pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

nix fmt with "nixfmt-rfc-style"

Browse source
This commit is contained in:
pazpi 2024-08-27 09:46:44 +02:00
parent 4a39b2cbfd
commit eb9f742b1e
26 changed files with 460 additions and 267 deletions
Download patch file Download diff file Expand all files Collapse all files

72
modules/services/rutorrent.nix
View file

@ -1,22 +1,40 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.services.rutorrent;
rutorrentPkgs = import ../packages/rutorrent.nix { inherit pkgs; inherit lib; };
rutorrentPkgs = import ../packages/rutorrent.nix {
inherit pkgs;
inherit lib;
};
rtorrentPluginDependencies = with pkgs; {
_task = [ procps ];
unpack = [ unzip unrar ];
unpack = [
unzip
unrar
];
rss = [ curl ];
mediainfo = [ mediainfo ];
spectrogram = [ sox ];
screenshots = [ ffmpeg ];
};
python = with pkgs; (python312.withPackages (p: with p; [ cloudscraper cfscrape ]));
python =
with pkgs;
(python312.withPackages (
p: with p; [
cloudscraper
cfscrape
]
));
phpPluginDependencies = with pkgs; {
_cloudflare = [ python ];
@ -77,7 +95,13 @@ in
};
poolSettings = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
type =
with types;
attrsOf (oneOf [
str
int
bool
]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
@ -118,7 +142,10 @@ in
{
assertions =
let
usedRpcPlugins = intersectLists cfg.plugins [ "httprpc" "rpc" ];
usedRpcPlugins = intersectLists cfg.plugins [
"httprpc"
"rpc"
];
in
[
{
@ -136,11 +163,17 @@ in
nginxVhostCfg = config.services.nginx.virtualHosts."${cfg.hostName}";
in
[ ]
++ (optional (cfg.nginx.exposeInsecureRPC2mount && (nginxVhostCfg.basicAuth == { } || nginxVhostCfg.basicAuthFile == null)) ''
You are using exposeInsecureRPC2mount without using basic auth on the virtual host. The exposed rpc mount allow for remote command execution.
++ (optional
(
cfg.nginx.exposeInsecureRPC2mount
&& (nginxVhostCfg.basicAuth == { } || nginxVhostCfg.basicAuthFile == null)
)
''
You are using exposeInsecureRPC2mount without using basic auth on the virtual host. The exposed rpc mount allow for remote command execution.
Please make sure it is not accessible from the outside.
'');
Please make sure it is not accessible from the outside.
''
);
systemd = {
services = {
@ -229,8 +262,11 @@ in
cp -r ${rutorrentPkgs}/php ${cfg.dataDir}/
${optionalString (cfg.plugins != [])
''cp -r ${concatMapStringsSep " " (p: "${rutorrentPkgs}/plugins/${p}") cfg.plugins} ${cfg.dataDir}/plugins/''}
${optionalString (cfg.plugins != [ ])
''cp -r ${
concatMapStringsSep " " (p: "${rutorrentPkgs}/plugins/${p}") cfg.plugins
} ${cfg.dataDir}/plugins/''
}
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}/{conf,share,logs,plugins}
chmod -R 755 ${cfg.dataDir}/{conf,share,logs,plugins}
@ -263,7 +299,10 @@ in
{
networking.firewall = {
allowedTCPPorts = [ 80 443 ];
allowedTCPPorts = [
80
443
];
};
services = {
@ -303,11 +342,12 @@ in
pool = {
user = cfg.user;
group = config.services.rtorrent.group;
settings = mapAttrs (name: mkDefault)
{
settings =
mapAttrs (name: mkDefault) {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
} // cfg.poolSettings;
}
// cfg.poolSettings;
};
in
if (envPath == "") then pool else pool // { phpEnv.PATH = envPath; };