modules/betanin: spring cleaning prepping for upstream
Some checks failed
CI / checks (nur) (push) Successful in 3m24s
CI / build-and-update (xeals, xeals) (push) Successful in 18m39s
Update flake inputs / update-flake (push) Failing after 44s

This commit is contained in:
xeals 2024-08-15 15:24:13 +10:00
parent 706e911539
commit cf0dcee23f
Signed by: xeals
SSH Key Fingerprint: SHA256:pRv+8swQDA+/LuZ7NHj9m006BbKexlNK62OUA01ZZBc

View File

@ -6,84 +6,79 @@ let
cfg = config.services.betanin; cfg = config.services.betanin;
defaultUser = "betanin";
defaultGroup = "betanin";
settingsFormat = pkgs.formats.toml { }; settingsFormat = pkgs.formats.toml { };
beetsFormat = pkgs.formats.yaml { }; beetsFormat = pkgs.formats.yaml { };
in in
{ {
options = { options.services.betanin = {
services.betanin = { enable = lib.mkEnableOption "betanin";
enable = lib.mkEnableOption "betanin";
package = mkOption { package = mkOption {
description = "Package containing betanin program."; description = "Package containing betanin program.";
type = types.package; type = types.package;
default = pkgs.betanin or (import ../../.. { inherit pkgs; }).betanin; default = pkgs.betanin or (import ../../.. { inherit pkgs; }).betanin;
}; };
openFirewall = mkOption { openFirewall = mkOption {
description = "Open ports in the firewall for the server."; description = "Open ports in the firewall for the server.";
type = types.bool; type = types.bool;
default = false; default = false;
}; };
port = mkOption { port = mkOption {
description = "Port to access betanin on."; description = "Port to access betanin on.";
type = types.port; type = types.port;
default = 9393; default = 9393;
}; };
user = mkOption { user = mkOption {
description = "User that the betanin program should run under."; description = "User that the betanin program should run under.";
type = types.str; type = types.str;
default = defaultUser; default = "betanin";
}; };
group = mkOption { group = mkOption {
description = "Group that the betanin program should run under."; description = "Group that the betanin program should run under.";
type = types.str; type = types.str;
default = defaultGroup; default = "betanin";
}; };
dataDir = mkOption { dataDir = mkOption {
description = "Directory to store application data."; description = "Directory to store application data.";
type = types.str; type = types.str;
default = "/var/lib/betanin"; default = "/var/lib/betanin";
}; };
settings = mkOption { settings = mkOption {
type = settingsFormat.type; type = settingsFormat.type;
default = { }; default = { };
example = lib.literalExpression '' example = lib.literalExpression ''
{ {
frontend = { frontend = {
username = "foo"; username = "foo";
password { _secret = "/run/secrets/betaninPasswordFile"; }; password = { _secret = "/run/secrets/betaninPasswordFile"; };
}; };
clients = { clients = {
api_key = { _secret = "/run/secrets/betaninApiKeyFile"; }; api_key = { _secret = "/run/secrets/betaninApiKeyFile"; };
}; };
server = { server = {
num_parallel_jobs = 1; num_parallel_jobs = 1;
}; };
} }
''; '';
description = lib.mdDoc '' description = ''
Configuration for betanin. Configuration for betanin.
Options containing secret data should be set to an attribute set Options containing secret data should be set to an attribute set
containing the attribute `_secret` - a string pointing to a file containing the attribute `_secret` - a string pointing to a file
containing the value the option should be set to. containing the value the option should be set to.
''; '';
}; };
beets.settings = mkOption { beets.settings = mkOption {
type = beetsFormat.type; type = beetsFormat.type;
default = { }; default = { };
description = lib.mdDoc "Configuration for beets used by betanin."; description = "Configuration for beets used by betanin.";
};
}; };
}; };
@ -123,17 +118,14 @@ in
{ {
description = "Betanin service"; description = "Betanin service";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "networking.target" ]; after = [ "network.target" ];
path = [ pkgs.replace-secret ];
environment = { environment = {
HOME = cfg.dataDir; HOME = cfg.dataDir;
}; };
path = [ pkgs.replace-secret ];
script = '' script = ''
mkdir -p ${cfg.dataDir}/.config/betanin \
${cfg.dataDir}/.local/share/betanin \
${cfg.dataDir}/.config/beets
ln -sf ${beetsFile} ${cfg.dataDir}/.config/beets/config.yaml ln -sf ${beetsFile} ${cfg.dataDir}/.config/beets/config.yaml
cat ${settingsFile} > ${cfg.dataDir}/.config/betanin/config.toml cat ${settingsFile} > ${cfg.dataDir}/.config/betanin/config.toml
${secretReplacements} ${secretReplacements}
@ -141,28 +133,34 @@ in
${cfg.package}/bin/betanin --port ${toString cfg.port} ${cfg.package}/bin/betanin --port ${toString cfg.port}
''; '';
serviceConfig = lib.mkMerge [ serviceConfig = {
{ User = cfg.user;
User = cfg.user; Group = cfg.group;
Group = cfg.group; PrivateTmp = true;
PrivateTmp = true; Restart = "always";
Restart = "always"; WorkingDirectory = cfg.dataDir;
WorkingDirectory = cfg.dataDir; StateDirectory = mkIf (cfg.dataDir == "/var/lib/betanin") "betanin";
} };
(mkIf (cfg.dataDir == "/var/lib/betanin") {
StateDirectory = "betanin";
})
];
}; };
users.users = optionalAttrs (cfg.user == defaultUser) { systemd.tmpfiles.rules = [
"d ${cfg.dataDir} 0710 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.config 0750 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.config/betanin 0750 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.config/beets 0750 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.local 0750 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.local/share 0750 ${cfg.user} ${cfg.group} - -"
"d ${cfg.dataDir}/.local/share/betanin 0750 ${cfg.user} ${cfg.group} - -"
];
users.users = optionalAttrs (cfg.user == "betanin") {
${cfg.user} = { ${cfg.user} = {
isSystemUser = true; isSystemUser = true;
group = cfg.group; group = cfg.group;
}; };
}; };
users.groups = optionalAttrs (cfg.group == defaultGroup) { users.groups = optionalAttrs (cfg.group == "betanin") {
${cfg.group} = { }; ${cfg.group} = { };
}; };
}; };