Home

dotnix @homepage - refs - log -
-
https://git.jolheiser.com/dotnix.git
My nix dotfiles
dotnix / modules / tclip / default.nix
- raw
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
{ config, lib, ... }:
let
  cfg = config.services.tclip;
in
{
  options.services.tclip = {
    enable = lib.mkEnableOption "tclip service";

    hostname = lib.mkOption {
      type = lib.types.str;
      default = "paste";
      description = "The hostname to use on your tailnet";
    };

    dataLocation = lib.mkOption {
      type = lib.types.str;
      default = "/var/lib/tclip";
      description = "Where program data is stored";
    };

    tsnetVerbose = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = "Log verbosely to stderr";
    };

    useFunnel = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = "Expose pastes with tailscale funnel";
    };

    hideFunnelUsers = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = "Hide usernamd/image on funnel";
    };

    httpPort = lib.mkOption {
      type = lib.types.nullOr lib.types.port;
      default = null;
      description = "Expose pastes on an HTTP server at the given port";
    };

    controlURL = lib.mkOption {
      type = lib.types.nullOr lib.types.str;
      default = null;
      description = "Custom control server (e.g. headscale)";
    };

    disableHTTPS = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = "Disable serving on HTTPS";
    };

    package = lib.mkOption {
      type = lib.types.package;
      description = "The tclip package to use";
    };

    authKey = lib.mkOption {
      type = lib.types.nullOr lib.types.str;
      default = null;
      description = "Tailscale auth key";
    };
  };

  config = lib.mkIf cfg.enable {
    systemd.services.tclip = {
      description = "tclip Service";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        ExecStart =
          let
            args =
              lib.optionals (cfg.httpPort != null) [ "--http-port=${cfg.httpPort}" ]
              ++ lib.optionals (cfg.controlURL != null) [ "--control-url=${cfg.controlURL}" ]
              ++ [
                (lib.optionalString cfg.disableHTTPS "--disable-https")
                "--hostname=${cfg.hostname}"
                "--data-location=${cfg.dataLocation}"
                (lib.optionalString cfg.tsnetVerbose "--tsnet-verbose")
                (lib.optionalString cfg.useFunnel "--use-funnel")
                (lib.optionalString cfg.hideFunnelUsers "--hide-funnel-users")
              ];
          in
          "${cfg.package}/bin/tclipd ${lib.concatStringsSep " " args}";
        Restart = "always";
        User = "tclip";
        Group = "tclip";
        Environment = [ "TS_AUTHKEY=${cfg.authKey}" ];
      };
    };

    # Create user and group
    users.users.tclip = {
      isSystemUser = true;
      group = "tclip";
      home = cfg.dataLocation;
      createHome = true;
    };

    users.groups.tclip = { };
  };
}