default.nix (5110B)
1 { 2 lib, 3 options, 4 config, 5 pkgs, 6 ... 7 }: 8 { 9 options.modules.amfora = { 10 enable = lib.mkOption { 11 description = "Whether to enable Amfora."; 12 default = false; 13 type = lib.types.bool; 14 }; 15 certificates = lib.mkOption { 16 description = "The list of client certificates configurations per host."; 17 default = [ ]; 18 type = 19 lib.types.submodule { 20 options = { 21 host = lib.mkOption { 22 description = '' 23 The domain name where the client certificate is used. 24 ''; 25 type = lib.types.uniq lib.types.str; 26 }; 27 certificate = lib.mkOption { 28 description = "The certificate file."; 29 type = lib.types.uniq lib.types.path; 30 }; 31 gpgEncryptedKey = lib.mkOption { 32 description = '' 33 The key file, GPG encryped with the primary key specified in 34 the GPG module. 35 ''; 36 type = lib.types.uniq lib.types.path; 37 }; 38 }; 39 } 40 |> lib.types.listOf; 41 }; 42 }; 43 44 config = lib.mkIf config.modules.amfora.enable { 45 home = { 46 packages = [ pkgs.amfora ]; 47 shellAliases = 48 let 49 inherit (config.modules) gpg; 50 inherit (config.modules.amfora) certificates; 51 certificatesIsEmpty = builtins.length certificates == 0; 52 in 53 lib.mkIf (gpg.enable && !certificatesIsEmpty) { 54 "amfora" = 55 let 56 decryptKeys = 57 certificates 58 |> builtins.map ( 59 { 60 host, 61 certificate, 62 gpgEncryptedKey, 63 }: 64 let 65 cacheDirectory = "${config.home.homeDirectory}/.cache"; 66 output = "${cacheDirectory}/amfora/keys/${host}"; 67 in 68 '' 69 ${pkgs.sbase}/bin/mkdir -p ${builtins.dirOf output} 70 71 ${pkgs.gnupg}/bin/gpg -r "${gpg.primaryKey.fingerprint}" \ 72 -d ${gpgEncryptedKey} > ${output} 73 '' 74 ) 75 |> builtins.concatStringsSep "\n" 76 |> pkgs.writeShellScriptBin "decrypt-keys"; 77 in 78 "${decryptKeys}/bin/decrypt-keys && ${pkgs.amfora}/bin/amfora"; 79 }; 80 file = 81 let 82 authSection = 83 let 84 certs = 85 config.modules.amfora.certificates 86 |> builtins.map ( 87 { 88 host, 89 certificate, 90 ... 91 }: 92 '' 93 "${host}" = '${certificate}' 94 '' 95 ) 96 |> builtins.concatStringsSep "\n"; 97 keys = 98 config.modules.amfora.certificates 99 |> builtins.map ( 100 { 101 host, 102 ... 103 }: 104 let 105 cacheDirectory = "${config.home.homeDirectory}/.cache"; 106 in 107 '' 108 "${host}" = '${cacheDirectory}/amfora/keys/${host}' 109 '' 110 ) 111 |> builtins.concatStringsSep "\n"; 112 in 113 if config.modules.gpg.enable then 114 '' 115 [auth] 116 [auth.certs] 117 ${certs} 118 119 [auth.keys] 120 ${keys} 121 '' 122 else 123 lib.warn '' 124 Since the GPG module was not enabled, the client certificates 125 were not enabled for Anfora. 126 '' ""; 127 in 128 { 129 ".config/amfora/config.toml".text = '' 130 ${authSection} 131 132 [a-general] 133 home = "gemini://geminiprotocol.net" 134 auto_redirect = false 135 http = [ '${pkgs.ladybird}/bin/Ladybird' ] 136 search = "gemini://tlgs.one/search" 137 color = true 138 ansi = true 139 highlight_code = true 140 highlight_style = "monokai" 141 bullets = true 142 show_link = false 143 max_width = 80 144 downloads = '${config.home.homeDirectory}/downloads' 145 page_max_size = 2097152 # 2 MiB 146 page_max_time = 10 # seconds 147 scrollbar = "auto" 148 underline = true 149 150 [keybindings] 151 bind_search = "/" 152 bind_next_match = "n" 153 bind_prev_match = "N" 154 155 [url-handlers] 156 other = 'default' 157 158 [url-prompts] 159 other = true 160 gemini = false 161 162 [cache] 163 max_size = 0 164 max_pages = 30 165 timeout = 1800 # 30 mins 166 167 [subscriptions] 168 popup = true 169 update_interval = 1800 # 30 mins 170 workers = 10 171 entries_per_page = 20 172 header = false 173 ''; 174 }; 175 }; 176 }; 177 }