From 25c4e79ccc2ae89bddaa6bf5c65f13ac205a393f Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Sun, 25 Aug 2024 21:56:28 +0000 Subject: [PATCH] add filebrowser app as nextcloud alternative --- flake.nix | 1 + hosts/swan/default.nix | 1 + modules/common/default.nix | 4 ++ modules/nixos/services/default.nix | 1 + modules/nixos/services/filebrowser.nix | 74 ++++++++++++++++++++++++++ 5 files changed, 81 insertions(+) create mode 100644 modules/nixos/services/filebrowser.nix diff --git a/flake.nix b/flake.nix index 9ee0a83..97543e7 100644 --- a/flake.nix +++ b/flake.nix @@ -240,6 +240,7 @@ mail.smtpHost = "smtp.purelymail.com"; dotfilesRepo = "https://github.com/nmasur/dotfiles"; hostnames = { + files = "files.${baseName}"; git = "git.${baseName}"; influxdb = "influxdb.${baseName}"; irc = "irc.${baseName}"; diff --git a/hosts/swan/default.nix b/hosts/swan/default.nix index b8ed66a..f911f1c 100644 --- a/hosts/swan/default.nix +++ b/hosts/swan/default.nix @@ -97,6 +97,7 @@ inputs.nixpkgs.lib.nixosSystem rec { cloudflare.enable = true; dotfiles.enable = true; arrs.enable = true; + filebrowser.enable = true; services.bind.enable = true; services.caddy.enable = true; services.jellyfin.enable = true; diff --git a/modules/common/default.nix b/modules/common/default.nix index 1ba293a..c1c91dd 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -77,6 +77,10 @@ default = [ ]; }; hostnames = { + files = lib.mkOption { + type = lib.types.str; + description = "Hostname for files server (Filebrowser)."; + }; git = lib.mkOption { type = lib.types.str; description = "Hostname for git server (Gitea)."; diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index b59a537..7173ad8 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -12,6 +12,7 @@ ./calibre.nix ./cloudflare-tunnel.nix ./cloudflare.nix + ./filebrowser.nix ./identity.nix ./irc.nix ./gitea-runner.nix diff --git a/modules/nixos/services/filebrowser.nix b/modules/nixos/services/filebrowser.nix new file mode 100644 index 0000000..c02a2cc --- /dev/null +++ b/modules/nixos/services/filebrowser.nix @@ -0,0 +1,74 @@ +{ + config, + pkgs, + lib, + ... +}: +let + user = + if config.services.nextcloud.enable then + config.services.phpfpm.pools.nextcloud.user + else + "filebrowser"; + + dataDir = "/var/lib/filebrowser"; + + settings = { + port = 8020; + baseURL = ""; + address = ""; + log = "stdout"; + database = "${dataDir}/filebrowser.db"; + root = ""; + "auth.method" = "json"; + username = config.user; + # Generate password: htpasswd -nBC 10 "" | tr -d ':\n' + password = "$2y$10$ze1cMob0k6pnXRjLowYfZOVZWg4G.dsPtH3TohbUeEbI0sdkG9.za"; + }; + +in +{ + + options.filebrowser.enable = lib.mkEnableOption "Use Filebrowser."; + + config = lib.mkIf config.filebrowser.enable { + + environment.etc."filebrowser/.filebrowser.json".text = builtins.toJSON settings; + + systemd.services.filebrowser = lib.mkIf config.filebrowser.enable { + description = "Filebrowser cloud file services"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + startLimitIntervalSec = 14400; + startLimitBurst = 10; + serviceConfig = { + ExecStart = "${pkgs.filebrowser}/bin/filebrowser"; + DynamicUser = !config.services.nextcloud.enable; # Unique user if not using Nextcloud + User = user; + Group = user; + ReadWritePaths = [ dataDir ]; + StateDirectory = [ "filebrowser" ]; + Restart = "on-failure"; + RestartPreventExitStatus = 1; + RestartSec = "5s"; + }; + }; + + caddy.routes = [ + { + match = [ { host = [ config.hostnames.files ]; } ]; + handle = [ + { + handler = "reverse_proxy"; + upstreams = [ { dial = "localhost:${builtins.toString settings.port}"; } ]; + } + ]; + } + ]; + + # Configure Cloudflare DNS to point to this machine + services.cloudflare-dyndns.domains = [ config.hostnames.files ]; + + }; + +}