movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-10 19:55:41 +03:00
Code Issues Projects Releases Packages Wiki Activity
nixpkgs/nixos/modules/services/networking/tinyproxy.nix
Silvan Mosberger 374e6bcc40 treewide: Format all Nix files 
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:

  nix-build ci -A fmt.check

This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).

This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).

Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).

If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
2025-04-01 20:10:43 +02:00

123 lines
3.5 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.services.tinyproxy;
mkValueStringTinyproxy =
with lib;
v:
if true == v then
"yes"
else if false == v then
"no"
else if types.path.check v then
''"${v}"''
else
generators.mkValueStringDefault { } v;
mkKeyValueTinyproxy =
{
mkValueString ? mkValueStringDefault { },
}:
sep: k: v:
if null == v then "" else "${lib.strings.escape [ sep ] k}${sep}${mkValueString v}";
settingsFormat = (
pkgs.formats.keyValue {
mkKeyValue = mkKeyValueTinyproxy {
mkValueString = mkValueStringTinyproxy;
} " ";
listsAsDuplicateKeys = true;
}
);
configFile = settingsFormat.generate "tinyproxy.conf" cfg.settings;
in
{
options = {
services.tinyproxy = {
enable = mkEnableOption "Tinyproxy daemon";
package = mkPackageOption pkgs "tinyproxy" { };
settings = mkOption {
description = "Configuration for [tinyproxy](https://tinyproxy.github.io/).";
default = { };
example = literalExpression ''
{
Port 8888;
Listen 127.0.0.1;
Timeout 600;
Allow 127.0.0.1;
Anonymous = ['"Host"' '"Authorization"'];
ReversePath = '"/example/" "http://www.example.com/"';
}
'';
type = types.submodule (
{ name, ... }:
{
freeformType = settingsFormat.type;
options = {
Listen = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Specify which address to listen to.
'';
};
Port = mkOption {
type = types.int;
default = 8888;
description = ''
Specify which port to listen to.
'';
};
Anonymous = mkOption {
type = types.listOf types.str;
default = [ ];
description = ''
If an `Anonymous` keyword is present, then anonymous proxying is enabled. The headers listed with `Anonymous` are allowed through, while all others are denied. If no Anonymous keyword is present, then all headers are allowed through. You must include quotes around the headers.
'';
};
Filter = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
Tinyproxy supports filtering of web sites based on URLs or domains. This option specifies the location of the file containing the filter rules, one rule per line.
'';
};
};
}
);
};
};
};
config = mkIf cfg.enable {
systemd.services.tinyproxy = {
description = "TinyProxy daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "tinyproxy";
Group = "tinyproxy";
Type = "simple";
ExecStart = "${getExe cfg.package} -d -c ${configFile}";
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
KillSignal = "SIGINT";
TimeoutStopSec = "30s";
Restart = "on-failure";
};
};
users.users.tinyproxy = {
group = "tinyproxy";
isSystemUser = true;
};
users.groups.tinyproxy = { };
};
meta.maintainers = with maintainers; [ tcheronneau ];
}
Reference in a new issue View git blame Copy permalink