dotnix/machines/dragonwell/pubserve.nix

69 lines
1.7 KiB
Nix

{ pkgs, lib, ... }:
let
user = "pubserve";
path = "/var/lib/pubserve";
in
{
users.users.${user} = {
group = user;
home = path;
createHome = true;
isSystemUser = true;
isNormalUser = false;
};
users.groups.${user} = { };
systemd.services =
let
commonArgs = [
"-i '127.0.0.1'"
"-H"
"-D"
"-F"
"--hide-theme-selector"
"--readme"
path
];
in
{
pubserve = {
description = "Miniserve Public File Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve -t 'PubServe' -p 3454 ${lib.concatStringsSep " " commonArgs}";
Restart = "on-failure";
User = user;
Group = user;
};
};
privserve = {
description = "Miniserve Public File Server (Admin)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.miniserve}/bin/miniserve -u -U -o -t 'PrivServe' -p 3455 ${lib.concatStringsSep " " commonArgs}";
Restart = "on-failure";
User = user;
Group = user;
};
};
};
services.tailproxy = {
pubserve = {
enable = true;
hostname = "pubserve";
funnel = true;
port = 3454;
authKey = "tskey-auth-kJrnknpMsL11CNTRL-ot1kkasErR2cLZZmfuKYR2b9za7fCzVR"; # One-time key
};
privserve = {
enable = true;
hostname = "privserve";
port = 3455;
authKey = "tskey-auth-kKFv865ykk11CNTRL-dfmxUREHP5evuuMsfPy55ehXECXrLF1N7"; # One-time key
};
};
}