Gabe/nix-config
1
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity

copyparty configs!

Browse source
This commit is contained in:
Gabe Venberg 2025-04-23 11:43:51 +02:00
parent bcab2b8307
commit 0f05d21280
6 changed files with 102 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

71
configs/nixos/copyparty.nix
View file

@ -1,71 +0,0 @@
{
inputs,
config,
pkgs,
lib,
...
}: let
port = "3923";
in {
nixpkgs.overlays = [inputs.copyparty.overlays.default];
environment.systemPackages = with pkgs; [copyparty];
services.copyparty = {
enable = true;
# directly maps to values in the [global] section of the copyparty config.
# see `copyparty --help` for available options
settings = {
i = "127.0.0.1";
p = port;
ed = true;
e2dsa = true;
# hist = "/storage/copyparty";
forget-ip = 1440;
e2ts = true;
shr = "/share";
shr-adm = "gabe";
u2abort = 3;
magic = true;
df = 5;
u2j = 16;
ls = "**,*,ln,p,r";
xvol = true;
xdev = true;
no-logues = true;
no-robots = true;
md-hist = "v";
nsort = true;
log-utc = true;
};
# create users
accounts = {
# gabe.passwordFile = "/run/keys/copyparty/k_password";
};
# create a volume
volumes = {
"/" = {
path = "/storage/syncthing/";
# see `copyparty --help-accounts` for available options
access = {
r = "*";
A = "*";
# rw = ["gabe" "erica"];
};
# see `copyparty --help-flags` for available options
flags = {
# "fk" enables filekeys (necessary for upget permission) (4 chars long)
fk = 4;
# scan for new files every 60sec
scan = 600;
# volflag "e2d" enables the uploads database
e2d = true;
# "d2t" disables multimedia parsers (in case the uploads are malicious)
d2t = false;
};
};
};
# you may increase the open file limit for the process
openFilesLimit = 8192;
};
}

17
flake.lock generated
View file

@ -10,15 +10,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1745176775, "lastModified": 1745400750,
"narHash": "sha256-7bWct47AKcQntlJaY8NMECZ1FXIaFlYb/yCMC0Bm30M=", "narHash": "sha256-sXLl6fuWPyZll4ok1b1pbxJLJ5ZnK/NUfL8+SK42P5Q=",
"owner": "9001", "owner": "gabevenberg",
"repo": "copyparty", "repo": "copyparty",
"rev": "68e7000275425f5dd1d2d80dc428fe2fcab6cc9c", "rev": "a54e950ecca45225d94c5e982e2dd3453c09ea22",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "9001", "owner": "gabevenberg",
"ref": "nixos-module",
"repo": "copyparty", "repo": "copyparty",
"type": "github" "type": "github"
} }
@ -192,10 +193,10 @@
"nix-secrets": { "nix-secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1742472608, "lastModified": 1745397247,
"narHash": "sha256-CelDYGqeNk4pGs9ObnV56rAK9C0ajN4Pz4n/5y8Ghtw=", "narHash": "sha256-R8RPX20EJFpaUSQpiUE0N5d31UDbB+3Qu8yapab5F2k=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "69bdba99f321bc9adbff9a147450e23d6e15c89b", "rev": "01654a652e4b9b5ade200d85a1e3fd3e1b058053",
"shallow": true, "shallow": true,
"type": "git", "type": "git",
"url": "ssh://forgejo@git.venberg.xyz/Gabe/nix-secrets.git" "url": "ssh://forgejo@git.venberg.xyz/Gabe/nix-secrets.git"

3
flake.nix
View file

@ -34,7 +34,8 @@
}; };
copyparty = { copyparty = {
url = "github:9001/copyparty"; # url = "github:9001/copyparty";
url = "github:gabevenberg/copyparty/nixos-module";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
}; };

89
hosts/cirrostratus/copyparty.nix Normal file
View file

@ -0,0 +1,89 @@
{
inputs,
config,
pkgs,
lib,
...
}: let
port = "3923";
defaultvolflags = {
scan = 60;
grid = true;
nsort = true;
fk = 8;
};
in {
nixpkgs.overlays = [inputs.copyparty.overlays.default];
environment.systemPackages = with pkgs; [copyparty];
services.copyparty = {
enable = true;
user = config.host.details.user;
group = "users";
# directly maps to values in the [global] section of the copyparty config.
# see `copyparty --help` for available options
settings = {
# i = "127.0.0.1";
p = port;
ed = true;
e2dsa = true;
forget-ip = 1440;
e2ts = true;
shr = "/share";
shr-adm = "gabe";
u2abort = 3;
magic = true;
df = 5;
u2j = 16;
ls = "**,*,ln,p,r";
xvol = true;
xdev = true;
no-logues = true;
no-robots = true;
md-hist = "v";
nsort = true;
log-utc = true;
ah-alg = "argon2";
ah-salt = "ImSaltyAboutNonPersistentSalts";
};
accounts = lib.mkIf (inputs ? nix-secrets) (
builtins.mapAttrs (name: value: {passwordFile = "${inputs.nix-secrets}/copyparty/${name}";})
(builtins.readDir "${inputs.nix-secrets}/copyparty")
);
volumes = {
"/" = {
path = "/storage/syncthing/family";
access = {
rwmd = ["gabe" "erica"];
A = ["gabe"];
};
flags = defaultvolflags;
};
"/gabe" = {
path = "/storage/syncthing/gabe";
access = {
rwmd = "gabe";
A = ["gabe"];
};
flags = defaultvolflags;
};
"/erica" = {
path = "/storage/syncthing/erica";
access = {
rwmd = "erica";
A = ["erica"];
};
flags = defaultvolflags;
};
};
# you may increase the open file limit for the process
openFilesLimit = 8192;
};
services.nginx.virtualHosts."files.venberg.xyz" = {
enableACME = true;
forceSSL=true;
locations."/" = {
proxyPass= "http://localhost:${port}";
};
};
}

2
hosts/cirrostratus/default.nix
View file

@ -16,6 +16,7 @@ inputs.nixpkgs.lib.nixosSystem {
./hardware-configuration.nix ./hardware-configuration.nix
./restic.nix ./restic.nix
./nginx.nix ./nginx.nix
./copyparty.nix
../../configs/nixos/common.nix ../../configs/nixos/common.nix
../../configs/nixos/tailscale.nix ../../configs/nixos/tailscale.nix
../../configs/nixos/sshd.nix ../../configs/nixos/sshd.nix
@ -29,7 +30,6 @@ inputs.nixpkgs.lib.nixosSystem {
../../configs/nixos/miniserve-tmp-upload.nix ../../configs/nixos/miniserve-tmp-upload.nix
../../configs/nixos/minecraft-docker.nix ../../configs/nixos/minecraft-docker.nix
../../configs/nixos/nginx-static.nix ../../configs/nixos/nginx-static.nix
../../configs/nixos/copyparty.nix
({ ({
config, config,
pkgs, pkgs,

2
modules/nixos/restic.nix
View file

@ -130,7 +130,7 @@
}) })
( (
lib.mkIf cfg.enable ( lib.mkIf cfg.enable (
lib.mapAttrs ( builtins.mapAttrs (
name: backup: { name: backup: {
repositoryFile = cfg.repositoryFile; repositoryFile = cfg.repositoryFile;
repository = cfg.repository; repository = cfg.repository;