Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 1 | { config, lib, base, ... }: |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 2 | lib.recursiveUpdate { |
Skyler Grey | 4259e93 | 2023-10-21 21:37:03 +0000 | [diff] [blame] | 3 | services.nginx.virtualHosts.privatebin = { |
| 4 | serverName = lib.mkForce "privatebin.clicks.codes"; |
| 5 | enableACME = lib.mkForce true; |
| 6 | forceSSL = lib.mkForce true; |
| 7 | }; |
Skyler Grey | 915067d | 2023-12-03 13:46:53 +0000 | [diff] [blame] | 8 | systemd.services.privatebin.requires = [ "postgresql.service" ]; |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 9 | services.privatebin = { |
| 10 | enable = true; |
| 11 | settings = { |
| 12 | main = { |
| 13 | name = "Clicks Minute Paste"; |
Skyler Grey | 2ca6ccd | 2023-10-14 22:56:43 +0000 | [diff] [blame] | 14 | basepath = "https://privatebin.clicks.codes/"; |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 15 | opendiscussion = true; |
| 16 | fileupload = true; |
| 17 | |
| 18 | defaultformatter = "syntaxhighlighting"; |
| 19 | syntaxhighlightingtheme = "sons-of-obsidian"; |
| 20 | template = "bootstrap-dark"; |
| 21 | |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 22 | info = '' |
Skyler Grey | f92fa2e | 2024-01-11 14:23:25 +0000 | [diff] [blame^] | 23 | Powered by <a href="https://privatebin.info/">PrivateBin</a>. Provided as a service free-of-charge by Clicks. Come chat with us <a href="https://matrix.to/#/#global:clicks.codes"> on Matrix</a>''; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 24 | notice = |
| 25 | "This service has no guarantee of uptime, and pastes are not backed up. If you need somewhere to host the last words of your wise old grandfather for time immemorial this is not the place."; |
Skyler Grey | 09c5cda | 2023-10-09 07:10:10 +0000 | [diff] [blame] | 26 | |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 27 | langaugeselection = true; |
| 28 | }; |
| 29 | |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 30 | expire.default = "1month"; |
| 31 | |
Skyler Grey | 4259e93 | 2023-10-21 21:37:03 +0000 | [diff] [blame] | 32 | nginx.forceSSL = lib.mkForce true; |
| 33 | |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 34 | expire_options = { |
Samuel Shuert | f68685d | 2023-10-28 20:07:56 -0400 | [diff] [blame] | 35 | "5min" = 300; |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 36 | "10min" = 600; |
| 37 | "1hour" = 3600; |
| 38 | "1day" = 86400; |
| 39 | "1week" = 604800; |
| 40 | "1month" = 2592000; |
| 41 | }; |
| 42 | |
| 43 | formatter_options = { |
| 44 | syntaxhighlighting = "Source Code"; |
| 45 | markdown = "Markdown"; |
| 46 | plaintext = "Plain Text"; |
| 47 | }; |
| 48 | |
| 49 | traffic = { |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 50 | exempted = |
| 51 | "10.0.0.0/8,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16"; |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 52 | }; |
| 53 | |
| 54 | model.class = "Database"; |
| 55 | model_options = { |
| 56 | dsn = "pgsql:host=localhost;dbname=privatebin"; |
| 57 | tbl = "privatebin"; |
| 58 | usr = "privatebin"; |
| 59 | pwd._env = "PRIVATEBIN_DB_PASSWORD"; |
| 60 | }; |
| 61 | }; |
| 62 | }; |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 63 | } (if base != null then { |
| 64 | services.privatebin.environmentFiles = |
| 65 | [ config.scalpel.trafos."privatebin.env".destination ]; |
Skyler Grey | 9fe6128 | 2023-08-20 21:52:48 +0000 | [diff] [blame] | 66 | |
Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 67 | scalpel.trafos."privatebin.env" = { |
| 68 | source = builtins.toFile "privatebin.env" '' |
| 69 | PRIVATEBIN_DB_PASSWORD=!!privatebin_db_password!! |
| 70 | ''; |
| 71 | matchers."privatebin_db_password".secret = |
| 72 | config.sops.secrets.clicks_privatebin_db_password.path; |
| 73 | owner = config.users.users.privatebin.name; |
| 74 | group = config.users.users.privatebin.group; |
| 75 | mode = "0400"; |
| 76 | }; |
| 77 | } else |
| 78 | { }) |