nixos/modules/services/web-apps/pgpkeyserver-lite.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / web-apps / pgpkeyserver-lite.nix

at 24.11-pre 1.6 kB view raw

 1{ config, lib, options, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6
 7  cfg = config.services.pgpkeyserver-lite;
 8  sksCfg = config.services.sks;
 9  sksOpt = options.services.sks;
10
11  webPkg = cfg.package;
12
13in
14
15{
16
17  options = {
18
19    services.pgpkeyserver-lite = {
20
21      enable = mkEnableOption "pgpkeyserver-lite on a nginx vHost proxying to a gpg keyserver";
22
23      package = mkPackageOption pkgs "pgpkeyserver-lite" { };
24
25      hostname = mkOption {
26        type = types.str;
27        description = ''
28          Which hostname to set the vHost to that is proxying to sks.
29        '';
30      };
31
32      hkpAddress = mkOption {
33        default = builtins.head sksCfg.hkpAddress;
34        defaultText = literalExpression "head config.${sksOpt.hkpAddress}";
35        type = types.str;
36        description = ''
37          Which IP address the sks-keyserver is listening on.
38        '';
39      };
40
41      hkpPort = mkOption {
42        default = sksCfg.hkpPort;
43        defaultText = literalExpression "config.${sksOpt.hkpPort}";
44        type = types.int;
45        description = ''
46          Which port the sks-keyserver is listening on.
47        '';
48      };
49    };
50  };
51
52  config = mkIf cfg.enable {
53
54    services.nginx.enable = true;
55
56    services.nginx.virtualHosts = let
57      hkpPort = builtins.toString cfg.hkpPort;
58    in {
59      ${cfg.hostname} = {
60        root = webPkg;
61        locations = {
62          "/pks".extraConfig = ''
63            proxy_pass         http://${cfg.hkpAddress}:${hkpPort};
64            proxy_pass_header  Server;
65            add_header         Via "1.1 ${cfg.hostname}";
66          '';
67        };
68      };
69    };
70  };
71}