pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / web-apps / pgpkeyserver-lite.nix
at 23.11-pre 1.9 kB view raw
1{ config, lib, options, pkgs, ... }: 2 3with lib; 4 5let 6 7 cfg = config.services.pgpkeyserver-lite; 8 sksCfg = config.services.sks; 9 sksOpt = options.services.sks; 10 11 webPkg = cfg.package; 12 13in 14 15{ 16 17 options = { 18 19 services.pgpkeyserver-lite = { 20 21 enable = mkEnableOption (lib.mdDoc "pgpkeyserver-lite on a nginx vHost proxying to a gpg keyserver"); 22 23 package = mkOption { 24 default = pkgs.pgpkeyserver-lite; 25 defaultText = literalExpression "pkgs.pgpkeyserver-lite"; 26 type = types.package; 27 description = lib.mdDoc '' 28 Which webgui derivation to use. 29 ''; 30 }; 31 32 hostname = mkOption { 33 type = types.str; 34 description = lib.mdDoc '' 35 Which hostname to set the vHost to that is proxying to sks. 36 ''; 37 }; 38 39 hkpAddress = mkOption { 40 default = builtins.head sksCfg.hkpAddress; 41 defaultText = literalExpression "head config.${sksOpt.hkpAddress}"; 42 type = types.str; 43 description = lib.mdDoc '' 44 Which IP address the sks-keyserver is listening on. 45 ''; 46 }; 47 48 hkpPort = mkOption { 49 default = sksCfg.hkpPort; 50 defaultText = literalExpression "config.${sksOpt.hkpPort}"; 51 type = types.int; 52 description = lib.mdDoc '' 53 Which port the sks-keyserver is listening on. 54 ''; 55 }; 56 }; 57 }; 58 59 config = mkIf cfg.enable { 60 61 services.nginx.enable = true; 62 63 services.nginx.virtualHosts = let 64 hkpPort = builtins.toString cfg.hkpPort; 65 in { 66 ${cfg.hostname} = { 67 root = webPkg; 68 locations = { 69 "/pks".extraConfig = '' 70 proxy_pass http://${cfg.hkpAddress}:${hkpPort}; 71 proxy_pass_header Server; 72 add_header Via "1.1 ${cfg.hostname}"; 73 ''; 74 }; 75 }; 76 }; 77 }; 78}