From a3e9717c91aa765a21f712a85d5e227b81203627 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 4 May 2016 15:33:15 +0200 Subject: fileBin on ymir --- custom/ymir-nginx.nix | 39 +++++++++++++++++++++++++++++++++++++++ ymir.nix | 37 +++++++++++++++++++++++++++++++++++-- 2 files changed, 74 insertions(+), 2 deletions(-) diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index a36ac79e..1a02d4c7 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix @@ -90,6 +90,45 @@ in { root /srv/www/default; } + server { + listen *:80; + listen [::]:80; + listen *:443 ssl; + listen [::]:443 ssl; + server_name ~^(.*\.)?(f|files)\.(yggdrasil\.li|141\.li|praseodym\.org)$; + + include ${favicon}; + include ${acme}; + + root /srv/www/files; + } + + server { + listen *:80; + listen *:443 ssl; + listen [::]:80; + listen [::]:443 ssl; + server_name ~^(.*\.)?git\.yggdrasil\.li$; + + root ${pkgs.cgit}/cgit; + + try_files $uri @cgit; + + include ${favicon}; + include ${acme}; + + location @cgit { + include ${uwsgi_params}; + uwsgi_pass unix:/tmp/cgit.sock; + uwsgi_modifier1 9; + } + } + ''; + }; +} + + } + server { listen *:80; listen [::]:80; diff --git a/ymir.nix b/ymir.nix index 9a9f7b38..e1b94d2a 100644 --- a/ymir.nix +++ b/ymir.nix @@ -78,6 +78,34 @@ in rec { wrapProgram $out/lib/cgit/filters/html-converters/man2html --prefix PATH ':' ${pkgs.groff}/bin ''; }); + push2bin = pkgs.writeScriptBin "push2bin" '' + #!${pkgs.zsh}/bin/zsh + + PATH=${pkgs.coreutils}/bin + + baseDir=/srv/www/files + baseUrl="https://f.141.li" + + tmpFile=$(mktemp "$baseDir/.upload.XXXXXXXXXX") + + TRAPEXIT() { [[ -n "''${tmpFile}" && -e "''${tmpFile}" ]] && rm -f "''${tmpFile}" } + + prefix=$(sha512sum "''${tmpFile}" | awk '{ print $1; }' | head -c 10) + prefix=''${prefix:l} + filename="$1" + + [[ -z "''${prefix}" ]] && exit 2; + [[ -z "''${filename}" ]] && exit 2; + [[ $(stat -c '%s' ''${tmpFile}) == "0" ]] && exit 2; + + mkdir -p "''${baseDir}/''${prefix}" + mv $tmpFile "''${baseDir}/''${prefix}/''${filename}" + + chmod 750 "''${baseDir}/''${prefix}" + chmod 640 "''${baseDir}/''${prefix}/''${filename}" + + printf "%s/%s/%s" "''${baseUrl}" "''${prefix}" "''${filename}" + ''; }; environment.systemPackages = with pkgs; [ @@ -438,7 +466,7 @@ in rec { webroot = "/srv/www/acme/yggdrasil.li"; email = "phikeebaogobaegh@141.li"; extraDomains = builtins.listToAttrs (builtins.map (name: { inherit name; value = "/srv/www/acme/${name}"; }) - ["dirty-haskell.org" "www.dirty-haskell.org" "ymir.141.li" "141.li" "www.141.li" "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org"]); + ["dirty-haskell.org" "www.dirty-haskell.org" "files.141.li" "f.141.li" "ymir.141.li" "141.li" "www.141.li" "ymir.xmpp.li" "xmpp.li" "www.xmpp.li" "files.yggdrasil.li" "f.yggdrasil.li" "ymir.yggdrasil.li" "git.yggdrasil.li" "www.yggdrasil.li" "yggdrasil.li" "files.praseodym.org" "f.praseodym.org" "ymir.praseodym.org" "praseodym.org" "www.praseodym.org"]); postRun = '' systemctl reload nginx.service prosodyctl reload @@ -460,10 +488,15 @@ in rec { Hostname odin.asgard.yggdrasil IdentityFile ~/.ssh/odin ''; - defaultCommands = ["rmail"]; + commandPath = ["${pkgs.rmail}/bin" "${pkgs.push2bin}/bin"]; + defaultCommands = ["rmail" "push2bin"]; }; services.atd = { enable = true; }; + + users.groups."filebin" = { + members = ["gkleen" "uucp"]; + }; } -- cgit v1.2.3