commit 92d64400d5625e1dcaa6706372ea5960ee3260b7 · pyrox.dev/nixpkgs

+27 -7

nixos/modules/services/networking/anubis.nix

···

       122
        
                         example = "tcp";

     

       123
        
                         type = types.str;

     

       124
        
                       };

     

       125
       -
                       SOCKET_MODE = mkDefaultOption "settings.SOCKET_MODE" {

     

       126
       -
                         default = "0770";

     

       127
       -
                         description = "The permissions on the Unix domain sockets created.";

     

       128
       -
                         example = "0700";

     

       129
       -
                         type = types.str;

     

       130
       -
                       };

     

       131
        
                       DIFFICULTY = mkDefaultOption "settings.DIFFICULTY" {

     

       132
        
                         default = 4;

     

       133
        
                         description = ''

     
···

       146
        
                         '';

     

       147
        
                         type = types.bool;

     

       148
        
                       };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       149
        
       

     

       150
        
                       # generated by default

     

       151
        
                       POLICY_FNAME = mkDefaultOption "settings.POLICY_FNAME" {

     
···

       224
        
               and socket paths.

     

       225
        
             '';

     

       226
        
             type = types.attrsOf (types.submodule (commonSubmodule false));

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       227
        
           };

     

       228
        
         };

     

       229
        
       

     
···

       309
        
           ) enabledInstances;

     

       310
        
         };

     

       311
        
       

     

       312
       -
         meta.maintainers = with lib.maintainers; [ soopyc ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       313
        
         meta.doc = ./anubis.md;

     

       314
        
       }

···

       122
        
                         example = "tcp";

     

       123
        
                         type = types.str;

     

       124
        
                       };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       125
        
                       DIFFICULTY = mkDefaultOption "settings.DIFFICULTY" {

     

       126
        
                         default = 4;

     

       127
        
                         description = ''

     
···

       140
        
                         '';

     

       141
        
                         type = types.bool;

     

       142
        
                       };

     

       143
       +
                       OG_PASSTHROUGH = mkDefaultOption "settings.OG_PASSTHROUGH" {

     

       144
       +
                         default = false;

     

       145
       +
                         description = ''

     

       146
       +
                           Whether to enable Open Graph tag passthrough.

     

       147
       +
       

     

       148
       +
                           This enables social previews of resources protected by

     

       149
       +
                           Anubis without having to exempt each scraper individually.

     

       150
       +
                         '';

     

       151
       +
                         type = types.bool;

     

       152
       +
                       };

     

       153
       +
                       WEBMASTER_EMAIL = mkDefaultOption "settings.WEBMASTER_EMAIL" {

     

       154
       +
                         default = null;

     

       155
       +
                         description = ''

     

       156
       +
                           If set, shows a contact email address when rendering error pages.

     

       157
       +
       

     

       158
       +
                           This email address will be how users can get in contact with administrators.

     

       159
       +
                         '';

     

       160
       +
                         example = "alice@example.com";

     

       161
       +
                         type = types.nullOr types.str;

     

       162
       +
                       };

     

       163
        
       

     

       164
        
                       # generated by default

     

       165
        
                       POLICY_FNAME = mkDefaultOption "settings.POLICY_FNAME" {

     
···

       238
        
               and socket paths.

     

       239
        
             '';

     

       240
        
             type = types.attrsOf (types.submodule (commonSubmodule false));

     

       241
       +
       

     

       242
       +
             # Merge defaultOptions into each instance

     

       243
       +
             apply = lib.mapAttrs (_: lib.recursiveUpdate cfg.defaultOptions);

     

       244
        
           };

     

       245
        
         };

     

       246
        
       

     
···

       326
        
           ) enabledInstances;

     

       327
        
         };

     

       328
        
       

     

       329
       +
         meta.maintainers = with lib.maintainers; [

     

       330
       +
           soopyc

     

       331
       +
           nullcube

     

       332
       +
         ];

     

       333
        
         meta.doc = ./anubis.md;

     

       334
        
       }

+41 -16

nixos/tests/anubis.nix

···

       1
        
       { lib, ... }:

     

       2
        
       {

     

       3
        
         name = "anubis";

     

       4
       -
         meta.maintainers = [ lib.maintainers.soopyc ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       5
        
       

     

       6
        
         nodes.machine =

     

       7
        
           {

     
···

       10
        
             ...

     

       11
        
           }:

     

       12
        
           {

     

       13
       -
             services.anubis.instances = {

     

       14
       -
               "".settings.TARGET = "http://localhost:8080";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       15
        
       

     

       16
       -
               "tcp" = {

     

       17
       -
                 user = "anubis-tcp";

     

       18
       -
                 group = "anubis-tcp";

     

       19
       -
                 settings = {

     

       20
       -
                   TARGET = "http://localhost:8080";

     

       21
       -
                   BIND = ":9000";

     

       22
       -
                   BIND_NETWORK = "tcp";

     

       23
       -
                   METRICS_BIND = ":9001";

     

       24
       -
                   METRICS_BIND_NETWORK = "tcp";

     

       0
        
       
     

       25
        
                 };

     

       26
       -
               };

     

       27
        
       

     

       28
       -
               "unix-upstream" = {

     

       29
       -
                 group = "nginx";

     

       30
       -
                 settings.TARGET = "unix:///run/nginx/nginx.sock";

     

       0
        
       
     

       31
        
               };

     

       32
        
             };

     

       33
        
       

     
···

       94
        
       

     

       95
        
           # Upstream is a unix socket mode

     

       96
        
           machine.succeed('curl -f http://unix.localhost/index.html | grep "it works"')

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       97
        
         '';

     

       98
        
       }

···

       1
        
       { lib, ... }:

     

       2
        
       {

     

       3
        
         name = "anubis";

     

       4
       +
         meta.maintainers = with lib.maintainers; [

     

       5
       +
           soopyc

     

       6
       +
           nullcube

     

       7
       +
         ];

     

       8
        
       

     

       9
        
         nodes.machine =

     

       10
        
           {

     
···

       13
        
             ...

     

       14
        
           }:

     

       15
        
           {

     

       16
       +
             services.anubis = {

     

       17
       +
               defaultOptions.settings = {

     

       18
       +
                 DIFFICULTY = 3;

     

       19
       +
                 USER_DEFINED_DEFAULT = true;

     

       20
       +
               };

     

       21
       +
               instances = {

     

       22
       +
                 "".settings = {

     

       23
       +
                   TARGET = "http://localhost:8080";

     

       24
       +
                   DIFFICULTY = 5;

     

       25
       +
                   USER_DEFINED_INSTANCE = true;

     

       26
       +
                 };

     

       27
        
       

     

       28
       +
                 "tcp" = {

     

       29
       +
                   user = "anubis-tcp";

     

       30
       +
                   group = "anubis-tcp";

     

       31
       +
                   settings = {

     

       32
       +
                     TARGET = "http://localhost:8080";

     

       33
       +
                     BIND = ":9000";

     

       34
       +
                     BIND_NETWORK = "tcp";

     

       35
       +
                     METRICS_BIND = ":9001";

     

       36
       +
                     METRICS_BIND_NETWORK = "tcp";

     

       37
       +
                   };

     

       38
        
                 };

     

       0
        
       
     

       39
        
       

     

       40
       +
                 "unix-upstream" = {

     

       41
       +
                   group = "nginx";

     

       42
       +
                   settings.TARGET = "unix:///run/nginx/nginx.sock";

     

       43
       +
                 };

     

       44
        
               };

     

       45
        
             };

     

       46
        
       

     
···

       107
        
       

     

       108
        
           # Upstream is a unix socket mode

     

       109
        
           machine.succeed('curl -f http://unix.localhost/index.html | grep "it works"')

     

       110
       +
       

     

       111
       +
           # Default user-defined environment variables

     

       112
       +
           machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_DEFAULT"')

     

       113
       +
           machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_DEFAULT"')

     

       114
       +
       

     

       115
       +
           # Instance-specific user-specified environment variables

     

       116
       +
           machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_INSTANCE"')

     

       117
       +
           machine.fail('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_INSTANCE"')

     

       118
       +
       

     

       119
       +
           # Make sure defaults don't overwrite themselves

     

       120
       +
           machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "DIFFICULTY=5"')

     

       121
       +
           machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "DIFFICULTY=3"')

     

       122
        
         '';

     

       123
        
       }