blob: da6510b626b9f8622459697e007942a2d18b758b [file] [log] [blame]
Skyler Grey9fe61282023-08-20 21:52:48 +00001{ config, lib, base, ... }:
Skyler Greyfe1740c2023-10-21 01:24:18 +00002lib.recursiveUpdate {
Skyler Grey4259e932023-10-21 21:37:03 +00003 services.nginx.virtualHosts.privatebin = {
4 serverName = lib.mkForce "privatebin.clicks.codes";
5 enableACME = lib.mkForce true;
6 forceSSL = lib.mkForce true;
7 };
Skyler Grey915067d2023-12-03 13:46:53 +00008 systemd.services.privatebin.requires = [ "postgresql.service" ];
Skyler Grey9fe61282023-08-20 21:52:48 +00009 services.privatebin = {
10 enable = true;
11 settings = {
12 main = {
13 name = "Clicks Minute Paste";
Skyler Grey2ca6ccd2023-10-14 22:56:43 +000014 basepath = "https://privatebin.clicks.codes/";
Skyler Grey9fe61282023-08-20 21:52:48 +000015 opendiscussion = true;
16 fileupload = true;
17
18 defaultformatter = "syntaxhighlighting";
19 syntaxhighlightingtheme = "sons-of-obsidian";
20 template = "bootstrap-dark";
21
Skyler Greyfe1740c2023-10-21 01:24:18 +000022 info = ''
23 Powered by <a href="https://privatebin.info/">PrivateBin</a>. Provided as a service free-of-charge by Clicks. Come chat with us <a href="https://matrix.to/#/#global:coded.codes"> on Matrix</a>'';
24 notice =
25 "This service has no guarantee of uptime, and pastes are not backed up. If you need somewhere to host the last words of your wise old grandfather for time immemorial this is not the place.";
Skyler Grey09c5cda2023-10-09 07:10:10 +000026
Skyler Grey9fe61282023-08-20 21:52:48 +000027 langaugeselection = true;
28 };
29
Skyler Grey9fe61282023-08-20 21:52:48 +000030 expire.default = "1month";
31
Skyler Grey4259e932023-10-21 21:37:03 +000032 nginx.forceSSL = lib.mkForce true;
33
Skyler Grey9fe61282023-08-20 21:52:48 +000034 expire_options = {
Samuel Shuertf68685d2023-10-28 20:07:56 -040035 "5min" = 300;
Skyler Grey9fe61282023-08-20 21:52:48 +000036 "10min" = 600;
37 "1hour" = 3600;
38 "1day" = 86400;
39 "1week" = 604800;
40 "1month" = 2592000;
41 };
42
43 formatter_options = {
44 syntaxhighlighting = "Source Code";
45 markdown = "Markdown";
46 plaintext = "Plain Text";
47 };
48
49 traffic = {
Skyler Greyfe1740c2023-10-21 01:24:18 +000050 exempted =
51 "10.0.0.0/8,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16";
Skyler Grey9fe61282023-08-20 21:52:48 +000052 };
53
54 model.class = "Database";
55 model_options = {
56 dsn = "pgsql:host=localhost;dbname=privatebin";
57 tbl = "privatebin";
58 usr = "privatebin";
59 pwd._env = "PRIVATEBIN_DB_PASSWORD";
60 };
61 };
62 };
Skyler Greyfe1740c2023-10-21 01:24:18 +000063} (if base != null then {
64 services.privatebin.environmentFiles =
65 [ config.scalpel.trafos."privatebin.env".destination ];
Skyler Grey9fe61282023-08-20 21:52:48 +000066
Skyler Greyfe1740c2023-10-21 01:24:18 +000067 scalpel.trafos."privatebin.env" = {
68 source = builtins.toFile "privatebin.env" ''
69 PRIVATEBIN_DB_PASSWORD=!!privatebin_db_password!!
70 '';
71 matchers."privatebin_db_password".secret =
72 config.sops.secrets.clicks_privatebin_db_password.path;
73 owner = config.users.users.privatebin.name;
74 group = config.users.users.privatebin.group;
75 mode = "0400";
76 };
77} else
78 { })