You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
86 lines
2.5 KiB
Nix
86 lines
2.5 KiB
Nix
{
|
|
inputs = {
|
|
utils.url = "github:numtide/flake-utils";
|
|
naersk.url = "github:nix-community/naersk";
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
};
|
|
|
|
outputs = { self, utils, naersk, nixpkgs }:
|
|
utils.lib.eachSystem [
|
|
"x86_64-linux"
|
|
"aarch64-linux"
|
|
] (system:
|
|
let
|
|
pkgs = (import nixpkgs) {
|
|
inherit system;
|
|
};
|
|
|
|
naersk' = pkgs.callPackage naersk {};
|
|
|
|
in {
|
|
packages = {
|
|
default = naersk'.buildPackage {
|
|
nativeBuildInputs = with pkgs; [ glib gexiv2 pkg-config ];
|
|
src = ./.;
|
|
};
|
|
};
|
|
|
|
# For `nix develop` (optional, can be skipped):
|
|
devShell = pkgs.mkShell {
|
|
nativeBuildInputs = with pkgs; [ rustc cargo ];
|
|
};
|
|
}
|
|
) // {
|
|
nixosModule = {config, lib, pkgs, ... }:
|
|
with lib;
|
|
let cfg = config.ashe.services.tmpfiles;
|
|
|
|
in {
|
|
options.ashe.services.tmpfiles = {
|
|
enable = mkEnableOption "Enables the tmpfiles HTTP service";
|
|
|
|
port = mkOption rec {
|
|
type = types.int;
|
|
default = 8000;
|
|
example = default;
|
|
description = "The port for this service to listen on";
|
|
|
|
};
|
|
|
|
domain = mkOption rec {
|
|
type = types.str;
|
|
default = "files.tempest.dev";
|
|
example = default;
|
|
description = "The domain name for tmpfiles";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services."ashe.tmpfiles" = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = let pkg = self.packages.${pkgs.system}.default;
|
|
in {
|
|
Restart = "on-failure";
|
|
ExecStart = "${pkg}/bin/tempest-tmp";
|
|
DynamicUser = "yes";
|
|
StateDirectory = "ashe.tmpfiles";
|
|
StateDirectoryMode = "0700";
|
|
WorkingDirectory = "/var/lib/private/ashe.tmpfiles";
|
|
Environment = [
|
|
"ROCKET_LIMITS={file=15000000,data-form=15000000,form=15000000}"
|
|
"ROCKET_PORT=${toString cfg.port}"
|
|
];
|
|
};
|
|
};
|
|
|
|
services.nginx.virtualHosts.${cfg.domain} = {
|
|
locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|