diff options
| author | Mac Chaffee <me@macchaffee.com> | 2023-07-01 12:17:39 -0400 |
|---|---|---|
| committer | Mac Chaffee <me@macchaffee.com> | 2023-07-01 12:51:13 -0400 |
| commit | 61cb4170fdd0c0f1002fc96cb905c0e7a7b94930 (patch) | |
| tree | 379d961203bc5cd601452fcea06138df21f252be /nixos/modules/services/web-servers | |
| parent | b520edce0259644afbf6cddbaf9651e0498efc17 (diff) | |
| download | nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar.gz nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar.bz2 nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar.lz nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar.xz nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.tar.zst nixpkgs-61cb4170fdd0c0f1002fc96cb905c0e7a7b94930.zip | |
nixos/static-web-server: create module which uses upstream systemd units
This commit creates a nixos module for static-web-server. The module uses upstream systemd units to start static-web-server. It also includes options for configuring static-web-server.
Diffstat (limited to 'nixos/modules/services/web-servers')
| -rw-r--r-- | nixos/modules/services/web-servers/static-web-server.nix | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/nixos/modules/services/web-servers/static-web-server.nix b/nixos/modules/services/web-servers/static-web-server.nix new file mode 100644 index 00000000000..07187f00fec --- /dev/null +++ b/nixos/modules/services/web-servers/static-web-server.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.services.static-web-server; + toml = pkgs.formats.toml {}; + configFilePath = toml.generate "config.toml" cfg.configuration; +in { + options = { + services.static-web-server = { + enable = lib.mkEnableOption (lib.mdDoc ''Static Web Server''); + listen = lib.mkOption { + default = "[::]:8787"; + type = lib.types.str; + description = lib.mdDoc '' + The "ListenStream" used in static-web-server.socket. + This is equivalent to SWS's "host" and "port" options. + See here for specific syntax: <https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=> + ''; + }; + root = lib.mkOption { + type = lib.types.path; + description = lib.mdDoc '' + The location of files for SWS to serve. Equivalent to SWS's "root" config value. + NOTE: This folder must exist before starting SWS. + ''; + }; + configuration = lib.mkOption { + default = { }; + type = toml.type; + example = { + general = { log-level = "error"; directory-listing = true; }; + }; + description = lib.mdDoc '' + Configuration for Static Web Server. See + <https://static-web-server.net/configuration/config-file/>. + NOTE: Don't set "host", "port", or "root" here. They will be ignored. + Use the top-level "listen" and "root" options instead. + ''; + }; + }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = [ pkgs.static-web-server ]; + systemd.packages = [ pkgs.static-web-server ]; + # Have to set wantedBy since systemd.packages ignores the "Install" section + systemd.sockets.static-web-server = { + wantedBy = [ "sockets.target" ]; + # Start with empty string to reset upstream option + listenStreams = [ "" cfg.listen ]; + }; + systemd.services.static-web-server = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + # Remove upstream sample environment file; use config.toml exclusively + EnvironmentFile = [ "" ]; + ExecStart = [ "" "${pkgs.static-web-server}/bin/static-web-server --fd 0 --config-file ${configFilePath} --root ${cfg.root}" ]; + # Supplementary groups doesn't work unless we create the group ourselves + SupplementaryGroups = [ "" ]; + # If the user is serving files from their home dir, override ProtectHome to allow that + ProtectHome = if lib.hasPrefix "/home" cfg.root then "tmpfs" else "true"; + BindReadOnlyPaths = cfg.root; + }; + }; + }; + + meta.maintainers = with lib.maintainers; [ mac-chaffee ]; +} |