From bcab2b8307eb91c3015692094a6ee0725cde2c07 Mon Sep 17 00:00:00 2001 From: Gabe Venberg Date: Tue, 22 Apr 2025 17:16:52 +0200 Subject: [PATCH] basic copyparty server, have not yet setup reverse proxy. --- configs/nixos/copyparty.nix | 71 ++++++++++++++++++++++++++++++++++ flake.lock | 24 ++++++++++++ flake.nix | 6 +++ hosts/cirrostratus/default.nix | 4 +- 4 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 configs/nixos/copyparty.nix diff --git a/configs/nixos/copyparty.nix b/configs/nixos/copyparty.nix new file mode 100644 index 0000000..630d545 --- /dev/null +++ b/configs/nixos/copyparty.nix @@ -0,0 +1,71 @@ +{ + inputs, + config, + pkgs, + lib, + ... +}: let + port = "3923"; +in { + nixpkgs.overlays = [inputs.copyparty.overlays.default]; + environment.systemPackages = with pkgs; [copyparty]; + services.copyparty = { + enable = true; + # directly maps to values in the [global] section of the copyparty config. + # see `copyparty --help` for available options + settings = { + i = "127.0.0.1"; + p = port; + ed = true; + e2dsa = true; + # hist = "/storage/copyparty"; + forget-ip = 1440; + e2ts = true; + shr = "/share"; + shr-adm = "gabe"; + u2abort = 3; + magic = true; + df = 5; + u2j = 16; + ls = "**,*,ln,p,r"; + xvol = true; + xdev = true; + no-logues = true; + no-robots = true; + md-hist = "v"; + nsort = true; + log-utc = true; + }; + + # create users + accounts = { + # gabe.passwordFile = "/run/keys/copyparty/k_password"; + }; + + # create a volume + volumes = { + "/" = { + path = "/storage/syncthing/"; + # see `copyparty --help-accounts` for available options + access = { + r = "*"; + A = "*"; + # rw = ["gabe" "erica"]; + }; + # see `copyparty --help-flags` for available options + flags = { + # "fk" enables filekeys (necessary for upget permission) (4 chars long) + fk = 4; + # scan for new files every 60sec + scan = 600; + # volflag "e2d" enables the uploads database + e2d = true; + # "d2t" disables multimedia parsers (in case the uploads are malicious) + d2t = false; + }; + }; + }; + # you may increase the open file limit for the process + openFilesLimit = 8192; + }; +} diff --git a/flake.lock b/flake.lock index 91912cc..50f5197 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,28 @@ { "nodes": { + "copyparty": { + "inputs": { + "flake-utils": [ + "flake-utils" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745176775, + "narHash": "sha256-7bWct47AKcQntlJaY8NMECZ1FXIaFlYb/yCMC0Bm30M=", + "owner": "9001", + "repo": "copyparty", + "rev": "68e7000275425f5dd1d2d80dc428fe2fcab6cc9c", + "type": "github" + }, + "original": { + "owner": "9001", + "repo": "copyparty", + "type": "github" + } + }, "deploy-rs": { "inputs": { "flake-compat": [ @@ -286,6 +309,7 @@ }, "root": { "inputs": { + "copyparty": "copyparty", "deploy-rs": "deploy-rs", "disko": "disko", "flake-compat": "flake-compat", diff --git a/flake.nix b/flake.nix index 6208349..4cb9f43 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,12 @@ inputs.flake-compat.follows = "flake-compat"; }; + copyparty = { + url = "github:9001/copyparty"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; + }; + #https://unmovedcentre.com/technology/2024/03/22/secrets-management.html sops-nix = { url = "github:mic92/sops-nix"; diff --git a/hosts/cirrostratus/default.nix b/hosts/cirrostratus/default.nix index 0e6f73a..6c7954f 100644 --- a/hosts/cirrostratus/default.nix +++ b/hosts/cirrostratus/default.nix @@ -3,7 +3,7 @@ myLib, ... }: -# Kapr site server. +# Karp site server. inputs.nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = {inherit inputs myLib;}; @@ -11,6 +11,7 @@ inputs.nixpkgs.lib.nixosSystem { modules = [ inputs.home-manager.nixosModules.home-manager inputs.disko.nixosModules.disko + inputs.copyparty.nixosModules.default ./disk-config.nix ./hardware-configuration.nix ./restic.nix @@ -28,6 +29,7 @@ inputs.nixpkgs.lib.nixosSystem { ../../configs/nixos/miniserve-tmp-upload.nix ../../configs/nixos/minecraft-docker.nix ../../configs/nixos/nginx-static.nix + ../../configs/nixos/copyparty.nix ({ config, pkgs,