2021-05-30 19:10:28 +00:00
|
|
|
{
|
2022-11-22 11:30:54 +00:00
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
with lib; let
|
|
|
|
|
cfg = config.pub-solar.core;
|
|
|
|
|
in {
|
2022-08-13 20:59:05 +00:00
|
|
|
options.pub-solar.core = {
|
2022-10-02 01:17:34 +00:00
|
|
|
enableCaddy = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = !cfg.lite;
|
|
|
|
|
};
|
|
|
|
|
enableHelp = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = !cfg.lite;
|
|
|
|
|
};
|
|
|
|
|
|
2021-05-30 19:10:28 +00:00
|
|
|
binaryCaches = mkOption {
|
|
|
|
|
type = types.listOf types.str;
|
2022-11-22 11:30:54 +00:00
|
|
|
default = [];
|
2021-05-30 19:10:28 +00:00
|
|
|
description = "Binary caches to use.";
|
|
|
|
|
};
|
|
|
|
|
publicKeys = mkOption {
|
|
|
|
|
type = types.listOf types.str;
|
2022-11-22 11:30:54 +00:00
|
|
|
default = [];
|
2021-05-30 19:10:28 +00:00
|
|
|
description = "Public keys of binary caches.";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
config = {
|
2023-01-28 14:13:47 +00:00
|
|
|
# disable NetworkManager and systemd-networkd -wait-online by default
|
2022-08-24 16:19:03 +00:00
|
|
|
systemd.services.NetworkManager-wait-online.enable = lib.mkDefault false;
|
2023-01-28 14:13:47 +00:00
|
|
|
systemd.services.systemd-networkd-wait-online.enable = lib.mkDefault false;
|
2022-08-24 16:19:03 +00:00
|
|
|
|
2021-05-30 19:10:28 +00:00
|
|
|
networking.networkmanager = {
|
|
|
|
|
# Enable networkmanager. REMEMBER to add yourself to group in order to use nm related stuff.
|
|
|
|
|
enable = true;
|
2022-10-17 20:15:22 +00:00
|
|
|
# not as stable as wpa_supplicant yet, also more trouble with 5 GHz networks
|
|
|
|
|
#wifi.backend = "iwd";
|
2021-05-30 19:10:28 +00:00
|
|
|
};
|
|
|
|
|
|
2022-10-03 01:57:34 +00:00
|
|
|
networking.firewall.enable = true;
|
|
|
|
|
|
2021-05-30 19:10:28 +00:00
|
|
|
# Customized binary caches list (with fallback to official binary cache)
|
2022-11-22 11:30:54 +00:00
|
|
|
nix.settings.substituters = cfg.binaryCaches;
|
|
|
|
|
nix.settings.trusted-public-keys = cfg.publicKeys;
|
2021-05-30 19:10:28 +00:00
|
|
|
|
|
|
|
|
# These entries get added to /etc/hosts
|
|
|
|
|
networking.hosts = {
|
2022-11-22 11:30:54 +00:00
|
|
|
"127.0.0.1" =
|
|
|
|
|
[]
|
|
|
|
|
++ lib.optionals cfg.enableCaddy ["caddy.local"]
|
|
|
|
|
++ lib.optionals config.pub-solar.printing.enable ["cups.local"]
|
|
|
|
|
++ lib.optionals cfg.enableHelp ["help.local"];
|
2021-05-30 19:10:28 +00:00
|
|
|
};
|
|
|
|
|
|
2023-03-16 10:49:36 +00:00
|
|
|
# Changing the Caddyfile should only trigger a reload, not a restart
|
|
|
|
|
systemd.services.caddy.reloadTriggers = [
|
|
|
|
|
config.services.caddy.configFile
|
|
|
|
|
];
|
|
|
|
|
|
2021-05-30 19:10:28 +00:00
|
|
|
# Caddy reverse proxy for local services like cups
|
|
|
|
|
services.caddy = {
|
2023-05-14 15:36:34 +00:00
|
|
|
enable = lib.mkDefault cfg.enableCaddy;
|
|
|
|
|
globalConfig = lib.mkDefault ''
|
2022-08-14 16:03:32 +00:00
|
|
|
default_bind 127.0.0.1
|
2022-06-02 08:09:42 +00:00
|
|
|
auto_https off
|
|
|
|
|
'';
|
2023-05-14 15:36:34 +00:00
|
|
|
extraConfig = lib.mkDefault (concatStringsSep "\n" [
|
2022-10-02 01:17:34 +00:00
|
|
|
(lib.optionalString
|
|
|
|
|
config.pub-solar.printing.enable
|
|
|
|
|
''
|
|
|
|
|
cups.local:80 {
|
|
|
|
|
request_header Host localhost:631
|
|
|
|
|
reverse_proxy unix//run/cups/cups.sock
|
|
|
|
|
}
|
|
|
|
|
'')
|
2022-08-14 16:03:32 +00:00
|
|
|
|
2022-10-02 01:17:34 +00:00
|
|
|
(lib.optionalString
|
|
|
|
|
cfg.enableHelp
|
|
|
|
|
''
|
|
|
|
|
help.local:80 {
|
|
|
|
|
root * ${pkgs.psos-docs}/lib/html
|
2023-03-22 08:32:47 +00:00
|
|
|
# Caddy builds the etag with only the file size & latest modified
|
|
|
|
|
# date, which is always 1970-01-01 in the Nix store
|
|
|
|
|
header -ETag
|
2022-10-02 01:17:34 +00:00
|
|
|
file_server
|
|
|
|
|
}
|
|
|
|
|
'')
|
2023-05-14 15:36:34 +00:00
|
|
|
]);
|
2021-05-30 19:10:28 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
