diff --git a/configs/nixos/copyparty.nix b/configs/nixos/copyparty.nix deleted file mode 100644 index 630d545..0000000 --- a/configs/nixos/copyparty.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ - inputs, - config, - pkgs, - lib, - ... -}: let - port = "3923"; -in { - nixpkgs.overlays = [inputs.copyparty.overlays.default]; - environment.systemPackages = with pkgs; [copyparty]; - services.copyparty = { - enable = true; - # directly maps to values in the [global] section of the copyparty config. - # see `copyparty --help` for available options - settings = { - i = "127.0.0.1"; - p = port; - ed = true; - e2dsa = true; - # hist = "/storage/copyparty"; - forget-ip = 1440; - e2ts = true; - shr = "/share"; - shr-adm = "gabe"; - u2abort = 3; - magic = true; - df = 5; - u2j = 16; - ls = "**,*,ln,p,r"; - xvol = true; - xdev = true; - no-logues = true; - no-robots = true; - md-hist = "v"; - nsort = true; - log-utc = true; - }; - - # create users - accounts = { - # gabe.passwordFile = "/run/keys/copyparty/k_password"; - }; - - # create a volume - volumes = { - "/" = { - path = "/storage/syncthing/"; - # see `copyparty --help-accounts` for available options - access = { - r = "*"; - A = "*"; - # rw = ["gabe" "erica"]; - }; - # see `copyparty --help-flags` for available options - flags = { - # "fk" enables filekeys (necessary for upget permission) (4 chars long) - fk = 4; - # scan for new files every 60sec - scan = 600; - # volflag "e2d" enables the uploads database - e2d = true; - # "d2t" disables multimedia parsers (in case the uploads are malicious) - d2t = false; - }; - }; - }; - # you may increase the open file limit for the process - openFilesLimit = 8192; - }; -} diff --git a/flake.lock b/flake.lock index 50f5197..4c64942 100644 --- a/flake.lock +++ b/flake.lock @@ -10,15 +10,16 @@ ] }, "locked": { - "lastModified": 1745176775, - "narHash": "sha256-7bWct47AKcQntlJaY8NMECZ1FXIaFlYb/yCMC0Bm30M=", - "owner": "9001", + "lastModified": 1745400750, + "narHash": "sha256-sXLl6fuWPyZll4ok1b1pbxJLJ5ZnK/NUfL8+SK42P5Q=", + "owner": "gabevenberg", "repo": "copyparty", - "rev": "68e7000275425f5dd1d2d80dc428fe2fcab6cc9c", + "rev": "a54e950ecca45225d94c5e982e2dd3453c09ea22", "type": "github" }, "original": { - "owner": "9001", + "owner": "gabevenberg", + "ref": "nixos-module", "repo": "copyparty", "type": "github" } @@ -192,10 +193,10 @@ "nix-secrets": { "flake": false, "locked": { - "lastModified": 1742472608, - "narHash": "sha256-CelDYGqeNk4pGs9ObnV56rAK9C0ajN4Pz4n/5y8Ghtw=", + "lastModified": 1745397247, + "narHash": "sha256-R8RPX20EJFpaUSQpiUE0N5d31UDbB+3Qu8yapab5F2k=", "ref": "refs/heads/main", - "rev": "69bdba99f321bc9adbff9a147450e23d6e15c89b", + "rev": "01654a652e4b9b5ade200d85a1e3fd3e1b058053", "shallow": true, "type": "git", "url": "ssh://forgejo@git.venberg.xyz/Gabe/nix-secrets.git" diff --git a/flake.nix b/flake.nix index 4cb9f43..3adc124 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,8 @@ }; copyparty = { - url = "github:9001/copyparty"; + # url = "github:9001/copyparty"; + url = "github:gabevenberg/copyparty/nixos-module"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; diff --git a/hosts/cirrostratus/copyparty.nix b/hosts/cirrostratus/copyparty.nix new file mode 100644 index 0000000..db12d18 --- /dev/null +++ b/hosts/cirrostratus/copyparty.nix @@ -0,0 +1,89 @@ +{ + inputs, + config, + pkgs, + lib, + ... +}: let + port = "3923"; + defaultvolflags = { + scan = 60; + grid = true; + nsort = true; + fk = 8; + }; +in { + nixpkgs.overlays = [inputs.copyparty.overlays.default]; + environment.systemPackages = with pkgs; [copyparty]; + services.copyparty = { + enable = true; + user = config.host.details.user; + group = "users"; + # directly maps to values in the [global] section of the copyparty config. + # see `copyparty --help` for available options + settings = { + # i = "127.0.0.1"; + p = port; + ed = true; + e2dsa = true; + forget-ip = 1440; + e2ts = true; + shr = "/share"; + shr-adm = "gabe"; + u2abort = 3; + magic = true; + df = 5; + u2j = 16; + ls = "**,*,ln,p,r"; + xvol = true; + xdev = true; + no-logues = true; + no-robots = true; + md-hist = "v"; + nsort = true; + log-utc = true; + ah-alg = "argon2"; + ah-salt = "ImSaltyAboutNonPersistentSalts"; + }; + accounts = lib.mkIf (inputs ? nix-secrets) ( + builtins.mapAttrs (name: value: {passwordFile = "${inputs.nix-secrets}/copyparty/${name}";}) + (builtins.readDir "${inputs.nix-secrets}/copyparty") + ); + volumes = { + "/" = { + path = "/storage/syncthing/family"; + access = { + rwmd = ["gabe" "erica"]; + A = ["gabe"]; + }; + flags = defaultvolflags; + }; + "/gabe" = { + path = "/storage/syncthing/gabe"; + access = { + rwmd = "gabe"; + A = ["gabe"]; + }; + flags = defaultvolflags; + }; + "/erica" = { + path = "/storage/syncthing/erica"; + access = { + rwmd = "erica"; + A = ["erica"]; + }; + flags = defaultvolflags; + }; + }; + # you may increase the open file limit for the process + openFilesLimit = 8192; + }; + + services.nginx.virtualHosts."files.venberg.xyz" = { + enableACME = true; + forceSSL=true; + locations."/" = { + proxyPass= "http://localhost:${port}"; + }; + }; +} diff --git a/hosts/cirrostratus/default.nix b/hosts/cirrostratus/default.nix index 6c7954f..a1ba2af 100644 --- a/hosts/cirrostratus/default.nix +++ b/hosts/cirrostratus/default.nix @@ -16,6 +16,7 @@ inputs.nixpkgs.lib.nixosSystem { ./hardware-configuration.nix ./restic.nix ./nginx.nix + ./copyparty.nix ../../configs/nixos/common.nix ../../configs/nixos/tailscale.nix ../../configs/nixos/sshd.nix @@ -29,7 +30,6 @@ inputs.nixpkgs.lib.nixosSystem { ../../configs/nixos/miniserve-tmp-upload.nix ../../configs/nixos/minecraft-docker.nix ../../configs/nixos/nginx-static.nix - ../../configs/nixos/copyparty.nix ({ config, pkgs, diff --git a/modules/nixos/restic.nix b/modules/nixos/restic.nix index 06d3767..92a0625 100644 --- a/modules/nixos/restic.nix +++ b/modules/nixos/restic.nix @@ -130,7 +130,7 @@ }) ( lib.mkIf cfg.enable ( - lib.mapAttrs ( + builtins.mapAttrs ( name: backup: { repositoryFile = cfg.repositoryFile; repository = cfg.repository;