31 lines
772 B
Nix
31 lines
772 B
Nix
# SPDX-FileCopyrightText: 2021-2022 Simon Bruder <simon@sbruder.de>
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
{ config, ... }:
|
|
|
|
{
|
|
sops.secrets.media-htpasswd.owner = "nginx";
|
|
|
|
services.nginx.virtualHosts."media.sbruder.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
basicAuthFile = config.sops.secrets.media-htpasswd.path;
|
|
|
|
root = "/data/media/";
|
|
};
|
|
|
|
services.nginx-interactive-index.virtualHosts."media.sbruder.de".locations."/".enable = true;
|
|
|
|
users.users.media = {
|
|
home = "/data/media";
|
|
isSystemUser = true;
|
|
group = "media";
|
|
openssh.authorizedKeys.keys = [
|
|
"restrict,command=\"internal-sftp\" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMt91kAEA7ezIdve/64sv1kV4sd50ayzM09f5s5uOD+V"
|
|
];
|
|
};
|
|
users.groups.media = { };
|
|
}
|