66 lines
1.7 KiB
Nix
66 lines
1.7 KiB
Nix
{ config, lib, pkgs, ... }@inputs:
|
|
|
|
let cfg = config.sydnix.deertopia.copyparty;
|
|
in {
|
|
options.sydnix.deertopia.copyparty = {
|
|
enable = lib.mkEnableOption "Copyparty";
|
|
port = lib.mkOption {
|
|
type = lib.types.port;
|
|
description = ''
|
|
Port on which Copyparty is to listen.
|
|
'';
|
|
default = 3923;
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
sydnix.impermanence.directories = [
|
|
];
|
|
|
|
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
|
|
|
|
# HACK: Ad-hoc permissions, as typical.
|
|
users.users.copyparty.extraGroups = [ "jellyfin" ];
|
|
|
|
# HACK: Make files created by copypaste.service initialise with the mode
|
|
# 775.
|
|
systemd.services.copyparty.serviceConfig.UMask = lib.mkForce "002";
|
|
|
|
services.copyparty = {
|
|
enable = true;
|
|
settings = {
|
|
# These three options are necessary for SSO integration. No idea what
|
|
# they do. }:)
|
|
xff-src = "lan";
|
|
idp-h-usr = "remote-user";
|
|
idp-h-grp = "remote-groups";
|
|
};
|
|
volumes = {
|
|
"/Jellyfin" = {
|
|
path = "/persist/vault/jellyfin";
|
|
# View and upload, but no deleting.
|
|
access.rw = "*";
|
|
};
|
|
};
|
|
};
|
|
|
|
sydnix.deertopia.nginx.vhosts."files" = {
|
|
directory = null;
|
|
vhost = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
extraConfig = ''
|
|
include ${./authelia/authelia-location.conf};
|
|
# Increase limit of upload sizes.
|
|
client_max_body_size 20G;
|
|
'';
|
|
locations."/".extraConfig = ''
|
|
include ${./authelia/authelia-authrequest.conf};
|
|
include ${./authelia/proxy.conf};
|
|
proxy_pass http://localhost:${builtins.toString cfg.port};
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|