lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions
nixfiles/modules/server/agraf/default.nix
Lyes Saadi 9b595c7f13
Adding agraf
2026-01-18 12:49:32 +01:00

172 lines
4.3 KiB
Nix
Raw Blame History

{ config, copyparty, ... }:
{
services.copyparty = {
enable = true;
package = copyparty.packages."x86_64-linux".copyparty.override {
withBasicAudioMetadata = true;
withFTPS = true;
};
# package = pkgs.copyparty-most;
user = "copyparty";
group = "copyparty";
# Order by order of appearence in help text:
# https://ocv.me/copyparty/helptext.html
settings = {
# General options
ed = true; # See hidden files (starting with a dot)
name = "zora"; # Server name
name-url = "https://files.lyes.eu"; # Server URL
j = 4; # Max jobs (CPU usage)
# Network options
i = "127.0.0.1"; # Bind IP address
p = "44305"; # Listening port
rproxy = -1;
xff-src = "lan"; # List of trusted reverse-proxy
# IdP options
# idp-h-usr = "x-username";
# idp-h-grp = "x-groups";
# TODO: check for LDAP integration in copyparty
# Share options
shr = "/share"; # Path where will be available
# Upload options
dotpart = true; # Puts incomplete uploads in dotfiles
dedup = true; # Symlink duplicate files
safe-dedup = 50; # Verify file contents have not been altered for dedups
hardlink = true; # Use hardlink for dedup when possible
# General DB options
e2d = true; # up2k DB (file search, upload-undo, better dedup)
e2dsa = true; # Scan all folders on startup
# Metadata DB options
e2t = true; # Metadata indexing
e2ts = true; # Scan new files for metadata on startup
no-mtag-ff = true; # Nevert use FFprobe
# Transcoding options
q-opus = 320; # Target bitrate for transcoding to OPUS
q-mp3 = "320k"; # Target bitrate for transcoding to MP3
allow-wav = true; # Allow transcoding to WAV
allow-flac = true; # Allow transcoding to FLAC
# FTP options
ftps = 3990; # Enable FTPS on PORT
ftp-no-ow = false; # Reject upload if overwrite
# WebDAV options
daw = true;
# dav-inf = true;
dav-auth = true;
# OPDS options
opds = true; # Allow e-book readers to browse and download files
# Safety options
ls = "**,*,ln,p,r"; # Sanity check on startup
xvol = true; # Never follow symlink leaving the volume root
force-js = true; # Slight protection against web crawlers ignoring robots.txt
no-robots = true; # Set a robot.txt rejecting everything
dont-ban = "auth";
# Grafana / Prometheus metrics endpoint
# stats = true; # Enable openmetrics
# UI options
localtime = true; # Use local timezone
lang = "fra"; # UI language
theme = 2;
# Logging options
ansi = true; # Force colors
};
# globalExtraConfig = "-lo=cpp-%Y-%m%d-%H%M%S.txt.xz";
accounts = {
root.passwordFile = config.age.secrets.agraf-root-pass.path;
lyes.passwordFile = config.age.secrets.agraf-lyes-pass.path;
};
groups = {
su = [ "root" ];
};
volumes =
let
root = "/var/data/files";
in
{
"/u/\${u}" = {
path = "${root}/u/\${u}";
access = {
"rwmd." = [ "\${u}" ];
};
};
"/u/\${u}/public" = {
path = "${root}/u/\${u}/public";
access = {
r = [ "*" ];
"rwmd." = [ "\${u}" ];
};
};
"/u/\${u}/depot" = {
path = "${root}/u/\${u}/depot";
access = {
w = [ "*" ];
"rwmd." = [ "\${u}" ];
};
};
"/~\${u}" = {
path = "${root}/u/\${u}/web";
access = {
h = [ "*" ];
"rwmd." = [ "\${u}" ];
};
};
"/" = {
path = "${root}";
access = {
A = [ "@su" ];
"rwmd." = [ "@acct" ];
};
};
"/public" = {
path = "${root}/public";
access = {
A = [ "@su" ];
"rwmd." = [ "@acct" ];
r = [ "*" ];
};
};
};
openFilesLimit = 65536;
};
age.secrets = {
agraf-root-pass = {
file = ../../../secrets/zora/services/agraf-root-pass.age;
owner = "copyparty";
};
agraf-lyes-pass = {
file = ../../../secrets/zora/services/agraf-lyes-pass.age;
owner = "copyparty";
};
};
}
Reference in a new issue View git blame Copy permalink