mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-11-10 09:43:30 +01:00
121 lines
3.6 KiB
Nix
121 lines
3.6 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.tinyproxy;
|
|
mkValueStringTinyproxy =
|
|
v:
|
|
if true == v then
|
|
"yes"
|
|
else if false == v then
|
|
"no"
|
|
else if lib.types.path.check v then
|
|
''"${v}"''
|
|
else
|
|
lib.generators.mkValueStringDefault { } v;
|
|
mkKeyValueTinyproxy =
|
|
{
|
|
mkValueString ? lib.mkValueStringDefault { },
|
|
}:
|
|
sep: k: v:
|
|
if null == v then "" else "${lib.strings.escape [ sep ] k}${sep}${mkValueString v}";
|
|
|
|
settingsFormat = (
|
|
pkgs.formats.keyValue {
|
|
mkKeyValue = mkKeyValueTinyproxy {
|
|
mkValueString = mkValueStringTinyproxy;
|
|
} " ";
|
|
listsAsDuplicateKeys = true;
|
|
}
|
|
);
|
|
configFile = settingsFormat.generate "tinyproxy.conf" cfg.settings;
|
|
|
|
in
|
|
{
|
|
|
|
options = {
|
|
services.tinyproxy = {
|
|
enable = lib.mkEnableOption "Tinyproxy daemon";
|
|
package = lib.mkPackageOption pkgs "tinyproxy" { };
|
|
settings = lib.mkOption {
|
|
description = "Configuration for [tinyproxy](https://tinyproxy.github.io/).";
|
|
default = { };
|
|
example = lib.literalExpression ''
|
|
{
|
|
Port 8888;
|
|
Listen 127.0.0.1;
|
|
Timeout 600;
|
|
Allow 127.0.0.1;
|
|
Anonymous = ['"Host"' '"Authorization"'];
|
|
ReversePath = '"/example/" "http://www.example.com/"';
|
|
}
|
|
'';
|
|
type = lib.types.submodule (
|
|
{ name, ... }:
|
|
{
|
|
freeformType = settingsFormat.type;
|
|
options = {
|
|
Listen = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.str;
|
|
default = "127.0.0.1";
|
|
description = ''
|
|
Specify which address to listen to.
|
|
'';
|
|
};
|
|
Port = lib.mkOption {
|
|
type = lib.types.port;
|
|
default = 8888;
|
|
description = ''
|
|
Specify which port to listen to.
|
|
'';
|
|
};
|
|
Anonymous = lib.mkOption {
|
|
type = lib.types.listOf lib.types.str;
|
|
default = [ ];
|
|
description = ''
|
|
If an `Anonymous` keyword is present, then anonymous proxying is enabled. The headers listed with `Anonymous` are allowed through, while all others are denied. If no Anonymous keyword is present, then all headers are allowed through. You must include quotes around the headers.
|
|
'';
|
|
};
|
|
Filter = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.path;
|
|
default = null;
|
|
description = ''
|
|
Tinyproxy supports filtering of web sites based on URLs or domains. This option specifies the location of the file containing the filter rules, one rule per line.
|
|
'';
|
|
};
|
|
};
|
|
}
|
|
);
|
|
};
|
|
};
|
|
};
|
|
config = lib.mkIf cfg.enable {
|
|
systemd.services.tinyproxy = {
|
|
description = "TinyProxy daemon";
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig = {
|
|
User = "tinyproxy";
|
|
Group = "tinyproxy";
|
|
Type = "simple";
|
|
ExecStart = "${lib.getExe cfg.package} -d -c ${configFile}";
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
|
|
KillSignal = "SIGINT";
|
|
TimeoutStopSec = "30s";
|
|
Restart = "on-failure";
|
|
};
|
|
};
|
|
|
|
users.users.tinyproxy = {
|
|
group = "tinyproxy";
|
|
isSystemUser = true;
|
|
};
|
|
users.groups.tinyproxy = { };
|
|
};
|
|
meta.maintainers = with lib.maintainers; [ tcheronneau ];
|
|
}
|