Home

dotnix @main - refs - log -
- 
https://git.jolheiser.com/dotnix.git
My nix dotfiles
tree log patch
feat: pubserve Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQCeeWf/ulKAac48VN3ULEPYsEVkRDwL33m+Vj4j4dVBpyBNEEQcWPvlEd9H43Fq9cA rNXGHmJREXsoEXuUUxZAk= -----END SSH SIGNATURE-----
jolheiser <git@jolheiser.com>
1 week ago
2 changed files, 69 additions(+), 0 deletions(-)
M machines/dragonwell/default.nix -> machines/dragonwell/default.nix
diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index c452874938790858dfe20d7c4d7b1259170175da..825c922173caee708188a9830a265085a2b31022 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -13,6 +13,7 @@     ./git-pr.nix
     ./golink.nix
     ./gotosocial.nix
     ./miniserve.nix
+    ./pubserve.nix
     ./restic.nix
     ./soju.nix
     ./tandoor.nix
I machines/dragonwell/pubserve.nix
diff --git a/machines/dragonwell/pubserve.nix b/machines/dragonwell/pubserve.nix
new file mode 100644
index 0000000000000000000000000000000000000000..ed05fc5ce2adb9a5209ab2ff4ab2174ac2684fdc
--- /dev/null
+++ b/machines/dragonwell/pubserve.nix
@@ -0,0 +1,68 @@
+{ pkgs, lib, ... }:
+let
+  user = "pubserve";
+  path = "/var/lib/pubserve";
+in
+{
+  users.users.${user} = {
+    group = user;
+    home = path;
+    createHome = true;
+    isSystemUser = true;
+    isNormalUser = false;
+
+  };
+  users.groups.${user} = { };
+
+  systemd.services =
+    let
+      commonArgs = [
+        "-i '127.0.0.1'"
+        "-H"
+        "-D"
+        "-F"
+        "--hide-theme-selector"
+        "--readme"
+        path
+      ];
+    in
+    {
+      pubserve = {
+        description = "Miniserve Public File Server";
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        serviceConfig = {
+          ExecStart = "${pkgs.miniserve}/bin/miniserve -t 'PubServe' -p 3454 ${lib.concatStringsSep " " commonArgs}";
+          Restart = "on-failure";
+          User = user;
+          Group = user;
+        };
+      };
+      privserve = {
+        description = "Miniserve Public File Server (Admin)";
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        serviceConfig = {
+          ExecStart = "${pkgs.miniserve}/bin/miniserve -u -U -o -t 'PrivServe' -p 3455 ${lib.concatStringsSep " " commonArgs}";
+          Restart = "on-failure";
+          User = user;
+          Group = user;
+        };
+      };
+    };
+  services.tailproxy = {
+    pubserve = {
+      enable = true;
+      hostname = "pubserve";
+      funnel = true;
+      port = 3454;
+      authKey = "tskey-auth-kJrnknpMsL11CNTRL-ot1kkasErR2cLZZmfuKYR2b9za7fCzVR"; # One-time key
+    };
+    privserve = {
+      enable = true;
+      hostname = "privserve";
+      port = 3455;
+      authKey = "tskey-auth-kKFv865ykk11CNTRL-dfmxUREHP5evuuMsfPy55ehXECXrLF1N7"; # One-time key
+    };
+  };
+}