mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 07:28:56 +08:00
47 lines
1.6 KiB
Nix
47 lines
1.6 KiB
Nix
inputs:
|
|
{
|
|
options.nixos.services.httpapi = let inherit (inputs.lib) mkOption types; in
|
|
{
|
|
enable = mkOption { type = types.bool; default = false; };
|
|
hostname = mkOption { type = types.nonEmptyStr; default = "api.chn.moe"; };
|
|
};
|
|
config =
|
|
let
|
|
inherit (inputs.config.nixos.services) httpapi;
|
|
inherit (inputs.lib) mkIf;
|
|
inherit (builtins) toString map;
|
|
in mkIf httpapi.enable
|
|
{
|
|
nixos.services =
|
|
{
|
|
phpfpm.instances.httpapi = {};
|
|
nginx.https.${httpapi.hostname}.location =
|
|
{
|
|
"/files".static.root = "/srv/api";
|
|
"/led".static = { root = "/srv/api"; detectAuth.users = [ "led" ]; };
|
|
"/notify.php".php =
|
|
{
|
|
root = builtins.dirOf inputs.config.sops.templates."httpapi/notify.php".path;
|
|
fastcgiPass = inputs.config.nixos.services.phpfpm.instances.httpapi.fastcgi;
|
|
};
|
|
};
|
|
};
|
|
sops =
|
|
{
|
|
templates."httpapi/notify.php" =
|
|
{
|
|
owner = inputs.config.users.users.httpapi.name;
|
|
group = inputs.config.users.users.httpapi.group;
|
|
content =
|
|
let
|
|
placeholder = inputs.config.sops.placeholder;
|
|
request = "https://api.telegram.org/bot${placeholder."telegram/token"}"
|
|
+ "/sendMessage?chat_id=${placeholder."telegram/chat"}&text=";
|
|
in ''<?php print file_get_contents("${request}".urlencode($_GET["message"])); ?>'';
|
|
};
|
|
secrets = { "telegram/token" = {}; "telegram/chat" = {}; };
|
|
};
|
|
systemd.tmpfiles.rules = [ "d /srv/api 0700 nginx nginx" "Z /srv/api - nginx nginx" ];
|
|
};
|
|
}
|