{config, ...}: let secrets = config.services.secrets.secrets; ports = import ../data/ports.nix; in { systemd.tmpfiles.rules = [ "d /caches - storage storage" "d /caches/main_webdav_serve - storage storage" "d /caches/media_webdav_serve - storage storage" ]; services.rclone-serve = { enable = true; remotes = map (remote: { user = "storage"; serviceConfig = { after = ["auto-secrets.service"]; wants = ["auto-secrets.service"]; partOf = ["auto-secrets.service"]; }; } // remote) [ { id = "main"; remote = "StorageBox:"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_main}" "--htpasswd=${secrets.webdav_main_htpasswd.path}" "--baseurl=/Main/" "--cache-dir=/caches/main_webdav_serve" "--vfs-cache-mode=full" ]; } { id = "media-combine"; remote = "Media-Combine-Serve:"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_media}" "--htpasswd=${secrets.webdav_media_htpasswd.path}" "--baseurl=/Media/" "--cache-dir=/caches/media_webdav_serve" "--vfs-cache-max-age=120m" "--vfs-cache-max-size=5g" "--vfs-cache-mode=full" ]; } { id = "music-ro"; remote = "StorageBox:Music"; type = "webdav"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_webdav_music_ro}" "--read-only" "--baseurl=/MusicRO/" ]; } { id = "music-ro"; remote = "StorageBox:Music"; type = "http"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_http_music}" "--baseurl=/Music/" "--read-only" ]; } { id = "public"; remote = "StorageBox:Public"; type = "http"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_http_public}" "--baseurl=/Public/" "--read-only" ]; } { id = "restic-music"; remote = "StorageBox:Backups/Restic/Music"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_music}" "--htpasswd=${secrets.restic_music_htpasswd.path}" "--baseurl=/Music/" ]; } { id = "restic-vault"; remote = "StorageBox:Backups/Restic/Vault"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_vault}" "--htpasswd=${secrets.restic_vault_htpasswd.path}" "--baseurl=/Vault/" ]; } { id = "restic-social"; remote = "StorageBox:Backups/Restic/Social"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_social}" "--htpasswd=${secrets.restic_social_htpasswd.path}" "--baseurl=/Social/" ]; } { id = "restic-quassel"; remote = "StorageBox:Backups/Restic/Quassel"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_quassel}" "--htpasswd=${secrets.restic_quassel_htpasswd.path}" "--baseurl=/Quassel/" ]; } { id = "restic-postgresql"; remote = "StorageBox:Backups/Restic/PostgreSQL"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_postgresql}" "--htpasswd=${secrets.restic_postgresql_htpasswd.path}" "--baseurl=/PostgreSQL/" ]; } { id = "restic-mail"; remote = "StorageBox:Backups/Restic/Mail"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_mail}" "--htpasswd=${secrets.restic_mail_htpasswd.path}" "--baseurl=/Mail/" ]; } { id = "restic-forgejo"; remote = "StorageBox:Backups/Restic/Forgejo"; type = "restic"; extraArgs = [ "--addr=0.0.0.0:${toString ports.rclone_serve_restic_forgejo}" "--htpasswd=${secrets.restic_forgejo_htpasswd.path}" "--baseurl=/Forgejo/" ]; } ]; }; }