{ config, pkgs, lib, ... }:
let
cfg = config.myServices.websites.tools.cryptpad;
envCfg = config.myEnv.tools.cryptpad.immaeEu;
domain = "cryptpad.immae.eu";
port = envCfg.port;
configFile = pkgs.writeText "config.js" ''
// ${pkgs.cryptpad}/lib/node_modules/cryptpad/config/config.example.js
module.exports = {
httpUnsafeOrigin: 'https://${domain}',
httpPort: ${toString port},
adminEmail: '${envCfg.email}',
filePath: './datastore/',
archivePath: './data/archive',
pinPath: './data/pins',
taskPath: './data/tasks',
blockPath: './block',
blobPath: './blob',
blobStagingPath: './data/blobstage',
decreePath: './data/decrees',
logPath: './data/logs',
logToStdout: false,
logLevel: 'info',
logFeedback: false,
verbose: false,
inactiveTime: false,
maxUploadSize: 100 * 1024 * 1024,
adminKeys: ${builtins.toJSON envCfg.admins},
};
'';
in
{
options.myServices.websites.tools.cryptpad.enable = lib.mkEnableOption "Enable Cryptpad";
config = lib.mkIf cfg.enable {
myServices.tools.cryptpad.farm.hosts.immaeEu = {
inherit domain port;
config = configFile;
};
services.websites.env.tools.modules = [ "proxy_wstunnel" ];
services.websites.env.tools.vhostConfs.cryptpad = {
certName = "eldiron";
addToCerts = true;
hosts = [domain];
root = config.myServices.tools.cryptpad.farm.vhostRoots.immaeEu;
extraConfig = [
config.myServices.tools.cryptpad.farm.vhosts.immaeEu
];
};
};
}
