diff --git a/schrottserver/configuration.nix b/schrottserver/configuration.nix index 5c71158..3dc949e 100644 --- a/schrottserver/configuration.nix +++ b/schrottserver/configuration.nix @@ -13,6 +13,7 @@ ./vaultwarden.nix ./nextcloud.nix ./mumble.nix + ./microbin.nix ../modules/neovim.nix ../modules/zsh.nix ]; diff --git a/schrottserver/microbin.nix b/schrottserver/microbin.nix new file mode 100644 index 0000000..c212376 --- /dev/null +++ b/schrottserver/microbin.nix @@ -0,0 +1,38 @@ +{ inputs, config, pkgs, ... }: +let + microbin = pkgs.rustPlatform.buildRustPackage rec { + pname = "microbin"; + version = "1.2.0"; + + # GitHub sources do not have Cargo.lock + src = pkgs.fetchCrate { + inherit pname version; + sha256 = "sha256-dZClslUTUchx+sOJzFG8wiAgyW/0RcCKfKYklKfVrzM="; + }; + + cargoSha256 = "sha256-fBbChu5iy/2H/8IYCwd1OwxplGPZAmkd8z8xD7Uc0vo="; + }; +in { + environment.systemPackages = with pkgs; [ microbin ]; + systemd.services.microbin = { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + environment = { + MICROBIN_AUTH_USERNAME = "jade"; + MICROBIN_AUTH_PASSWORD = builtins.readFile ../secret-data/mb-pass; + MICROBIN_HASH_IDS = ""; + MICROBIN_EDITABLE = ""; + MICROBIN_PRIVATE = ""; + MICROBIN_HIGHLIGHTSYNTAX = ""; + MICROBIN_PUBLIC_PATH = "https://s10e.de"; + MICROBIN_QR = ""; + }; + script = "${pkgs.microbin}/bin/microbin"; + #scriptArgs = "--auth-password ${builtins.readFile ../secret-data/mb-pass} --auth-username jade --editable --hash-ids --no-listing --highlightsyntax --public-path https://s10e.de --qr"; + serviceConfig = { + Type = "simple"; + RootDirectory="/"; + WorkingDirectory = "/microbin"; + }; + }; +} diff --git a/schrottserver/proxy.nix b/schrottserver/proxy.nix index 52c68be..77446e3 100644 --- a/schrottserver/proxy.nix +++ b/schrottserver/proxy.nix @@ -16,6 +16,10 @@ group = "nginx"; keyType = "rsa2048"; }; + "s10e.de" = { + group = "nginx"; + keyType = "rsa2048"; + }; }; }; @@ -55,6 +59,13 @@ forceSSL = true; enableACME = true; }; + "s10e.de" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://127.0.0.1:8080$request_uri"; + }; + }; }; }; } diff --git a/secret-data/mb-pass b/secret-data/mb-pass new file mode 100644 index 0000000..55d07c7 Binary files /dev/null and b/secret-data/mb-pass differ