forked from Fediversity/Fediversity
Nicolas “Niols” Jeannerod
d9188427ed
for the options that are ours; we want to avoid clashes if possible
79 lines
2.2 KiB
Nix
79 lines
2.2 KiB
Nix
{ lib, ... }:
|
|
|
|
let
|
|
inherit (lib) types mkOption mkEnableOption;
|
|
in
|
|
|
|
{
|
|
options.fediversity.garage = {
|
|
ensureBuckets = mkOption {
|
|
type = types.attrsOf (
|
|
types.submodule {
|
|
options = {
|
|
website = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
};
|
|
# I think setting corsRules should allow another website to show images from your bucket
|
|
corsRules = {
|
|
enable = mkEnableOption "CORS Rules";
|
|
allowedHeaders = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [ ];
|
|
};
|
|
allowedMethods = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [ ];
|
|
};
|
|
allowedOrigins = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [ ];
|
|
};
|
|
};
|
|
aliases = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [ ];
|
|
};
|
|
};
|
|
}
|
|
);
|
|
default = { };
|
|
};
|
|
|
|
ensureKeys = mkOption {
|
|
type = types.attrsOf (
|
|
types.submodule {
|
|
# TODO: these should be managed as secrets, not in the nix store
|
|
options = {
|
|
id = mkOption { type = types.str; };
|
|
secret = mkOption { type = types.str; };
|
|
# TODO: assert at least one of these is true
|
|
# NOTE: this currently needs to be done at the top level module
|
|
ensureAccess = mkOption {
|
|
type = types.attrsOf (
|
|
types.submodule {
|
|
options = {
|
|
read = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
};
|
|
write = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
};
|
|
owner = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
};
|
|
};
|
|
}
|
|
);
|
|
default = [ ];
|
|
};
|
|
};
|
|
}
|
|
);
|
|
default = { };
|
|
};
|
|
};
|
|
}
|