From 99e940770b61db350379d692df7cf3831ef4bd92 Mon Sep 17 00:00:00 2001
From: tdback <tyler@tdback.net>
Date: Sun, 26 Jan 2025 11:34:28 -0500
Subject: services: major overhaul on service modules

---
 modules/services/sftpgo/default.nix | 67 ++++++++++++++++++++++++++++---------
 1 file changed, 52 insertions(+), 15 deletions(-)

(limited to 'modules/services/sftpgo')

diff --git a/modules/services/sftpgo/default.nix b/modules/services/sftpgo/default.nix
index de8b5b1..ae0af24 100644
--- a/modules/services/sftpgo/default.nix
+++ b/modules/services/sftpgo/default.nix
@@ -4,23 +4,60 @@
   pkgs,
   ...
 }:
+with lib;
+let
+  cfg = config.modules.services.sftpgo;
+in
 {
-  services.sftpgo = {
-    enable = true;
-    package = pkgs.sftpgo;
-    settings = {
-      httpd.bindings = lib.singleton {
-        port = 8080;
-        address = "0.0.0.0";
-        enable_web_client = true;
-        enable_web_admin = true;
-      };
+  options.modules.services.sftpgo = {
+    enable = mkEnableOption "sftpgo";
+    port = mkOption {
+      default = 8080;
+      type = types.int;
+    };
+    url = mkOption {
+      default = null;
+      type = types.str;
+    };
+    dataDir = mkOption {
+      default = "/var/lib/sftpgo";
+      type = types.str;
     };
   };
 
-  services.caddy.virtualHosts."${config.networking.hostName}.brownbread.net".extraConfig = ''
-    root * /web/client
-    encode zstd gzip
-    reverse_proxy http://localhost:8080
-  '';
+  config =
+    let
+      caddy = cfg.url != null;
+    in
+    mkIf cfg.enable {
+      networking.firewall.allowedTCPPorts = mkIf caddy [
+        80
+        443
+      ];
+
+      services.caddy = mkIf caddy {
+        enable = true;
+        virtualHosts = {
+          ${cfg.url}.extraConfig = ''
+            root * /web/client
+            encode zstd gzip
+            reverse_proxy http://localhost:${builtins.toString cfg.port}
+          '';
+        };
+      };
+
+      services.sftpgo = {
+        enable = true;
+        package = pkgs.sftpgo;
+        dataDir = cfg.dataDir;
+        settings = {
+          httpd.bindings = lib.singleton {
+            port = cfg.port;
+            address = "0.0.0.0";
+            enable_web_client = true;
+            enable_web_admin = true;
+          };
+        };
+      };
+    };
 }
-- 
cgit v1.2.3