feat: init rustypaste + rustypaste cli
This commit is contained in:
parent
8d9e60b571
commit
2b1b9ff928
7 changed files with 59 additions and 3 deletions
|
@ -38,4 +38,5 @@
|
||||||
+ [MatthiasBenaets](https://github.com/MatthiasBenaets) - amazing nixos introduction video
|
+ [MatthiasBenaets](https://github.com/MatthiasBenaets) - amazing nixos introduction video
|
||||||
+ [sioodmy](https://github.com/sioodmy) - general dotfile, readme badges, and hyprland stuff
|
+ [sioodmy](https://github.com/sioodmy) - general dotfile, readme badges, and hyprland stuff
|
||||||
+ [MatthewCroughan](https://github.com/MatthewCroughan) - traefik config used as reference
|
+ [MatthewCroughan](https://github.com/MatthewCroughan) - traefik config used as reference
|
||||||
|
+ [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config
|
||||||
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
|
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
|
||||||
|
|
|
@ -21,6 +21,7 @@
|
||||||
homeDirectory = "/home/notoh";
|
homeDirectory = "/home/notoh";
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
(callPackage ../../pkgs/chatterino7 {})
|
(callPackage ../../pkgs/chatterino7 {})
|
||||||
|
(callPackage ../../pkgs/rustypaste-cli {})
|
||||||
bitwarden
|
bitwarden
|
||||||
webcord
|
webcord
|
||||||
spotify-player
|
spotify-player
|
||||||
|
|
|
@ -8,5 +8,6 @@
|
||||||
./foundryvtt.nix
|
./foundryvtt.nix
|
||||||
./forgejo.nix
|
./forgejo.nix
|
||||||
./jellyfin.nix
|
./jellyfin.nix
|
||||||
|
./rustypaste.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
28
modules/services/rustypaste.nix
Normal file
28
modules/services/rustypaste.nix
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
sops.secrets.rusty-auth-token = {};
|
||||||
|
environment.systemPackages = with pkgs; [rustypaste];
|
||||||
|
|
||||||
|
systemd.services.rustypaste = {
|
||||||
|
enable = true;
|
||||||
|
wantedBy = [
|
||||||
|
"multi-user.target"
|
||||||
|
];
|
||||||
|
description = "A minimal file upload/pastebin service.";
|
||||||
|
environment = {
|
||||||
|
AUTH_TOKEN = config.sops.secrets.rusty-auth-token.path;
|
||||||
|
CONFIG = "/var/lib/rustypaste/config.toml";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
User = "root";
|
||||||
|
ExecStart = "${pkgs.rustypaste}/bin/rustypaste";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 30;
|
||||||
|
StandardOutput = "syslog";
|
||||||
|
WorkingDirectory = "/var/lib/rustypaste";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,6 +1,6 @@
|
||||||
{config, ...}: {
|
{config, ...}: {
|
||||||
sops.secrets.cloudflare-api-key = {};
|
sops.secrets.cloudflare-api-key = {};
|
||||||
networking.firewall.allowedTCPPorts = [80 443 8080];
|
networking.firewall.allowedTCPPorts = [80 443 8080 8000];
|
||||||
systemd.user.services.traefik.after = ["docker.service"];
|
systemd.user.services.traefik.after = ["docker.service"];
|
||||||
systemd.services.traefik = {
|
systemd.services.traefik = {
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -22,6 +22,7 @@
|
||||||
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
|
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
|
||||||
foundryvtt.loadBalancer.servers = [{url = "http://localhost:30000";}];
|
foundryvtt.loadBalancer.servers = [{url = "http://localhost:30000";}];
|
||||||
gitea.loadBalancer.servers = [{url = "http://localhost:3000";}];
|
gitea.loadBalancer.servers = [{url = "http://localhost:3000";}];
|
||||||
|
rustypaste.loadBalancer.servers = [{url = "http://localhost:8000";}];
|
||||||
};
|
};
|
||||||
routers = {
|
routers = {
|
||||||
api = {
|
api = {
|
||||||
|
@ -70,6 +71,13 @@
|
||||||
tls.domains = [{main = "*.notohh.dev";}];
|
tls.domains = [{main = "*.notohh.dev";}];
|
||||||
tls.certresolver = "production";
|
tls.certresolver = "production";
|
||||||
};
|
};
|
||||||
|
rustypaste = {
|
||||||
|
rule = "Host(`img.notohh.dev`)";
|
||||||
|
entrypoints = ["websecure"];
|
||||||
|
service = "rustypaste";
|
||||||
|
tls.domains = [{main = "*.notohh.dev";}];
|
||||||
|
tls.certresolver = "production";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
16
pkgs/rustypaste-cli/default.nix
Normal file
16
pkgs/rustypaste-cli/default.nix
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{
|
||||||
|
rustPlatform,
|
||||||
|
fetchFromGitHub,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
rustPlatform.buildRustPackage rec {
|
||||||
|
pname = "rustypaste-cli";
|
||||||
|
version = "0.3.0";
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "orhun";
|
||||||
|
repo = pname;
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "sha256-GPQEo9nYcw2Xowh0f2fqj4Ya5kUApB4GSdaSZkVb4R0=";
|
||||||
|
};
|
||||||
|
cargoHash = "sha256-uwAiNrpObirtxGXaNz3prXFIygcf0b8t/Z9N99Gcrtk=";
|
||||||
|
}
|
|
@ -1,6 +1,7 @@
|
||||||
foundry-username: ENC[AES256_GCM,data:YYZ5Q6UlWPqbH8iYhqoR6pYFmQ3NAjY=,iv:pRjblo74gqbYYJTy/edn1bOsEKjHyvmXPwp6D/t6vxE=,tag:G5Xt+dVT51pU6kYdDra0Rw==,type:str]
|
foundry-username: ENC[AES256_GCM,data:YYZ5Q6UlWPqbH8iYhqoR6pYFmQ3NAjY=,iv:pRjblo74gqbYYJTy/edn1bOsEKjHyvmXPwp6D/t6vxE=,tag:G5Xt+dVT51pU6kYdDra0Rw==,type:str]
|
||||||
foundry-password: ENC[AES256_GCM,data:c6cO1vV/thC7U1ha/1FiVVzk0KtvUnTRgJ9ysyO35uYhVK2ggyLUMAqBaXUduf4CXQ==,iv:jdnuyZyoaLN4waGI9MlU0coWg1adDIShrQykfuBq3UM=,tag:HNkaY/8k7JKQVCjjPlkO/w==,type:str]
|
foundry-password: ENC[AES256_GCM,data:c6cO1vV/thC7U1ha/1FiVVzk0KtvUnTRgJ9ysyO35uYhVK2ggyLUMAqBaXUduf4CXQ==,iv:jdnuyZyoaLN4waGI9MlU0coWg1adDIShrQykfuBq3UM=,tag:HNkaY/8k7JKQVCjjPlkO/w==,type:str]
|
||||||
cloudflare-api-key: ENC[AES256_GCM,data:ZEYzFht24xogGov/Dkk9MQm0CZ/GPHvVgC7manQ2hOp1ljUOPrlHlShnNZnXctkv0VSwkQUARddCFQbAno79bUM=,iv:V54QifTBvy+5Q5JErfv2IRW0wpBn7q9KozAogy94gwU=,tag:1tz/0lNHLUTiYOH4V1jkDA==,type:str]
|
cloudflare-api-key: ENC[AES256_GCM,data:ZEYzFht24xogGov/Dkk9MQm0CZ/GPHvVgC7manQ2hOp1ljUOPrlHlShnNZnXctkv0VSwkQUARddCFQbAno79bUM=,iv:V54QifTBvy+5Q5JErfv2IRW0wpBn7q9KozAogy94gwU=,tag:1tz/0lNHLUTiYOH4V1jkDA==,type:str]
|
||||||
|
rusty-auth-token: ENC[AES256_GCM,data:FZ1bC6wijkHPII2AlYnDq9P6pFq2qWVo,iv:92ZH8N52sml8ZkvfuXf472Jj/JbnaWfy38AX6GTvszA=,tag:Suq7P86MhjUx0WmPuGpCUA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -16,8 +17,8 @@ sops:
|
||||||
YWNQcURKMSs2U0pOa3E0cTdCZ3RnalkKGayA7DBUQS+kn+6OYVBc6oTunF0qeZdt
|
YWNQcURKMSs2U0pOa3E0cTdCZ3RnalkKGayA7DBUQS+kn+6OYVBc6oTunF0qeZdt
|
||||||
5b9DLHgh0HRWFm09XGSOog8K315d93Wzblw1My1/dXeEQX/ryinqUQ==
|
5b9DLHgh0HRWFm09XGSOog8K315d93Wzblw1My1/dXeEQX/ryinqUQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2023-05-17T00:35:45Z"
|
lastmodified: "2023-05-22T00:23:32Z"
|
||||||
mac: ENC[AES256_GCM,data:VOi7ctCMC2UbjT227Zocy+wfJ3MtaYiPuFWyILHcOD/ugsqZhXPSHHG9WMpZNPlm3ykHHuHqIwQen4VuaowdtWmNtoAiHAPUBOGdiA0xnmww35YRa2Lwy16l8cHiF7ce7VnZXRQhhrX+k8IjDujOkyDL+XK0unLvM51x7XNHTnI=,iv:zX2Sldr50gcBfC2LjrNqgFQR2diVbCyhkBEz7+n2FOo=,tag:9dovVpmpXCThfxSMpf0THw==,type:str]
|
mac: ENC[AES256_GCM,data:pj7JqhGfKUaGdGEuFg0BxH1BMFzLMOKHQcFV3O36AelsJC8Wk5IKJTjrR4npGwy5BU5xkDIXh+kYAAhRd4h22ox64vNKd7wLwghu0C2dv8Wh/92bDaHoxsUsF3EvnJhnsrZqTzi0gn2f3L8USExpJD1I5Zzj2VlWzAaTE7HiS24=,iv:h/DqiM0eoNwbtk2dn+5xot0dcEXwGD+V6Mzn1Paiz6g=,tag:x1AG8y0XSeFC72+vCI0aAQ==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.3
|
version: 3.7.3
|
||||||
|
|
Loading…
Reference in a new issue