nixos/modules/services/networking/morty.nix at 21.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / networking / morty.nix
at 21.11-pre 2.4 kB view raw
 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6
 7  cfg = config.services.morty;
 8
 9in
10
11{
12
13  ###### interface
14
15  options = {
16
17    services.morty = {
18
19      enable = mkEnableOption
20        "Morty proxy server. See https://github.com/asciimoo/morty";
21
22      ipv6 = mkOption {
23        type = types.bool;
24        default = true;
25        description = "Allow IPv6 HTTP requests?";
26        defaultText = "Allow IPv6 HTTP requests.";
27      };
28
29      key = mkOption {
30        type = types.str;
31        default = "";
32        description = ''
33          HMAC url validation key (hexadecimal encoded).
34          Leave blank to disable. Without validation key, anyone can
35          submit proxy requests. Leave blank to disable.
36        '';
37        defaultText = "No HMAC url validation. Generate with echo -n somevalue | openssl dgst -sha1 -hmac somekey";
38      };
39
40      timeout = mkOption {
41        type = types.int;
42        default = 2;
43        description = "Request timeout in seconds.";
44        defaultText = "A resource now gets 2 seconds to respond.";
45      };
46
47      package = mkOption {
48        type = types.package;
49        default = pkgs.morty;
50        defaultText = "pkgs.morty";
51        description = "morty package to use.";
52      };
53
54      port = mkOption {
55        type = types.int;
56        default = 3000;
57        description = "Listing port";
58      };
59
60      listenAddress = mkOption {
61        type = types.str;
62        default = "127.0.0.1";
63        description = "The address on which the service listens";
64        defaultText = "127.0.0.1 (localhost)";
65      };
66
67    };
68
69  };
70
71  ###### Service definition
72
73  config = mkIf config.services.morty.enable {
74
75    users.users.morty =
76      { description = "Morty user";
77        createHome = true;
78        home = "/var/lib/morty";
79        isSystemUser = true;
80      };
81
82    systemd.services.morty =
83      {
84        description = "Morty sanitizing proxy server.";
85        after = [ "network.target" ];
86        wantedBy = [ "multi-user.target" ];
87        serviceConfig = {
88          User = "morty";
89          ExecStart = ''${cfg.package}/bin/morty              \
90            -listen ${cfg.listenAddress}:${toString cfg.port} \
91            ${optionalString cfg.ipv6 "-ipv6"}                \
92            ${optionalString (cfg.key != "") "-key " + cfg.key} \
93          '';
94        };
95      };
96    environment.systemPackages = [ cfg.package ];
97
98  };
99}