From 74051f3afc64ccadb2e9e5f995ded3ffeb25468d Mon Sep 17 00:00:00 2001 From: xeals Date: Wed, 2 Nov 2022 10:48:50 +1100 Subject: [PATCH] flake: add nixosModule --- flake.nix | 5 ++++ nixos/default.nix | 76 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 nixos/default.nix diff --git a/flake.nix b/flake.nix index 84498b1..18f5925 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,11 @@ }; }) ]; + + nixosModules = rec { + default = frontpage; + frontpage = import ./nixos; + }; } // (flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; overlays = [ self.overlay ]; }; in { diff --git a/nixos/default.nix b/nixos/default.nix new file mode 100644 index 0000000..f6ea6cf --- /dev/null +++ b/nixos/default.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.frontpage; + + toml = pkgs.formats.toml { }; + fullSettings = recursiveUpdate cfg.settings { + core.port = cfg.port; + oidc.client_secret = "@SECRET@"; + }; + settingsFile = toml.generate "config.toml" fullSettings; +in +{ + options.services.frontpage = { + enable = mkEnableOption "frontpage"; + + package = mkPackageOption pkgs "frontpage" { }; + + user = mkOption { + type = types.str; + default = "frontpage"; + }; + + group = mkOption { + type = types.str; + default = "frontpage"; + }; + + port = mkOption { + type = types.port; + default = 32195; + }; + + oidcSecretFile = mkOption { + type = types.path; + description = '' + Path to a file containing the OIDC secret for the application. + ''; + }; + + settings = mkOption { + type = with types; attrsOf anything; + default = { }; + description = '' + Settings attribute set as described by the documentation. + ''; + }; + }; + config = mkIf cfg.enable { + systemd.services.frontpage = { + description = "Web front page"; + wantedBy = [ "multi-user.target" ]; + preStart = '' + sed \ + "s=@SECRET@=$(<${cfg.oidcSecretFile})=" \ + ${settingsFile} \ + > /run/frontpage/config.toml + ''; + + serviceConfig = { + Restart = "on-failure"; + RestartSec = "2s"; + ExecStart = "${cfg.package}/bin/frontpage -c /run/frontpage/config.toml"; + RuntimeDirectory = [ "frontpage" ]; + User = cfg.user; + }; + }; + + users.users."${cfg.user}" = { + isSystemUser = true; + group = cfg.group; + }; + + users.groups."${cfg.group}" = { }; + }; +}