chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity
nixfiles/hosts/hetzner-vm/containers/storage/profiles/rclone-serve.nix

143 lines
4.1 KiB
Nix
Raw Blame History

{config, ...}: let
secrets = config.services.secrets.secrets;
ports = import ../data/ports.nix {};
in {
systemd.tmpfiles.rules = [
"d /caches - storage storage"
"d /caches/main_webdav_serve - storage storage"
"d /caches/media_webdav_serve - storage storage"
"d /caches/backups_misskey_webdav_serve - storage storage"
];
services.rclone-serve = let
serviceConfig = {
after = ["auto-secrets.service"];
partOf = ["auto-secrets.service"];
};
in {
enable = true;
remotes = [
{
user = "storage";
remote = "StorageBox:";
type = "webdav";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_webdav_main}"
"--htpasswd=${secrets.webdav_main_htpasswd.path}"
"--baseurl=/Main/"
"--cache-dir=/caches/main_webdav_serve"
"--vfs-cache-mode=full"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Backups/Misskey";
type = "webdav";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_webdav_misskey}"
"--htpasswd=${secrets.webdav_misskey_htpasswd.path}"
"--baseurl=/Misskey/"
"--cache-dir=/caches/backups_misskey_webdav_serve"
"--vfs-cache-max-age=30m"
"--vfs-cache-max-size=3g"
"--vfs-cache-mode=full"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "Media-Combine-Serve:";
type = "webdav";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_webdav_media}"
"--htpasswd=${secrets.webdav_media_htpasswd.path}"
"--baseurl=/Media/"
"--cache-dir=/caches/media_webdav_serve"
"--vfs-cache-max-age=30m"
"--vfs-cache-max-size=5g"
"--vfs-cache-mode=full"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Music";
type = "webdav";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_webdav_music_ro}"
"--read-only"
"--baseurl=/MusicRO/"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Music";
type = "http";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_http_music}"
"--baseurl=/Music/"
"--read-only"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Public";
type = "http";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_http_public}"
"--baseurl=/Public/"
"--read-only"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Backups/Restic/HetznerVM";
type = "restic";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_restic_hvm}"
"--htpasswd=${secrets.restic_hetznervm_htpasswd.path}"
"--baseurl=/HetznerVM/"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Backups/Restic/Music";
type = "restic";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_restic_music}"
"--htpasswd=${secrets.restic_music_htpasswd.path}"
"--baseurl=/Music/"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Backups/Restic/Vault";
type = "restic";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_restic_vault}"
"--htpasswd=${secrets.restic_vault_htpasswd.path}"
"--baseurl=/Vault/"
];
inherit serviceConfig;
}
{
user = "storage";
remote = "StorageBox:Backups/Restic/Social";
type = "restic";
extraArgs = [
"--addr=0.0.0.0:${toString ports.rclone_serve_restic_social}"
"--htpasswd=${secrets.restic_social_htpasswd.path}"
"--baseurl=/Social/"
];
inherit serviceConfig;
}
];
};
}
Reference in a new issue View git blame Copy permalink