34 lines
983 B
Nix
34 lines
983 B
Nix
{ lib, config, ... }:
|
|
let
|
|
cfg = config.my.servers.stash;
|
|
setup = import ../factories/mkserver.nix { inherit lib config; };
|
|
in
|
|
{
|
|
options.my.servers.stash = setup.mkOptions "stash" "xxx" 9999;
|
|
config = lib.mkIf (cfg.enable && config.my.secureHost) {
|
|
sops.secrets = {
|
|
"stash/password".sopsFile = ../../secrets/secrets.yaml;
|
|
"stash/jwt".sopsFile = ../../secrets/secrets.yaml;
|
|
"stash/session".sopsFile = ../../secrets/secrets.yaml;
|
|
};
|
|
services.stash = {
|
|
inherit (cfg) enable;
|
|
group = "piracy";
|
|
mutableSettings = true;
|
|
username = "Suing8150";
|
|
passwordFile = config.sops.secrets."stash/password".path;
|
|
jwtSecretKeyFile = config.sops.secrets."stash/jwt".path;
|
|
sessionStoreKeyFile = config.sops.secrets."stash/session".path;
|
|
settings = {
|
|
inherit (cfg) port;
|
|
host = "0.0.0.0";
|
|
stash = [
|
|
{
|
|
path = "/srv/pool/glue/";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|