pyrox.dev
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7let
8 pkg = pkgs.haste-server;
9 cfg = config.services.haste-server;
10
11 format = pkgs.formats.json { };
12in
13{
14 options.services.haste-server = {
15 enable = lib.mkEnableOption "haste-server";
16 openFirewall = lib.mkEnableOption "firewall passthrough for haste-server";
17
18 settings = lib.mkOption {
19 description = ''
20 Configuration for haste-server.
21 For documentation see [project readme](https://github.com/toptal/haste-server#settings)
22 '';
23 type = format.type;
24 };
25 };
26
27 config = lib.mkIf (cfg.enable) {
28 networking.firewall.allowedTCPPorts = lib.mkIf (cfg.openFirewall) [ cfg.settings.port ];
29
30 services.haste-server = {
31 settings = {
32 host = lib.mkDefault "::";
33 port = lib.mkDefault 7777;
34
35 keyLength = lib.mkDefault 10;
36 maxLength = lib.mkDefault 400000;
37
38 staticMaxAge = lib.mkDefault 86400;
39 recompressStaticAssets = lib.mkDefault false;
40
41 logging = lib.mkDefault [
42 {
43 level = "verbose";
44 type = "Console";
45 colorize = true;
46 }
47 ];
48
49 keyGenerator = lib.mkDefault {
50 type = "phonetic";
51 };
52
53 rateLimits = {
54 categories = {
55 normal = {
56 totalRequests = lib.mkDefault 500;
57 every = lib.mkDefault 60000;
58 };
59 };
60 };
61
62 storage = lib.mkDefault {
63 type = "file";
64 };
65
66 documents = {
67 about = lib.mkDefault "${pkg}/share/haste-server/about.md";
68 };
69 };
70 };
71
72 systemd.services.haste-server = {
73 wantedBy = [ "multi-user.target" ];
74 requires = [ "network.target" ];
75 after = [ "network.target" ];
76
77 serviceConfig = {
78 User = "haste-server";
79 DynamicUser = true;
80 StateDirectory = "haste-server";
81 WorkingDirectory = "/var/lib/haste-server";
82 ExecStart = "${pkg}/bin/haste-server ${format.generate "config.json" cfg.settings}";
83 };
84
85 path = with pkgs; [
86 pkg
87 coreutils
88 ];
89 };
90 };
91}