From f38fd993d3327966fcfe83370ad055ec9064d9d9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= <motiejus@jakstys.lt>
Date: Sun, 17 Sep 2023 22:12:46 +0300
Subject: [PATCH] jakstpub: open up http

---
 hosts/fwminex/configuration.nix       |  18 ++--
 modules/services/jakstpub/default.nix | 131 ++++++++++++++------------
 2 files changed, 81 insertions(+), 68 deletions(-)

diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix
index a673f39..360674d 100644
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@@ -105,17 +105,17 @@ in {
 
   home-manager.users.motiejus = {pkgs, ...}: {
     programs.autorandr.profiles = {
-        laptop = {
-          fingerprint = { inherit (randr) eDP-1; };
-          config = {
-            eDP-1 = {
-              enable = true;
-              primary = true;
-              mode = "2256x1504";
-              crtc = 0;
-            };
+      laptop = {
+        fingerprint = {inherit (randr) eDP-1;};
+        config = {
+          eDP-1 = {
+            enable = true;
+            primary = true;
+            mode = "2256x1504";
+            crtc = 0;
           };
         };
+      };
 
       dualhome = {
         fingerprint = {inherit (randr) eDP-1 DP-3 DP-4;};
diff --git a/modules/services/jakstpub/default.nix b/modules/services/jakstpub/default.nix
index 417c6f5..3e2bfbe 100644
--- a/modules/services/jakstpub/default.nix
+++ b/modules/services/jakstpub/default.nix
@@ -4,7 +4,10 @@
   pkgs,
   myData,
   ...
-}: {
+}: let
+  cfg = config.mj.services.jakstpub;
+  subnets = myData.subnets;
+in {
   options.mj.services.jakstpub = with lib.types; {
     enable = lib.mkEnableOption "Enable jakstpub";
     dataDir = lib.mkOption {type = path;};
@@ -14,65 +17,75 @@
     hostname = lib.mkOption {type = str;};
   };
 
-  config = with config.mj.services.jakstpub;
-    lib.mkIf enable {
-      services.samba = {
-        # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
-        enable = true;
-        securityType = "user";
-        enableNmbd = false;
-        enableWinbindd = false;
-        extraConfig = ''
-          map to guest = Bad User
-          guest account = jakstpub
-          server role = standalone server
-        '';
-        shares = {
-          public = {
-            path = dataDir;
-            writeable = "yes";
-            public = "yes";
-            "guest ok" = "yes";
-            "read only" = "no";
-            "create mask" = "0664";
-            "directory mask" = "0775";
-            "force user" = "jakstpub";
-            "force group" = "jakstpub";
-          };
+  config = lib.mkIf cfg.enable {
+    services.caddy = {
+      enable = true;
+      virtualHosts.":80".extraConfig = ''
+        root * ${cfg.dataDir}
+        @denied not remote_ip ${subnets.vno1.cidr} ${subnets.vno3.cidr} ${subnets.tailscale.cidr}
+        file_server browse {}
+        encode gzip
+      '';
+    };
+
+    services.samba = {
+      # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
+      enable = true;
+      securityType = "user";
+      enableNmbd = false;
+      enableWinbindd = false;
+      extraConfig = ''
+        map to guest = Bad User
+        guest account = jakstpub
+        server role = standalone server
+      '';
+      shares = {
+        public = {
+          path = cfg.dataDir;
+          writeable = "yes";
+          public = "yes";
+          "guest ok" = "yes";
+          "read only" = "no";
+          "create mask" = "0664";
+          "directory mask" = "0775";
+          "force user" = "jakstpub";
+          "force group" = "jakstpub";
         };
       };
-
-      services.samba-wsdd = {
-        enable = true;
-        hostname = hostname;
-      };
-
-      users.users.jakstpub = {
-        description = "Jakstys Public";
-        home = "/var/empty";
-        useDefaultShell = true;
-        group = "jakstpub";
-        isSystemUser = true;
-        createHome = false;
-        uid = uidgid;
-      };
-
-      users.groups.jakstpub.gid = uidgid;
-
-      systemd.services.samba-smbd = {
-        unitConfig.Requires = requires;
-      };
-
-      mj.services.friendlyport.ports = [
-        {
-          subnets = with myData.subnets; [tailscale.cidr vno1.cidr vno3.cidr];
-          tcp = [
-            139 # smbd
-            445 # smbd
-            5357 # wsdd
-          ];
-          udp = [3702]; # wsdd
-        }
-      ];
     };
+
+    services.samba-wsdd = {
+      enable = true;
+      hostname = cfg.hostname;
+    };
+
+    users.users.jakstpub = {
+      description = "Jakstys Public";
+      home = "/var/empty";
+      useDefaultShell = true;
+      group = "jakstpub";
+      isSystemUser = true;
+      createHome = false;
+      uid = cfg.uidgid;
+    };
+
+    users.groups.jakstpub.gid = cfg.uidgid;
+
+    systemd.services.samba-smbd = {
+      unitConfig.Requires = cfg.requires;
+    };
+
+    mj.services.friendlyport.ports = [
+      {
+        subnets = with myData.subnets; [tailscale.cidr vno1.cidr vno3.cidr];
+        tcp = [
+          80 # caddy above
+          139 # smbd
+          445 # smbd
+          5357 # wsdd
+        ];
+        udp = [3702]; # wsdd
+      }
+    ];
+  };
 }