nixos/modules/services/web-apps/pgpkeyserver-lite.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / web-apps / pgpkeyserver-lite.nix

at 17.09-beta 1.6 kB view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6
 7  cfg = config.services.pgpkeyserver-lite;
 8  sksCfg = config.services.sks;
 9
10  webPkg = cfg.package;
11
12in
13
14{
15
16  options = {
17
18    services.pgpkeyserver-lite = {
19
20      enable = mkEnableOption "pgpkeyserver-lite on a nginx vHost proxying to a gpg keyserver";
21
22      package = mkOption {
23        default = pkgs.pgpkeyserver-lite;
24        defaultText = "pkgs.pgpkeyserver-lite";
25        type = types.package;
26        description = "
27          Which webgui derivation to use.
28        ";
29      };
30
31      hostname = mkOption {
32        type = types.str;
33        description = "
34          Which hostname to set the vHost to that is proxying to sks.
35        ";
36      };     
37
38      hkpAddress = mkOption {
39        default = builtins.head sksCfg.hkpAddress;
40        type = types.str;
41        description = "
42          Wich ip address the sks-keyserver is listening on.
43        ";
44      };
45
46      hkpPort = mkOption {
47        default = sksCfg.hkpPort;
48        type = types.int;
49        description = "
50          Which port the sks-keyserver is listening on.
51        ";
52      };
53    };
54  };
55
56  config = mkIf cfg.enable {
57
58    services.nginx.enable = true;
59
60    services.nginx.virtualHosts = let
61      hkpPort = builtins.toString cfg.hkpPort;
62    in {
63      "${cfg.hostname}" = {
64        root = webPkg;
65        locations = {
66          "/pks".extraConfig = ''
67            proxy_pass         http://${cfg.hkpAddress}:${hkpPort};
68            proxy_pass_header  Server;
69            add_header         Via "1.1 ${cfg.hostname}";
70          '';
71        };
72      };
73    };
74  };
75}