34 lines
944 B
Nix
34 lines
944 B
Nix
{ lib, config, ... }:
|
|
let
|
|
cfg = config.my.servers.stash;
|
|
setup = import ./setup.nix { inherit lib config; };
|
|
in
|
|
{
|
|
options.my.servers.stash = setup.mkOptions "stash" "xxx" 9999;
|
|
config = {
|
|
sops.secrets = lib.mkIf cfg.enable {
|
|
"stash/password".sopsFile = ../../secrets/env.yaml;
|
|
"stash/jwt".sopsFile = ../../secrets/env.yaml;
|
|
"stash/session".sopsFile = ../../secrets/env.yaml;
|
|
};
|
|
services.stash = lib.mkIf cfg.enable {
|
|
enable = true;
|
|
group = "piracy";
|
|
mutableSettings = true;
|
|
username = "Suing8150";
|
|
passwordFile = config.sops.secrets."stash/password".path;
|
|
jwtSecretKeyFile = config.sops.secrets."stash/jwt".path;
|
|
sessionStoreKeyFile = config.sops.secrets."stash/session".path;
|
|
settings = {
|
|
inherit (cfg) port;
|
|
host = "0.0.0.0";
|
|
stash = [
|
|
{
|
|
path = "/srv/pool/glue/";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|