feat: pubserve

Signed-off-by: jolheiser <git@jolheiser.com>
main
jolheiser 2024-12-11 23:00:30 -06:00
parent 14e1946478
commit c59f51c041
No known key found for this signature in database
2 changed files with 69 additions and 0 deletions

View File

@ -13,6 +13,7 @@ in
./golink.nix
./gotosocial.nix
./miniserve.nix
./pubserve.nix
./restic.nix
./soju.nix
./tandoor.nix

View File

@ -0,0 +1,68 @@
{ pkgs, lib, ... }:
let
user = "pubserve";
path = "/var/lib/pubserve";
in
{
users.users.${user} = {
group = user;
home = path;
createHome = true;
isSystemUser = true;
isNormalUser = false;
};
users.groups.${user} = { };
systemd.services =
let
commonArgs = [
"-i '127.0.0.1'"
"-H"
"-D"
"-F"
"--hide-theme-selector"
"--readme"
path
];
in
{
pubserve = {
description = "Miniserve Public File Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve -t 'PubServe' -p 3454 ${lib.concatStringsSep " " commonArgs}";
Restart = "on-failure";
User = user;
Group = user;
};
};
privserve = {
description = "Miniserve Public File Server (Admin)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve -u -U -o -t 'PrivServe' -p 3455 ${lib.concatStringsSep " " commonArgs}";
Restart = "on-failure";
User = user;
Group = user;
};
};
};
services.tailproxy = {
pubserve = {
enable = true;
hostname = "pubserve";
funnel = true;
port = 3454;
authKey = "tskey-auth-kJrnknpMsL11CNTRL-ot1kkasErR2cLZZmfuKYR2b9za7fCzVR"; # One-time key
};
privserve = {
enable = true;
hostname = "privserve";
port = 3455;
authKey = "tskey-auth-kKFv865ykk11CNTRL-dfmxUREHP5evuuMsfPy55ehXECXrLF1N7"; # One-time key
};
};
}