbsds.net" = "Linktree";
|
||||||
element = pkgs.element-web.meta.description;
|
"i.kuklef.se" = pkgs.microbin.meta.description;
|
||||||
|
www = "wwwwwwwwwwwwwww";
|
||||||
|
${config.networking.fqdn} = www;
|
||||||
|
|
||||||
refleksjon = "My dad is a cheapskate";
|
refleksjon = "My dad is a cheapskate";
|
||||||
roroslyd = "My dad is a cheapskate";
|
roroslyd = "My dad is a cheapskate";
|
||||||
www = "wwwwwwwwwwwwwww";
|
|
||||||
${config.networking.hostName} = www;
|
|
||||||
shlink = "Url shortener";
|
|
||||||
docs = "Various documentation";
|
docs = "Various documentation";
|
||||||
|
element = pkgs.element-web.meta.description;
|
||||||
|
shlink = "Url shortener";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -23,14 +26,18 @@ in
|
||||||
root = with lib; let
|
root = with lib; let
|
||||||
getName = domain: head (lib.splitString "." domain);
|
getName = domain: head (lib.splitString "." domain);
|
||||||
getDomain = domain: concatStringsSep "." (tail (lib.splitString "." domain));
|
getDomain = domain: concatStringsSep "." (tail (lib.splitString "." domain));
|
||||||
getDesc = domain: let
|
getDesc = domain:
|
||||||
|
let
|
||||||
name = getName domain;
|
name = getName domain;
|
||||||
in if lib.hasAttr name customDescriptions
|
in
|
||||||
|
if lib.hasAttr domain customDescriptions
|
||||||
|
then customDescriptions.${domain}
|
||||||
|
else if lib.hasAttr name customDescriptions
|
||||||
then customDescriptions.${name}
|
then customDescriptions.${name}
|
||||||
else if lib.hasAttr name pkgs.python3Packages
|
|
||||||
then pkgs.python3Packages.${name}.meta.description
|
|
||||||
else if lib.hasAttr name pkgs
|
else if lib.hasAttr name pkgs
|
||||||
then pkgs.${name}.meta.description
|
then pkgs.${name}.meta.description
|
||||||
|
else if lib.hasAttr name pkgs.python3Packages
|
||||||
|
then pkgs.python3Packages.${name}.meta.description
|
||||||
else if lib.hasAttrByPath [name "package"] config.services
|
else if lib.hasAttrByPath [name "package"] config.services
|
||||||
then config.services.${name}.package.meta.description
|
then config.services.${name}.package.meta.description
|
||||||
else "";
|
else "";
|
||||||
|
|
|
@ -0,0 +1,58 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
name = "microbin";
|
||||||
|
user = name;
|
||||||
|
group = name;
|
||||||
|
host = "127.0.0.1";
|
||||||
|
port = 6743;
|
||||||
|
domain = "i.kuklef.se";
|
||||||
|
#domain = mkDomain "microbin";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
systemd.services.microbin = {
|
||||||
|
description = "Microbin - pastebin and url shortener";
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
after = ["network.target"];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = lib.escapeShellArgs [
|
||||||
|
"${pkgs.microbin}/bin/microbin"
|
||||||
|
"--title" "spis meg"
|
||||||
|
"--editable"
|
||||||
|
"--hide-footer"
|
||||||
|
"--highlightsyntax"
|
||||||
|
"--no-listing"
|
||||||
|
"--wide"
|
||||||
|
"--qr"
|
||||||
|
"--gc-days" "0"
|
||||||
|
"--enable-burn-after"
|
||||||
|
"-b" "${host}"
|
||||||
|
"-p" "${builtins.toString port}"
|
||||||
|
"--public-path" "https://${domain}/"
|
||||||
|
];
|
||||||
|
|
||||||
|
# https://github.com/szabodanika/microbin/issues/106
|
||||||
|
#EnvironmentFile = "/var/lib/secrets/microbin.env"; # TODO: sops
|
||||||
|
#Environment.MICROBIN_AUTH_USERNAME="foo";
|
||||||
|
#Environment.MICROBIN_AUTH_PASSWORD="bar";
|
||||||
|
|
||||||
|
DynamicUser = true;
|
||||||
|
StateDirectory = "microbin";
|
||||||
|
WorkingDirectory = "/var/lib/microbin";
|
||||||
|
Type = "simple";
|
||||||
|
Restart = "always";
|
||||||
|
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts.${domain} = {
|
||||||
|
forceSSL = true; # addSSL = true;
|
||||||
|
enableACME = true; #useACMEHost = acmeDomain;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://${host}:${toString port}";
|
||||||
|
#proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue