48 lines
1.4 KiB
Nix
48 lines
1.4 KiB
Nix
{ lib, config, ... }:
|
|
let
|
|
cfg = config.my.servers.stash;
|
|
setup = import ./setup.nix { inherit lib config; };
|
|
in
|
|
{
|
|
options.my.servers.stash = setup.mkOptions "stash" "xxx" 9999;
|
|
config = {
|
|
sops.secrets = lib.mkIf cfg.enable {
|
|
"stash/password".sopsFile = ../../secrets/env.yaml;
|
|
"stash/jwt".sopsFile = ../../secrets/env.yaml;
|
|
"stash/session".sopsFile = ../../secrets/env.yaml;
|
|
};
|
|
services = {
|
|
stash = lib.mkIf cfg.enable {
|
|
enable = true;
|
|
group = "piracy";
|
|
openFirewall = !cfg.isLocal;
|
|
mutableSettings = true;
|
|
username = "Suing8150";
|
|
passwordFile = config.sops.secrets."stash/password".path;
|
|
jwtSecretKeyFile = config.sops.secrets."stash/jwt".path;
|
|
sessionStoreKeyFile = config.sops.secrets."stash/session".path;
|
|
settings = {
|
|
inherit (cfg) port;
|
|
write_image_thumbnails = true;
|
|
sound_on_preview = false;
|
|
preview_audio = false;
|
|
parallel_tasks = 8;
|
|
nobrowser = true;
|
|
plugins_path = /var/lib/stash/plugins;
|
|
stash = [
|
|
{
|
|
Path = "/srv/pool/glue";
|
|
ExcludeImage = false;
|
|
}
|
|
{
|
|
Path = "/home/jawz/Backups/pool_old/glue";
|
|
ExcludeImage = false;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg);
|
|
};
|
|
};
|
|
}
|