diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2021-07-14 21:17:58 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2021-07-14 21:17:58 -0400 |
| commit | 91324bc602ead478b956b2602d1658ff2830adc7 (patch) | |
| tree | 771be1c83bb6c0435e1fd942e380b6e24b612b66 | |
| parent | 0e2dc6e7084340c12b9e7c4e8ecb7700305318a0 (diff) | |
add hledger service
| -rw-r--r-- | data/aliases.nix | 56 | ||||
| -rw-r--r-- | data/dns/db.orbekk.shared.zone | 3 | ||||
| -rw-r--r-- | machines/dragon.nix | 4 | ||||
| -rw-r--r-- | modules/hledger-web.nix | 41 | ||||
| -rw-r--r-- | modules/users.nix | 67 |
5 files changed, 144 insertions, 27 deletions
diff --git a/data/aliases.nix b/data/aliases.nix index d2de58e..ce48033 100644 --- a/data/aliases.nix +++ b/data/aliases.nix @@ -6,22 +6,56 @@ rec { ap2 = "10.10.255.2"; }; services = { - hydra = { address = ip.shape; port = 11101; }; - matrix = { address = ip.shape; port = 11102; }; - matrixFederation = { address = ip.shape; port = 8448; }; - git = { address = ip.shape; port = 11103; }; - fcgi = { address = ip.shape; port = 11104; }; - systemhttpd = { address = ip.shape; port = 11105; }; - linoquotes = { address = ip.raigh; port = 11106; }; + hydra = { + address = ip.shape; + port = 11101; + }; + matrix = { + address = ip.shape; + port = 11102; + }; + matrixFederation = { + address = ip.shape; + port = 8448; + }; + git = { + address = ip.shape; + port = 11103; + }; + fcgi = { + address = ip.shape; + port = 11104; + }; + systemhttpd = { + address = ip.shape; + port = 11105; + }; + linoquotes = { + address = ip.raigh; + port = 11106; + }; stats = { home = "/var/lib/stats"; }; wireguard = { port = 11107; }; - mpd = { address = ip.dragon; port = 11108; }; - mpdweb = { address = ip.dragon; port = 11109; }; - pjournal = { address = ip.dragon; port = 11110; }; + mpd = { + address = ip.dragon; + port = 11108; + }; + mpdweb = { + address = ip.dragon; + port = 11109; + }; + pjournal = { + address = ip.dragon; + port = 11110; + }; grafana = { port = 11111; }; prometheus = { port = 11112; }; prometheus-exporter = { port = 11113; }; prometheus-snmp-exporter = { port = 11114; }; - login = { address = ip.dragon; port = 11115; }; + login = { + address = ip.dragon; + port = 11115; + }; + hledger-web = { port = 11116; }; }; } diff --git a/data/dns/db.orbekk.shared.zone b/data/dns/db.orbekk.shared.zone index f5451ad..06d7ea4 100644 --- a/data/dns/db.orbekk.shared.zone +++ b/data/dns/db.orbekk.shared.zone @@ -1,7 +1,7 @@ $TTL 600 @ IN SOA kremkake.trygveandre.net. root.orbekk.com. ( $serial; serial - 601; refresh + 602; refresh 900; retry 2419200; expire 3600; @@ -30,6 +30,7 @@ kj IN CNAME dragon.dynamic.orbekk.com. journal IN CNAME dragon.dynamic.orbekk.com. grafana IN CNAME dragon.dynamic.orbekk.com. nextcloud IN CNAME dragon.dynamic.orbekk.com. +money IN CNAME dragon.dynamic.orbekk.com. raigh IN AAAA 2001:67c:29f4:1008:216:3eff:fe33:4512 gutter IN A 150.136.5.19 diff --git a/machines/dragon.nix b/machines/dragon.nix index 54bb28a..541690a 100644 --- a/machines/dragon.nix +++ b/machines/dragon.nix @@ -20,6 +20,10 @@ in { orbekk.valheim-server.enable = false; orbekk.valheim-server.programDir = "/opt/valheim"; + orbekk.hledger-web.enable = true; + orbekk.hledger-web.journalFile = + "/var/lib/hledger-web/hledger/anniekj.journal"; + # virtualisation.lxd.enable = true; boot = { diff --git a/modules/hledger-web.nix b/modules/hledger-web.nix new file mode 100644 index 0000000..57faed6 --- /dev/null +++ b/modules/hledger-web.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.orbekk.hledger-web; + aliases = import ../data/aliases.nix; +in { + options = { + orbekk.hledger-web = { + enable = lib.mkEnableOption "Enable hledger-web"; + journalFile = lib.mkOption { + type = lib.types.str; + description = "Path to journal file"; + }; + port = lib.mkOption { + type = lib.types.int; + default = aliases.services.hledger-web.port; + }; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.hledger-web = { + description = "Hledger Web"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + path = with pkgs; [ hledger hledger-web git ]; + + serviceConfig = { + User = "hledger"; + Group = "hledger"; + StateDirectory = "hledger-web"; + StateDirectoryMode = "770"; + }; + + script = '' + cd /var/lib/hledger-web + hledger-web -f ${cfg.journalFile} --auto --port ${cfg.port} + ''; + }; + }; +} diff --git a/modules/users.nix b/modules/users.nix index e7fb228..a789580 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -11,21 +11,35 @@ in { home = "/home/orbekk"; uid = 1000; description = "KJ"; - extraGroups = ["wheel" "networkmanager" "dialout" "uucp" "audio" "pulse" "plugdev" "lxd" "readonly" "input" "vboxusers" "video" "sound" "tty" ]; - openssh.authorizedKeys.keyFiles = [ - ../data/yubikey_rsa.pub + extraGroups = [ + "wheel" + "networkmanager" + "dialout" + "uucp" + "audio" + "pulse" + "plugdev" + "lxd" + "readonly" + "input" + "vboxusers" + "video" + "sound" + "tty" + "hledger" ]; + openssh.authorizedKeys.keyFiles = [ ../data/yubikey_rsa.pub ]; }; guest = { isNormalUser = true; home = "/home/guest"; uid = 1500; description = "Guest"; - extraGroups = ["networkmanager" "audio" "pulse" "input"]; + extraGroups = [ "networkmanager" "audio" "pulse" "input" ]; }; fcgi = { group = "fcgi"; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; uid = 500; isSystemUser = true; }; @@ -48,7 +62,7 @@ in { minecraft = { name = "minecraft"; uid = config.ids.uids.minecraft; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; isSystemUser = true; }; stats = { @@ -97,24 +111,47 @@ in { mpd = lib.mkIf config.services.mpd.enable { isSystemUser = true; group = "mpd"; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; }; nginx = lib.mkIf config.services.nginx.enable { isSystemUser = true; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; + }; + hledger = lib.mkIf config.orbekk.hledger-web.enable { + isSystemUser = true; + home = "/var/lib/hledger-web"; + group = "hledger"; }; }; extraGroups = { - fcgi = { name = "fcgi"; gid = 500; }; - plugdev = { name = "plugdev"; gid = 501; }; - systemhttpd = { name = "systemhttpd"; gid = 502; }; - linoquotes = { name = "linoquotes"; gid = 503; }; - stats = { name = "stats"; gid = 504; }; - terraria = { name = "terraria"; gid = 505; }; + fcgi = { + name = "fcgi"; + gid = 500; + }; + plugdev = { + name = "plugdev"; + gid = 501; + }; + systemhttpd = { + name = "systemhttpd"; + gid = 502; + }; + linoquotes = { + name = "linoquotes"; + gid = 503; + }; + stats = { + name = "stats"; + gid = 504; + }; + terraria = { + name = "terraria"; + gid = 505; + }; readonly = { gid = 506; }; pjournal = { gid = 507; }; pjournal_test = { gid = 508; }; + hledger = lib.mkIf config.orbekk.hledger-web.enable { }; }; }; } - |