mastodon = ./webapps/mastodon.nix;
mediagoblin = ./webapps/mediagoblin.nix;
peertube = ./webapps/peertube.nix;
+ fiche = ./webapps/fiche.nix;
opendmarc = ./opendmarc.nix;
openarc = ./openarc.nix;
(ldap.apache.vhostConf pcfg.ldap.socket)
(kanboard.apache.vhostConf pcfg.kanboard.socket)
(grocy.apache.vhostConf pcfg.grocy.socket)
+ ''
+ Alias /paste /var/lib/fiche
+ <Directory "/var/lib/fiche">
+ DirectoryIndex index.txt index.html
+ AllowOverride None
+ Require all granted
+ Options -Indexes
+ </Directory>
+ ''
];
};
restart = true;
paths = [ "/var/secrets/webapps/tools-wallabag" ];
};
+
+ services.fiche = {
+ enable = true;
+ port = config.myEnv.ports.fiche;
+ domain = "tools.immae.eu/paste";
+ https = true;
+ };
};
}
--- /dev/null
+{ lib, pkgs, config, ... }:
+let
+ cfg = config.services.fiche;
+in
+{
+ options.services.fiche = {
+ enable = lib.mkEnableOption "Enable fiche’s service";
+ port = lib.mkOption {
+ type = lib.types.port;
+ description = "Port to listen to";
+ };
+ domain = lib.mkOption {
+ type = lib.types.str;
+ description = "Domain";
+ };
+ dataDir = lib.mkOption {
+ type = lib.types.path;
+ default = "/var/lib/fiche";
+ description = "Directory where to place the pastes";
+ };
+ https = lib.mkEnableOption "Use https";
+ };
+
+ config = lib.mkIf cfg.enable {
+ networking.firewall.allowedTCPPorts = [ cfg.port ];
+
+
+ system.activationScripts.fiche = ''
+ mkdir -p /var/lib/fiche
+ '';
+ systemd.services.fiche = {
+ description = "Fiche server";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+
+ script = ''
+ exec ${pkgs.fiche}/bin/fiche -o ${cfg.dataDir} -d ${cfg.domain} ${lib.optionalString cfg.https "-S "} -p ${builtins.toString cfg.port}
+ '';
+
+ serviceConfig = {
+ ExecStartPre = [
+ "+${pkgs.coreutils}/bin/install -m 0755 -o fiche -d /var/lib/fiche"
+ ];
+ DynamicUser = true;
+ User = "fiche";
+ PrivateTmp = true;
+ Restart = "always";
+ WorkingDirectory = cfg.dataDir;
+ ReadWritePaths = cfg.dataDir;
+ };
+ };
+ };
+}
--- /dev/null
+{
+ "tag": "4bba916-master",
+ "meta": {
+ "name": "fiche",
+ "url": "https://github.com/solusipse/fiche",
+ "branch": "master"
+ },
+ "github": {
+ "owner": "solusipse",
+ "repo": "fiche",
+ "rev": "4bba916e0f4a54d98a3947df7e2d0714d92a8bab",
+ "sha256": "060pxn8ns2zqszv1dlf7zcaf42avn9svya6irwy5d1ry29hp2ds9",
+ "fetchSubmodules": true
+ }
+}