pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #253548 from Quantenzitrone/rimgo

rimgo: init at 1.2.0 & module

authored by

Weijia Wang and committed by
GitHub 39edffeb 4253b998

+148
+1
nixos/modules/module-list.nix
··· 1286 1286 ./services/web-apps/powerdns-admin.nix 1287 1287 ./services/web-apps/prosody-filer.nix 1288 1288 ./services/web-apps/restya-board.nix 1289 + ./services/web-apps/rimgo.nix 1289 1290 ./services/web-apps/sftpgo.nix 1290 1291 ./services/web-apps/rss-bridge.nix 1291 1292 ./services/web-apps/selfoss.nix
+107
nixos/modules/services/web-apps/rimgo.nix
··· 1 + { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: 7 + let 8 + cfg = config.services.rimgo; 9 + inherit (lib) 10 + mkOption 11 + mkEnableOption 12 + mkPackageOption 13 + mkDefault 14 + mkIf 15 + types 16 + literalExpression 17 + optionalString 18 + getExe 19 + mapAttrs 20 + ; 21 + in 22 + { 23 + options.services.rimgo = { 24 + enable = mkEnableOption "rimgo"; 25 + package = mkPackageOption pkgs "rimgo" { }; 26 + settings = mkOption { 27 + type = types.submodule { 28 + freeformType = with types; attrsOf str; 29 + options = { 30 + PORT = mkOption { 31 + type = types.port; 32 + default = 3000; 33 + example = 69420; 34 + description = "The port to use."; 35 + }; 36 + ADDRESS = mkOption { 37 + type = types.str; 38 + default = "127.0.0.1"; 39 + example = "1.1.1.1"; 40 + description = "The address to listen on."; 41 + }; 42 + }; 43 + }; 44 + example = literalExpression '' 45 + { 46 + PORT = 69420; 47 + FORCE_WEBP = "1"; 48 + } 49 + ''; 50 + description = '' 51 + Settings for rimgo, see [the official documentation](https://rimgo.codeberg.page/docs/usage/configuration/) for supported options. 52 + ''; 53 + }; 54 + }; 55 + 56 + config = mkIf cfg.enable { 57 + systemd.services.rimgo = { 58 + description = "Rimgo"; 59 + wantedBy = [ "multi-user.target" ]; 60 + after = [ "network.target" ]; 61 + environment = mapAttrs (_: toString) cfg.settings; 62 + serviceConfig = { 63 + ExecStart = getExe cfg.package; 64 + AmbientCapabilities = mkIf (cfg.settings.PORT < 1024) [ 65 + "CAP_NET_BIND_SERVICE" 66 + ]; 67 + DynamicUser = true; 68 + Restart = "on-failure"; 69 + RestartSec = "5s"; 70 + CapabilityBoundingSet = [ 71 + (optionalString (cfg.settings.PORT < 1024) "CAP_NET_BIND_SERVICE") 72 + ]; 73 + DeviceAllow = [ "" ]; 74 + LockPersonality = true; 75 + MemoryDenyWriteExecute = true; 76 + PrivateDevices = true; 77 + PrivateUsers = cfg.settings.PORT >= 1024; 78 + ProcSubset = "pid"; 79 + ProtectClock = true; 80 + ProtectControlGroups = true; 81 + ProtectHome = true; 82 + ProtectHostname = true; 83 + ProtectKernelLogs = true; 84 + ProtectKernelModules = true; 85 + ProtectKernelTunables = true; 86 + ProtectProc = "invisible"; 87 + RestrictAddressFamilies = [ 88 + "AF_INET" 89 + "AF_INET6" 90 + ]; 91 + RestrictNamespaces = true; 92 + RestrictRealtime = true; 93 + RestrictSUIDSGID = true; 94 + SystemCallArchitectures = "native"; 95 + SystemCallFilter = [ 96 + "@system-service" 97 + "~@privileged" 98 + ]; 99 + UMask = "0077"; 100 + }; 101 + }; 102 + }; 103 + 104 + meta = { 105 + maintainers = with lib.maintainers; [ quantenzitrone ]; 106 + }; 107 + }
+40
pkgs/by-name/ri/rimgo/package.nix
··· 1 + { 2 + lib, 3 + fetchFromGitea, 4 + buildGoModule, 5 + tailwindcss, 6 + }: 7 + buildGoModule rec { 8 + pname = "rimgo"; 9 + version = "1.2.0"; 10 + 11 + src = fetchFromGitea { 12 + domain = "codeberg.org"; 13 + owner = "rimgo"; 14 + repo = "rimgo"; 15 + rev = "v${version}"; 16 + hash = "sha256-C878ABs978viVtIuv3fPn2F2anOg2GB/+f5jaCO13tc="; 17 + }; 18 + 19 + vendorHash = "sha256-u5N7aI9RIQ3EmiyHv0qhMcKkvmpp+5G7xbzdQcbhybs="; 20 + 21 + nativeBuildInputs = [ tailwindcss ]; 22 + 23 + preBuild = '' 24 + tailwindcss -i static/tailwind.css -o static/app.css -m 25 + ''; 26 + 27 + ldflags = [ 28 + "-s" 29 + "-w" 30 + "-X codeberg.org/rimgo/rimgo/pages.VersionInfo=${version}" 31 + ]; 32 + 33 + meta = with lib; { 34 + description = "An alternative frontend for Imgur"; 35 + homepage = "https://codeberg.org/rimgo/rimgo"; 36 + license = licenses.agpl3Only; 37 + mainProgram = "rimgo"; 38 + maintainers = with maintainers; [ quantenzitrone ]; 39 + }; 40 + }