964799e556
* modules sks and pgpkeyserver-lite: runs the sks keyserver with optional nginx proxy for webgui. * Add calbrecht to maintainers * module sks: fix default hkpAddress value * module pgpkeyserver-lite: make hkpAddress a string type option and use (builtins.head services.sks.hkpAddress) as default value * module sks: remove leftover service dependencies
76 lines
1.6 KiB
Nix
76 lines
1.6 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.services.pgpkeyserver-lite;
|
|
sksCfg = config.services.sks;
|
|
|
|
webPkg = cfg.package;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
services.pgpkeyserver-lite = {
|
|
|
|
enable = mkEnableOption "pgpkeyserver-lite on a nginx vHost proxying to a gpg keyserver";
|
|
|
|
package = mkOption {
|
|
default = pkgs.pgpkeyserver-lite;
|
|
defaultText = "pkgs.pgpkeyserver-lite";
|
|
type = types.package;
|
|
description = "
|
|
Which webgui derivation to use.
|
|
";
|
|
};
|
|
|
|
hostname = mkOption {
|
|
type = types.str;
|
|
description = "
|
|
Which hostname to set the vHost to that is proxying to sks.
|
|
";
|
|
};
|
|
|
|
hkpAddress = mkOption {
|
|
default = builtins.head sksCfg.hkpAddress;
|
|
type = types.str;
|
|
description = "
|
|
Wich ip address the sks-keyserver is listening on.
|
|
";
|
|
};
|
|
|
|
hkpPort = mkOption {
|
|
default = sksCfg.hkpPort;
|
|
type = types.int;
|
|
description = "
|
|
Which port the sks-keyserver is listening on.
|
|
";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
services.nginx.enable = true;
|
|
|
|
services.nginx.virtualHosts = let
|
|
hkpPort = builtins.toString cfg.hkpPort;
|
|
in {
|
|
"${cfg.hostname}" = {
|
|
root = webPkg;
|
|
locations = {
|
|
"/pks".extraConfig = ''
|
|
proxy_pass http://${cfg.hkpAddress}:${hkpPort};
|
|
proxy_pass_header Server;
|
|
add_header Via "1.1 ${cfg.hostname}";
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|