nixpkgs/nixos/modules/services/networking/tinyproxy.nix

{
  config,
  lib,
  pkgs,
  ...
}:

with lib;

let
  cfg = config.services.tinyproxy;
  mkValueStringTinyproxy =
    with lib;
    v:
    if true == v then
      "yes"
    else if false == v then
      "no"
    else if types.path.check v then
      ''"${v}"''
    else
      generators.mkValueStringDefault { } v;
  mkKeyValueTinyproxy =
    {
      mkValueString ? mkValueStringDefault { },
    }:
    sep: k: v:
    if null == v then "" else "${lib.strings.escape [ sep ] k}${sep}${mkValueString v}";

  settingsFormat = (
    pkgs.formats.keyValue {
      mkKeyValue = mkKeyValueTinyproxy {
        mkValueString = mkValueStringTinyproxy;
      } " ";
      listsAsDuplicateKeys = true;
    }
  );
  configFile = settingsFormat.generate "tinyproxy.conf" cfg.settings;

in
{

  options = {
    services.tinyproxy = {
      enable = mkEnableOption "Tinyproxy daemon";
      package = mkPackageOption pkgs "tinyproxy" { };
      settings = mkOption {
        description = "Configuration for [tinyproxy](https://tinyproxy.github.io/).";
        default = { };
        example = literalExpression ''
          {
            Port 8888;
            Listen 127.0.0.1;
            Timeout 600;
            Allow 127.0.0.1;
            Anonymous = ['"Host"' '"Authorization"'];
            ReversePath = '"/example/" "http://www.example.com/"';
          }
        '';
        type = types.submodule (
          { name, ... }:
          {
            freeformType = settingsFormat.type;
            options = {
              Listen = mkOption {
                type = types.str;
                default = "127.0.0.1";
                description = ''
                  Specify which address to listen to.
                '';
              };
              Port = mkOption {
                type = types.int;
                default = 8888;
                description = ''
                  Specify which port to listen to.
                '';
              };
              Anonymous = mkOption {
                type = types.listOf types.str;
                default = [ ];
                description = ''
                  If an `Anonymous` keyword is present, then anonymous proxying is enabled. The headers listed with `Anonymous` are allowed through, while all others are denied. If no Anonymous keyword is present, then all headers are allowed through. You must include quotes around the headers.
                '';
              };
              Filter = mkOption {
                type = types.nullOr types.path;
                default = null;
                description = ''
                  Tinyproxy supports filtering of web sites based on URLs or domains. This option specifies the location of the file containing the filter rules, one rule per line.
                '';
              };
            };
          }
        );
      };
    };
  };
  config = mkIf cfg.enable {
    systemd.services.tinyproxy = {
      description = "TinyProxy daemon";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        User = "tinyproxy";
        Group = "tinyproxy";
        Type = "simple";
        ExecStart = "${getExe cfg.package} -d -c ${configFile}";
        ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
        KillSignal = "SIGINT";
        TimeoutStopSec = "30s";
        Restart = "on-failure";
      };
    };

    users.users.tinyproxy = {
      group = "tinyproxy";
      isSystemUser = true;
    };
    users.groups.tinyproxy = { };
  };
  meta.maintainers = with maintainers; [ tcheronneau ];
}
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`

			`with lib;`

			`let`
			`cfg = config.services.tinyproxy;`
			`mkValueStringTinyproxy =`
			`with lib;`
			`v:`
			`if true == v then`
			`"yes"`
			`else if false == v then`
			`"no"`
nixos/tinyproxy: add quotes around the filter path Using already existing function 2024-02-15 13:22:16 +01:00			`else if types.path.check v then`
			`''"${v}"''`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`else`
			`generators.mkValueStringDefault { } v;`
			`mkKeyValueTinyproxy =`
			`{`
			`mkValueString ? mkValueStringDefault { },`
			`}:`
			`sep: k: v:`
			`if null == v then "" else "${lib.strings.escape [ sep ] k}${sep}${mkValueString v}";`

			`settingsFormat = (`
			`pkgs.formats.keyValue {`
			`mkKeyValue = mkKeyValueTinyproxy {`
			`mkValueString = mkValueStringTinyproxy;`
			`} " ";`
			`listsAsDuplicateKeys = true;`
			`}`
			`);`
			`configFile = settingsFormat.generate "tinyproxy.conf" cfg.settings;`

			`in`
			`{`

			`options = {`
			`services.tinyproxy = {`
			`enable = mkEnableOption "Tinyproxy daemon";`
treewide: replace `mkPackageOptionMD` with `mkPackageOption` 2023-11-30 19:03:14 +01:00			`package = mkPackageOption pkgs "tinyproxy" { };`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`settings = mkOption {`
			`description = "Configuration for [tinyproxy](https://tinyproxy.github.io/).";`
			`default = { };`
treewide: Fix incorrect string indentations 2024-12-23 21:59:12 +01:00			`example = literalExpression ''`
			`{`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`Port 8888;`
			`Listen 127.0.0.1;`
			`Timeout 600;`
			`Allow 127.0.0.1;`
			`Anonymous = ['"Host"' '"Authorization"'];`
			`ReversePath = '"/example/" "http://www.example.com/"';`
treewide: Fix incorrect string indentations 2024-12-23 21:59:12 +01:00			`}`
			`'';`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`type = types.submodule (`
			`{ name, ... }:`
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting. 2025-04-01 20:10:43 +02:00			`{`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`freeformType = settingsFormat.type;`
			`options = {`
			`Listen = mkOption {`
			`type = types.str;`
			`default = "127.0.0.1";`
			`description = ''`
			`Specify which address to listen to.`
			`'';`
			`};`
			`Port = mkOption {`
			`type = types.int;`
			`default = 8888;`
			`description = ''`
			`Specify which port to listen to.`
			`'';`
			`};`
			`Anonymous = mkOption {`
			`type = types.listOf types.str;`
			`default = [ ];`
			`description = ''`
			If an `Anonymous` keyword is present, then anonymous proxying is enabled. The headers listed with `Anonymous` are allowed through, while all others are denied. If no Anonymous keyword is present, then all headers are allowed through. You must include quotes around the headers.
			`'';`
			`};`
			`Filter = mkOption {`
			`type = types.nullOr types.path;`
			`default = null;`
			`description = ''`
			`Tinyproxy supports filtering of web sites based on URLs or domains. This option specifies the location of the file containing the filter rules, one rule per line.`
			`'';`
treewide: Format all Nix files Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](https://github.com/NixOS/nixpkgs/tree/8616af08d915377bd930395f3b700a0e93d08728/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting. 2025-04-01 20:10:43 +02:00			`};`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`};`
			`}`
			`);`
			`};`
			`};`
			`};`
			`config = mkIf cfg.enable {`
			`systemd.services.tinyproxy = {`
			`description = "TinyProxy daemon";`
			`after = [ "network.target" ];`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
			`User = "tinyproxy";`
			`Group = "tinyproxy";`
			`Type = "simple";`
nixos/tinyproxy: fix services.tinyproxy.package 2023-12-13 11:50:27 +01:00			`ExecStart = "${getExe cfg.package} -d -c ${configFile}";`
nixos.tinyproxy: init 2023-05-05 21:00:50 +02:00			`ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";`
			`KillSignal = "SIGINT";`
			`TimeoutStopSec = "30s";`
			`Restart = "on-failure";`
			`};`
			`};`

			`users.users.tinyproxy = {`
			`group = "tinyproxy";`
			`isSystemUser = true;`
			`};`
			`users.groups.tinyproxy = { };`
			`};`
			`meta.maintainers = with maintainers; [ tcheronneau ];`
			`}`