basic copyparty server, have not yet setup reverse proxy.

configs/nixos/copyparty.nix

@@ -0,0 +1,71 @@
+{
+  inputs,
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  port = "3923";
+in {
+  nixpkgs.overlays = [inputs.copyparty.overlays.default];
+  environment.systemPackages = with pkgs; [copyparty];
+  services.copyparty = {
+    enable = true;
+    # directly maps to values in the [global] section of the copyparty config.
+    # see `copyparty --help` for available options
+    settings = {
+      i = "127.0.0.1";
+      p = port;
+      ed = true;
+      e2dsa = true;
+      # hist = "/storage/copyparty";
+      forget-ip = 1440;
+      e2ts = true;
+      shr = "/share";
+      shr-adm = "gabe";
+      u2abort = 3;
+      magic = true;
+      df = 5;
+      u2j = 16;
+      ls = "**,*,ln,p,r";
+      xvol = true;
+      xdev = true;
+      no-logues = true;
+      no-robots = true;
+      md-hist = "v";
+      nsort = true;
+      log-utc = true;
+    };
+
+    # create users
+    accounts = {
+      # gabe.passwordFile = "/run/keys/copyparty/k_password";
+    };
+
+    # create a volume
+    volumes = {
+      "/" = {
+        path = "/storage/syncthing/";
+        # see `copyparty --help-accounts` for available options
+        access = {
+          r = "*";
+          A = "*";
+          # rw = ["gabe" "erica"];
+        };
+        # see `copyparty --help-flags` for available options
+        flags = {
+          # "fk" enables filekeys (necessary for upget permission) (4 chars long)
+          fk = 4;
+          # scan for new files every 60sec
+          scan = 600;
+          # volflag "e2d" enables the uploads database
+          e2d = true;
+          # "d2t" disables multimedia parsers (in case the uploads are malicious)
+          d2t = false;
+        };
+      };
+    };
+    # you may increase the open file limit for the process
+    openFilesLimit = 8192;
+  };
+}

flake.lock

@@ -1,5 +1,28 @@
 {
   "nodes": {
+    "copyparty": {
+      "inputs": {
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1745176775,
+        "narHash": "sha256-7bWct47AKcQntlJaY8NMECZ1FXIaFlYb/yCMC0Bm30M=",
+        "owner": "9001",
+        "repo": "copyparty",
+        "rev": "68e7000275425f5dd1d2d80dc428fe2fcab6cc9c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "9001",
+        "repo": "copyparty",
+        "type": "github"
+      }
+    },
     "deploy-rs": {
       "inputs": {
         "flake-compat": [
@@ -286,6 +309,7 @@
     },
     "root": {
       "inputs": {
+        "copyparty": "copyparty",
         "deploy-rs": "deploy-rs",
         "disko": "disko",
         "flake-compat": "flake-compat",

flake.nix

@@ -33,6 +33,12 @@
       inputs.flake-compat.follows = "flake-compat";
     };
 
+    copyparty = {
+      url = "github:9001/copyparty";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-utils.follows = "flake-utils";
+    };
+
     #https://unmovedcentre.com/technology/2024/03/22/secrets-management.html
     sops-nix = {
       url = "github:mic92/sops-nix";

hosts/cirrostratus/default.nix

@@ -3,7 +3,7 @@
   myLib,
   ...
 }:
-# Kapr site server.
+# Karp site server.
 inputs.nixpkgs.lib.nixosSystem {
   system = "x86_64-linux";
   specialArgs = {inherit inputs myLib;};
@@ -11,6 +11,7 @@ inputs.nixpkgs.lib.nixosSystem {
   modules = [
     inputs.home-manager.nixosModules.home-manager
     inputs.disko.nixosModules.disko
+    inputs.copyparty.nixosModules.default
     ./disk-config.nix
     ./hardware-configuration.nix
     ./restic.nix
@@ -28,6 +29,7 @@ inputs.nixpkgs.lib.nixosSystem {
     ../../configs/nixos/miniserve-tmp-upload.nix
     ../../configs/nixos/minecraft-docker.nix
     ../../configs/nixos/nginx-static.nix
+    ../../configs/nixos/copyparty.nix
     ({
       config,
       pkgs,