{config, ...}: let secrets = config.services.secrets.secrets; ports = import ../data/ports.nix {}; in { systemd.tmpfiles.rules = [ "d /caches - storage storage" "d /caches/main_webdav_serve - storage storage" "d /caches/media_webdav_serve - storage storage" ]; services.rclone-serve = let serviceConfig = { after = ["auto-secrets.service"]; partOf = ["auto-secrets.service"]; }; in { enable = true; remotes = [ { user = "storage"; remote = "StorageBox:"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_main}" "--htpasswd=${secrets.webdav_main_htpasswd.path}" "--baseurl=/Main/" "--cache-dir=/caches/main_webdav_serve" "--vfs-cache-mode=full" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Backups/Misskey"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_misskey}" "--htpasswd=${secrets.webdav_misskey_htpasswd.path}" "--baseurl=/Misskey/" ]; inherit serviceConfig; } { user = "storage"; remote = "Media-Combine-Serve:"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_media}" "--htpasswd=${secrets.webdav_media_htpasswd.path}" "--baseurl=/Media/" "--cache-dir=/caches/media_webdav_serve" "--vfs-cache-max-age=30m" "--vfs-cache-max-size=5g" "--vfs-cache-mode=full" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Music"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_music_ro}" "--read-only" "--baseurl=/MusicRO/" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Music"; type = "http"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_http_music}" "--baseurl=/Music/" "--read-only" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Public"; type = "http"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_http_public}" "--baseurl=/Public/" "--read-only" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Backups/Restic/HetznerVM"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_hvm}" "--htpasswd=${secrets.restic_hetznervm_htpasswd.path}" "--baseurl=/HetznerVM/" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Backups/Restic/Music"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_music}" "--htpasswd=${secrets.restic_music_htpasswd.path}" "--baseurl=/Music/" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Backups/Restic/Vault"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_vault}" "--htpasswd=${secrets.restic_vault_htpasswd.path}" "--baseurl=/Vault/" ]; inherit serviceConfig; } { user = "storage"; remote = "StorageBox:Backups/Restic/Matrix"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_matrix}" "--htpasswd=${secrets.restic_matrix_htpasswd.path}" "--baseurl=/Matrix/" ]; inherit serviceConfig; } ]; }; }