Luke Granger-Brown
57725ef3ec
git-subtree-dir: third_party/nixpkgs git-subtree-split: 76612b17c0ce71689921ca12d9ffdc9c23ce40b2
131 lines
3.5 KiB
Nix
131 lines
3.5 KiB
Nix
{ lib, pkgs, config, ... }:
|
|
with lib;
|
|
let
|
|
cfg = config.services.hledger-web;
|
|
in {
|
|
options.services.hledger-web = {
|
|
|
|
enable = mkEnableOption "hledger-web service";
|
|
|
|
serveApi = mkEnableOption "serving only the JSON web API, without the web UI";
|
|
|
|
host = mkOption {
|
|
type = types.str;
|
|
default = "127.0.0.1";
|
|
description = ''
|
|
Address to listen on.
|
|
'';
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 5000;
|
|
example = 80;
|
|
description = ''
|
|
Port to listen on.
|
|
'';
|
|
};
|
|
|
|
allow = mkOption {
|
|
type = types.enum [ "view" "add" "edit" "sandstorm" ];
|
|
default = "view";
|
|
description = ''
|
|
User's access level for changing data.
|
|
|
|
* view: view only permission.
|
|
* add: view and add permissions.
|
|
* edit: view, add, and edit permissions.
|
|
* sandstorm: permissions from the `X-Sandstorm-Permissions` request header.
|
|
'';
|
|
};
|
|
|
|
stateDir = mkOption {
|
|
type = types.path;
|
|
default = "/var/lib/hledger-web";
|
|
description = ''
|
|
Path the service has access to. If left as the default value this
|
|
directory will automatically be created before the hledger-web server
|
|
starts, otherwise the sysadmin is responsible for ensuring the
|
|
directory exists with appropriate ownership and permissions.
|
|
'';
|
|
};
|
|
|
|
journalFiles = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [ ".hledger.journal" ];
|
|
description = ''
|
|
Paths to journal files relative to {option}`services.hledger-web.stateDir`.
|
|
'';
|
|
};
|
|
|
|
baseUrl = mkOption {
|
|
type = with types; nullOr str;
|
|
default = null;
|
|
example = "https://example.org";
|
|
description = ''
|
|
Base URL, when sharing over a network.
|
|
'';
|
|
};
|
|
|
|
extraOptions = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [];
|
|
example = [ "--forecast" ];
|
|
description = ''
|
|
Extra command line arguments to pass to hledger-web.
|
|
'';
|
|
};
|
|
|
|
};
|
|
|
|
imports = [
|
|
(mkRemovedOptionModule [ "services" "hledger-web" "capabilities" ]
|
|
"This option has been replaced by new option `services.hledger-web.allow`.")
|
|
];
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
users.users.hledger = {
|
|
name = "hledger";
|
|
group = "hledger";
|
|
isSystemUser = true;
|
|
home = cfg.stateDir;
|
|
useDefaultShell = true;
|
|
};
|
|
|
|
users.groups.hledger = {};
|
|
|
|
systemd.services.hledger-web = let
|
|
serverArgs = with cfg; escapeShellArgs ([
|
|
"--serve"
|
|
"--host=${host}"
|
|
"--port=${toString port}"
|
|
"--allow=${allow}"
|
|
(optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}")
|
|
(optionalString (cfg.serveApi) "--serve-api")
|
|
] ++ (map (f: "--file=${stateDir}/${f}") cfg.journalFiles)
|
|
++ extraOptions);
|
|
in {
|
|
description = "hledger-web - web-app for the hledger accounting tool.";
|
|
documentation = [ "https://hledger.org/hledger-web.html" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "networking.target" ];
|
|
serviceConfig = mkMerge [
|
|
{
|
|
ExecStart = "${pkgs.hledger-web}/bin/hledger-web ${serverArgs}";
|
|
Restart = "always";
|
|
WorkingDirectory = cfg.stateDir;
|
|
User = "hledger";
|
|
Group = "hledger";
|
|
PrivateTmp = true;
|
|
}
|
|
(mkIf (cfg.stateDir == "/var/lib/hledger-web") {
|
|
StateDirectory = "hledger-web";
|
|
})
|
|
];
|
|
};
|
|
|
|
};
|
|
|
|
meta.maintainers = with lib.maintainers; [ marijanp erictapen ];
|
|
}
|