57 lines
1.2 KiB
Nix
57 lines
1.2 KiB
Nix
{config, ...}: let
|
|
httpIntPort = 14012;
|
|
dom = "simul.lol";
|
|
in {
|
|
sops.secrets."svc-sim-breeze-upload_key" = {
|
|
owner = "sim-breeze";
|
|
group = "sim-breeze";
|
|
};
|
|
|
|
services.nginx.virtualHosts.${dom} = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
|
|
quic = true;
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString httpIntPort}";
|
|
};
|
|
|
|
extraConfig = let
|
|
cloudflarePem = ../../../keys/cloudflare.pem;
|
|
in ''
|
|
ssl_client_certificate ${cloudflarePem};
|
|
ssl_verify_client on;
|
|
'';
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /srv/uploads-sim 0750 sim-breeze sim-breeze - -"
|
|
];
|
|
|
|
services.sim-breeze = {
|
|
enable = true;
|
|
uploadKeyFile = config.sops.secrets."svc-sim-breeze-upload_key".path;
|
|
|
|
settings = {
|
|
engine = {
|
|
base_url = "https://${dom}";
|
|
max_upload_len = 2147483648;
|
|
max_temp_lifetime = 43200;
|
|
max_strip_len = 16777216;
|
|
|
|
disk.save_path = "/srv/uploads-sim";
|
|
cache = {
|
|
max_length = 268435456;
|
|
upload_lifetime = 1800;
|
|
scan_freq = 60;
|
|
mem_capacity = 4294967296;
|
|
};
|
|
};
|
|
|
|
http.listen_on = "127.0.0.1:${toString httpIntPort}";
|
|
logger.level = "info";
|
|
};
|
|
};
|
|
}
|