diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2021-07-14 21:17:58 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2021-07-14 21:17:58 -0400 |
| commit | 91324bc602ead478b956b2602d1658ff2830adc7 (patch) | |
| tree | 771be1c83bb6c0435e1fd942e380b6e24b612b66 /modules | |
| parent | 0e2dc6e7084340c12b9e7c4e8ecb7700305318a0 (diff) | |
add hledger service
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/hledger-web.nix | 41 | ||||
| -rw-r--r-- | modules/users.nix | 67 |
2 files changed, 93 insertions, 15 deletions
diff --git a/modules/hledger-web.nix b/modules/hledger-web.nix new file mode 100644 index 0000000..57faed6 --- /dev/null +++ b/modules/hledger-web.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.orbekk.hledger-web; + aliases = import ../data/aliases.nix; +in { + options = { + orbekk.hledger-web = { + enable = lib.mkEnableOption "Enable hledger-web"; + journalFile = lib.mkOption { + type = lib.types.str; + description = "Path to journal file"; + }; + port = lib.mkOption { + type = lib.types.int; + default = aliases.services.hledger-web.port; + }; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.hledger-web = { + description = "Hledger Web"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + path = with pkgs; [ hledger hledger-web git ]; + + serviceConfig = { + User = "hledger"; + Group = "hledger"; + StateDirectory = "hledger-web"; + StateDirectoryMode = "770"; + }; + + script = '' + cd /var/lib/hledger-web + hledger-web -f ${cfg.journalFile} --auto --port ${cfg.port} + ''; + }; + }; +} diff --git a/modules/users.nix b/modules/users.nix index e7fb228..a789580 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -11,21 +11,35 @@ in { home = "/home/orbekk"; uid = 1000; description = "KJ"; - extraGroups = ["wheel" "networkmanager" "dialout" "uucp" "audio" "pulse" "plugdev" "lxd" "readonly" "input" "vboxusers" "video" "sound" "tty" ]; - openssh.authorizedKeys.keyFiles = [ - ../data/yubikey_rsa.pub + extraGroups = [ + "wheel" + "networkmanager" + "dialout" + "uucp" + "audio" + "pulse" + "plugdev" + "lxd" + "readonly" + "input" + "vboxusers" + "video" + "sound" + "tty" + "hledger" ]; + openssh.authorizedKeys.keyFiles = [ ../data/yubikey_rsa.pub ]; }; guest = { isNormalUser = true; home = "/home/guest"; uid = 1500; description = "Guest"; - extraGroups = ["networkmanager" "audio" "pulse" "input"]; + extraGroups = [ "networkmanager" "audio" "pulse" "input" ]; }; fcgi = { group = "fcgi"; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; uid = 500; isSystemUser = true; }; @@ -48,7 +62,7 @@ in { minecraft = { name = "minecraft"; uid = config.ids.uids.minecraft; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; isSystemUser = true; }; stats = { @@ -97,24 +111,47 @@ in { mpd = lib.mkIf config.services.mpd.enable { isSystemUser = true; group = "mpd"; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; }; nginx = lib.mkIf config.services.nginx.enable { isSystemUser = true; - extraGroups = ["readonly"]; + extraGroups = [ "readonly" ]; + }; + hledger = lib.mkIf config.orbekk.hledger-web.enable { + isSystemUser = true; + home = "/var/lib/hledger-web"; + group = "hledger"; }; }; extraGroups = { - fcgi = { name = "fcgi"; gid = 500; }; - plugdev = { name = "plugdev"; gid = 501; }; - systemhttpd = { name = "systemhttpd"; gid = 502; }; - linoquotes = { name = "linoquotes"; gid = 503; }; - stats = { name = "stats"; gid = 504; }; - terraria = { name = "terraria"; gid = 505; }; + fcgi = { + name = "fcgi"; + gid = 500; + }; + plugdev = { + name = "plugdev"; + gid = 501; + }; + systemhttpd = { + name = "systemhttpd"; + gid = 502; + }; + linoquotes = { + name = "linoquotes"; + gid = 503; + }; + stats = { + name = "stats"; + gid = 504; + }; + terraria = { + name = "terraria"; + gid = 505; + }; readonly = { gid = 506; }; pjournal = { gid = 507; }; pjournal_test = { gid = 508; }; + hledger = lib.mkIf config.orbekk.hledger-web.enable { }; }; }; } - |