pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6 cfg = config.services.darkhttpd;
7
8 args = concatStringsSep " " ([
9 cfg.rootDir
10 "--port ${toString cfg.port}"
11 "--addr ${cfg.address}"
12 ] ++ cfg.extraArgs
13 ++ optional cfg.hideServerId "--no-server-id"
14 ++ optional config.networking.enableIPv6 "--ipv6");
15
16in {
17 options.services.darkhttpd = with types; {
18 enable = mkEnableOption (lib.mdDoc "DarkHTTPd web server");
19
20 port = mkOption {
21 default = 80;
22 type = types.port;
23 description = lib.mdDoc ''
24 Port to listen on.
25 Pass 0 to let the system choose any free port for you.
26 '';
27 };
28
29 address = mkOption {
30 default = "127.0.0.1";
31 type = str;
32 description = lib.mdDoc ''
33 Address to listen on.
34 Pass `all` to listen on all interfaces.
35 '';
36 };
37
38 rootDir = mkOption {
39 type = path;
40 description = lib.mdDoc ''
41 Path from which to serve files.
42 '';
43 };
44
45 hideServerId = mkOption {
46 type = bool;
47 default = true;
48 description = lib.mdDoc ''
49 Don't identify the server type in headers or directory listings.
50 '';
51 };
52
53 extraArgs = mkOption {
54 type = listOf str;
55 default = [];
56 description = lib.mdDoc ''
57 Additional configuration passed to the executable.
58 '';
59 };
60 };
61
62 config = mkIf cfg.enable {
63 systemd.services.darkhttpd = {
64 description = "Dark HTTPd";
65 wants = [ "network.target" ];
66 after = [ "network.target" ];
67 wantedBy = [ "multi-user.target" ];
68 serviceConfig = {
69 DynamicUser = true;
70 ExecStart = "${pkgs.darkhttpd}/bin/darkhttpd ${args}";
71 AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
72 Restart = "on-failure";
73 RestartSec = "2s";
74 };
75 };
76 };
77}