2024-01-06 01:19:35 +01:00
|
|
|
# SPDX-FileCopyrightText: 2021-2022 Simon Bruder <simon@sbruder.de>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
|
2022-08-22 16:32:26 +02:00
|
|
|
{ config, ... }:
|
|
|
|
|
2021-03-05 16:12:25 +01:00
|
|
|
{
|
2022-08-22 16:32:26 +02:00
|
|
|
sops.secrets.media-htpasswd.owner = "nginx";
|
|
|
|
|
2021-03-05 16:12:25 +01:00
|
|
|
services.nginx.virtualHosts."media.sbruder.de" = {
|
2024-08-27 10:42:22 +02:00
|
|
|
enableACME = true;
|
|
|
|
forceSSL = true;
|
|
|
|
|
2022-08-22 16:32:26 +02:00
|
|
|
basicAuthFile = config.sops.secrets.media-htpasswd.path;
|
2021-03-05 16:12:25 +01:00
|
|
|
|
|
|
|
root = "/data/media/";
|
|
|
|
};
|
|
|
|
|
|
|
|
services.nginx-interactive-index.virtualHosts."media.sbruder.de".locations."/".enable = true;
|
2022-05-14 17:50:11 +02:00
|
|
|
|
|
|
|
users.users.media = {
|
|
|
|
home = "/data/media";
|
|
|
|
isSystemUser = true;
|
|
|
|
group = "media";
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
"restrict,command=\"internal-sftp\" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMt91kAEA7ezIdve/64sv1kV4sd50ayzM09f5s5uOD+V"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
users.groups.media = { };
|
2021-03-05 16:12:25 +01:00
|
|
|
}
|