modules/byparr.nix at main · encode42.dev/nixos

encode42.dev / nixos
fork atom
Personal-use NixOS configuration
fork atom
nixos / modules / byparr.nix
at main 150 lines 3.1 kB view raw
wrap content
encode42.dev Merge personal packages into this flake 17d ago
5384bd9a
  1{
  2  config,
  3  lib,
  4  pkgs,
  5  ...
  6}:
  7
  8let
  9  cfg = config.services.byparr;
 10
 11  pkgs-internal = import ../packages { inherit pkgs; };
 12
 13  inherit (lib)
 14    types
 15    mkIf
 16    mkOption
 17    mkEnableOption
 18    ;
 19in
 20{
 21  options.services.byparr = {
 22    enable = mkEnableOption "byparr";
 23
 24    package = mkOption {
 25      type = types.package;
 26      default = pkgs-internal.byparr;
 27
 28      description = "The Byparr package to use.";
 29    };
 30
 31    user = mkOption {
 32      type = types.str;
 33      default = "byparr";
 34      description = "User account under which Byparr runs.";
 35    };
 36
 37    group = mkOption {
 38      type = types.str;
 39      default = "byparr";
 40      description = "Group under which Byparr runs.";
 41    };
 42
 43    environment = mkOption {
 44      type = types.attrsOf types.str;
 45      default = { };
 46
 47      example = lib.literalExpression ''
 48        {
 49          PROXY_SERVER = "";
 50        }
 51      '';
 52
 53      description = ''
 54        Environment variables to set for the service. Secrets should be
 55        specified using {option}`environmentFile`.
 56
 57        Refer to the [Byparr documentation] for the list of available
 58        configuration options.
 59
 60        [Byparr documentation]: https://github.com/ThePhaseless/Byparr/blob/916005e039ffdc38c9db8cba9f10d5f16b8457f3/README.md#options
 61      '';
 62    };
 63
 64    environmentFile = mkOption {
 65      type = types.nullOr types.path;
 66      default = null;
 67
 68      description = ''
 69        File to load environment variables from. Loaded variables override
 70        values set in {option}`environment`.
 71      '';
 72    };
 73
 74    host = mkOption {
 75      type = types.str;
 76      default = "localhost";
 77
 78      description = "Host to bind webserver";
 79
 80      example = "0.0.0.0";
 81    };
 82
 83    port = mkOption {
 84      type = types.int;
 85      default = 8191;
 86
 87      description = "Port to bind webserver.";
 88
 89      example = 8191;
 90    };
 91
 92    openFirewall = mkEnableOption "" // {
 93      description = "Whether to open the firewall for the port in {option}`port`.";
 94    };
 95  };
 96
 97  config = mkIf cfg.enable {
 98    networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [
 99      cfg.port
100    ];
101
102    users = {
103      users = mkIf (cfg.user == "byparr") {
104        byparr = {
105          group = cfg.group;
106
107          isSystemUser = true;
108
109          home = "/var/lib/byparr";
110        };
111      };
112
113      groups = mkIf (cfg.group == "byparr") {
114        byparr = { };
115      };
116    };
117
118    systemd.services.byparr = {
119      description = "Byparr provides http cookies and headers for websites protected with anti-bot protections";
120
121      wantedBy = [ "multi-user.target" ];
122      after = [
123        "network.target"
124      ];
125
126      environment = lib.mkMerge [
127        cfg.environment
128        {
129          HOST = cfg.host;
130          PORT = toString cfg.port;
131        }
132      ];
133
134      serviceConfig = {
135        User = cfg.user;
136        Group = cfg.group;
137
138        StateDirectory = "byparr";
139        StateDirectoryMode = "0700";
140        RuntimeDirectory = "byparr";
141        RuntimeDirectoryMode = "0750";
142
143        EnvironmentFile = cfg.environmentFile;
144
145        ExecStart = "${lib.getExe cfg.package}";
146
147      };
148    };
149  };
150}