From 99e940770b61db350379d692df7cf3831ef4bd92 Mon Sep 17 00:00:00 2001 From: tdback Date: Sun, 26 Jan 2025 11:34:28 -0500 Subject: services: major overhaul on service modules --- modules/services/sftpgo/default.nix | 67 ++++++++++++++++++++++++++++--------- 1 file changed, 52 insertions(+), 15 deletions(-) (limited to 'modules/services/sftpgo/default.nix') diff --git a/modules/services/sftpgo/default.nix b/modules/services/sftpgo/default.nix index de8b5b1..ae0af24 100644 --- a/modules/services/sftpgo/default.nix +++ b/modules/services/sftpgo/default.nix @@ -4,23 +4,60 @@ pkgs, ... }: +with lib; +let + cfg = config.modules.services.sftpgo; +in { - services.sftpgo = { - enable = true; - package = pkgs.sftpgo; - settings = { - httpd.bindings = lib.singleton { - port = 8080; - address = "0.0.0.0"; - enable_web_client = true; - enable_web_admin = true; - }; + options.modules.services.sftpgo = { + enable = mkEnableOption "sftpgo"; + port = mkOption { + default = 8080; + type = types.int; + }; + url = mkOption { + default = null; + type = types.str; + }; + dataDir = mkOption { + default = "/var/lib/sftpgo"; + type = types.str; }; }; - services.caddy.virtualHosts."${config.networking.hostName}.brownbread.net".extraConfig = '' - root * /web/client - encode zstd gzip - reverse_proxy http://localhost:8080 - ''; + config = + let + caddy = cfg.url != null; + in + mkIf cfg.enable { + networking.firewall.allowedTCPPorts = mkIf caddy [ + 80 + 443 + ]; + + services.caddy = mkIf caddy { + enable = true; + virtualHosts = { + ${cfg.url}.extraConfig = '' + root * /web/client + encode zstd gzip + reverse_proxy http://localhost:${builtins.toString cfg.port} + ''; + }; + }; + + services.sftpgo = { + enable = true; + package = pkgs.sftpgo; + dataDir = cfg.dataDir; + settings = { + httpd.bindings = lib.singleton { + port = cfg.port; + address = "0.0.0.0"; + enable_web_client = true; + enable_web_admin = true; + }; + }; + }; + }; } -- cgit v1.2.3