privatebin

2021-05-30 21:30:54 -04:00 · 2021-05-30 21:30:54 -04:00 · 5f6d9e5dba
commit 5f6d9e5dba
parent 9222cf56fb
4 changed files with 107 additions and 0 deletions
--- a/common/common.nix
+++ b/common/common.nix
@ -14,6 +14,7 @@
    ./server/nginx-stream.nix
    ./server/matrix.nix
    ./server/zerobin.nix
+    ./server/privatebin.nix
    ./pc/de.nix
  ];

--- a/common/server/privatebin/conf.php
+++ b/common/server/privatebin/conf.php
@ -0,0 +1,42 @@
+;<?php http_response_code(403); /*
+[main]
+name = "Kode Paste"
+discussion = false
+opendiscussion = false
+password = true
+fileupload = false
+burnafterreadingselected = false
+defaultformatter = "plaintext"
+sizelimit = 10485760
+template = "bootstrap"
+languageselection = false
+
+[expire]
+default = "1week"
+
+[expire_options]
+5min = 300
+10min = 600
+1hour = 3600
+1day = 86400
+1week = 604800
+
+[formatter_options]
+plaintext = "Plain Text"
+syntaxhighlighting = "Source Code"
+markdown = "Markdown"
+
+[traffic]
+limit = 10
+dir = "/var/lib/privatebin"
+
+[purge]
+limit = 300
+batchsize = 10
+dir = "/var/lib/privatebin"
+
+[model]
+class = Filesystem
+
+[model_options]
+dir = "/var/lib/privatebin"
--- a/common/server/privatebin/privatebin.nix
+++ b/common/server/privatebin/privatebin.nix
@ -0,0 +1,59 @@
+{ config, pkgs, lib, ... }:
+
+let
+  cfg = config.services.privatebin;
+in {
+  options.services.privatebin = {
+    enable = lib.mkEnableOption "enable privatebin";
+    host = lib.mkOption {
+      type = lib.types.str;
+      example = "example.com";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+
+    users.users.privatebin = {
+      description = "privatebin service user";
+      group = "privatebin";
+      isSystemUser = true;
+    };
+    users.groups.privatebin = {};
+
+    services.nginx.enable = true;
+    services.nginx.virtualHosts.${cfg.host} = {
+      enableACME = true;
+      forceSSL = true;
+      locations."~ \.php$" = {
+        root = lib.mkDerivation {
+          name = "privatebin";
+          src = lib.fetchFromGitHub {
+            owner = "privatebin";
+            repo = "privatebin";
+            rev = "d65bf02d7819a530c3c2a88f6f9947651fe5258d";
+            # sha256 = "";
+          };
+          installPhase = ''
+            cp -ar $src $out
+          '';
+        };
+        extraConfig = ''
+          fastcgi_pass  unix:${config.services.phpfpm.pools.privatebin.socket};
+          fastcgi_index index.php;
+        '';
+      };
+    };
+
+    systemd.tmpfiles.rules = [
+      "d '/var/lib/privatebin' 0750 ${user} ${group} - -"
+    ];
+
+    services.phpfpm.pools.privatebin = {                                                                                                                                                                                                             
+      user = "privatebin";
+      group = "privatebin";
+      phpEnv = {
+        CONFIG_PATH = "${./conf.php}";
+      };
+    };
+  };
+}
--- a/machines/mitty/configuration.nix
+++ b/machines/mitty/configuration.nix
@ -44,6 +44,11 @@
    host = "paste.neet.cloud";
  };

+  services.privatebin = {
+    enable = true;
+    host = "kode.neet.dev";
+  };
+
  security.acme.acceptTerms = true;
  security.acme.email = "letsencrypt+5@tar.ninja";
 }