aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/apps/sproxy2.nix43
-rw-r--r--modules/pkgs/sproxy2/main.nix6
2 files changed, 37 insertions, 12 deletions
diff --git a/modules/apps/sproxy2.nix b/modules/apps/sproxy2.nix
index da4f0e8..c084ac6 100644
--- a/modules/apps/sproxy2.nix
+++ b/modules/apps/sproxy2.nix
@@ -7,17 +7,24 @@ let
concatMapStringsSep concatStringsSep filterAttrs imap
mapAttrsToList mkEnableOption mkIf mkOption optionalString ;
inherit (lib.types)
- attrsOf bool enum int listOf nullOr path str submodule ;
+ attrsOf bool either enum int listOf nullOr path str submodule ;
+ default = v: type: mkOption { type = type; default = v; };
explicit = filterAttrs (n: v: n != "_module" && v != null);
mandatory = t: mkOption { type = t; };
optional = t: mkOption { type = nullOr t; default = null; };
+
+ secret = either str (
+ submodule { options = { file = mandatory path; }; }
+ );
+
concatMapAttrsSep = s: f: attrs: concatStringsSep s (mapAttrsToList f attrs);
cfg = config.nixsap.apps.sproxy2;
show = v:
- if isString v then ''"${v}"''
+ if v ? file then "!include '${v.file}'"
+ else if isString v then "'${v}'"
else if isBool v then (if v then "true" else "false")
else toString v;
@@ -58,8 +65,9 @@ let
...
'';
- keys = [ cfg.ssl_key cfg.pgpassfile ]
- ++ mapAttrsToList (_: c: c.client_secret) (explicit cfg.oauth2)
+ maybeKey = a: if a ? file then a.file else null;
+ keys = [ cfg.ssl_key cfg.pgpassfile ( maybeKey cfg.key ) ]
+ ++ mapAttrsToList (_: c: maybeKey c.client_secret) (explicit cfg.oauth2)
;
oauth2 = mkOption {
@@ -70,7 +78,7 @@ let
type = attrsOf (submodule {
options = {
client_id = mandatory str;
- client_secret = mandatory path;
+ client_secret = mandatory secret;
};
});
};
@@ -123,14 +131,24 @@ in {
type = nullOr bool;
default = null;
};
+ ssl = mkOption {
+ description = "Whether SSL is enabled.";
+ type = nullOr bool;
+ default = null;
+ };
+ https_port = mkOption {
+ description = "Port used in redirect to HTTPS";
+ type = nullOr int;
+ default = null;
+ };
log_level = mkOption {
description = "Log level";
type = enum [ "error" "warn" "info" "debug" ];
default = "info";
};
key = mkOption {
- description = "File with a key used to sign cookies and state (secret)";
- type = nullOr path;
+ description = "A key used to sign cookies and state (secret)";
+ type = nullOr secret;
default = null;
};
database = mkOption {
@@ -144,13 +162,20 @@ in {
type = nullOr path;
default = null;
};
+ datafile = mkOption {
+ description = "Read permissions from this file";
+ type = nullOr path;
+ default = null;
+ };
ssl_key = mkOption {
description = "SSL key (PEM format) - secret";
- type = path;
+ type = nullOr path;
+ default = null;
};
ssl_cert = mkOption {
description = "SSL certificate (PEM format)";
- type = path;
+ type = nullOr path;
+ default = null;
};
ssl_cert_chain = mkOption {
description = "SSL certificate chain";
diff --git a/modules/pkgs/sproxy2/main.nix b/modules/pkgs/sproxy2/main.nix
index 9404d2d..18fc482 100644
--- a/modules/pkgs/sproxy2/main.nix
+++ b/modules/pkgs/sproxy2/main.nix
@@ -8,11 +8,11 @@
}:
mkDerivation {
pname = "sproxy2";
- version = "1.92.0";
+ version = "1.93.0";
src = fetchgit {
url = "https://github.com/ip1981/sproxy2.git";
- sha256 = "0hjgbzlff9ynmwh0w838ss7y0cvliv64pf3xhgxclm9dz82pscqb";
- rev = "18a47f502b5e3298cae41eab7378b2e72b4e8a4b";
+ sha256 = "0kg3904v3ij5l6qlal4yqd4412dxk73jn0gqsxdajxai6n8qmypv";
+ rev = "cfda358dfd234edf5af50fd052187ab0e464b2f5";
};
isLibrary = false;
isExecutable = true;