ryan.freumh.org / nixos
btw i use nix
fork atom
nixos / modules / rmfakecloud.nix
at 09e6e401c650dd5f4beebc2fb05f8a974ce0f19e 1.6 kB view raw
1{ 2 pkgs, 3 config, 4 lib, 5 ... 6}: 7 8with lib; 9 10let 11 cfg = config.custom.rmfakecloud; 12 domain = config.networking.domain; 13in 14{ 15 options.custom.rmfakecloud = { 16 enable = mkEnableOption "rmfakecloud"; 17 port = mkOption { 18 type = types.port; 19 default = 8082; 20 }; 21 domain = mkOption { 22 type = types.str; 23 default = "rmfakecloud.${domain}"; 24 }; 25 }; 26 27 config = lib.mkIf cfg.enable { 28 age.secrets.rmfakecloud.file = ../secrets/rmfakecloud.age; 29 services.rmfakecloud = { 30 enable = true; 31 storageUrl = "https://${cfg.domain}"; 32 port = cfg.port; 33 environmentFile = config.age.secrets.rmfakecloud.path; 34 extraSettings = { 35 RM_SMTP_SERVER = "mail.freumh.org:465"; 36 RM_SMTP_USERNAME = "misc@${domain}"; 37 RM_SMTP_FROM = "remarkable@${domain}"; 38 }; 39 }; 40 41 mailserver.loginAccounts."misc@${domain}".aliases = [ "remarkable@${domain}" ]; 42 43 security.acme-eon.nginxCerts = [ cfg.domain ]; 44 services.nginx = { 45 enable = true; 46 recommendedProxySettings = true; 47 # to allow syncing 48 # another option would just be opening a separate port for this 49 clientMaxBodySize = "100M"; 50 virtualHosts."${cfg.domain}" = { 51 forceSSL = true; 52 locations."/".proxyPass = '' 53 http://localhost:${builtins.toString cfg.port} 54 ''; 55 }; 56 }; 57 58 eilean.services.dns.zones.${config.networking.domain}.records = [ 59 { 60 name = "rmfakecloud"; 61 type = "CNAME"; 62 value = "vps"; 63 } 64 ]; 65 }; 66}