diff --git a/nixos/hosts/shodan/default.nix b/nixos/hosts/shodan/default.nix index f224d03..a76e037 100644 --- a/nixos/hosts/shodan/default.nix +++ b/nixos/hosts/shodan/default.nix @@ -35,6 +35,9 @@ radicale.enable = true; miniflux.enable = true; + calibre-web.enable = true; + rss-bridge.enable = true; + }; mySystem.containers = { diff --git a/nixos/modules/nixos/services/calibre-web/default.nix b/nixos/modules/nixos/services/calibre-web/default.nix index 3fff2df..e28ab38 100644 --- a/nixos/modules/nixos/services/calibre-web/default.nix +++ b/nixos/modules/nixos/services/calibre-web/default.nix @@ -69,14 +69,14 @@ in users.users.truxnell.extraGroups = [ group ]; - # Folder perms - only for containers - # systemd.tmpfiles.rules = [ - # "d ${persistentFolder}/ 0750 ${user} ${group} -" - # ]; + environment.persistence."${config.mySystem.system.impermanence.persistPath}" = lib.mkIf config.mySystem.system.impermanence.enable { + directories = [{ directory = appFolder; inherit user; inherit group; mode = "750"; }]; + }; ## service services.calibre-web = { enable = true; + listen.ip = "0.0.0.0"; listen.port = port; options = { calibreLibrary = "${config.mySystem.nasFolder}/natflix/books/"; diff --git a/nixos/modules/nixos/services/default.nix b/nixos/modules/nixos/services/default.nix index 51f9427..76af01d 100644 --- a/nixos/modules/nixos/services/default.nix +++ b/nixos/modules/nixos/services/default.nix @@ -27,5 +27,6 @@ ./nginx ./miniflux ./calibre-web + ./rss-bridge ]; } diff --git a/nixos/modules/nixos/services/languagetool/default.nix b/nixos/modules/nixos/services/languagetool/default.nix index 11da5bc..41f9a73 100644 --- a/nixos/modules/nixos/services/languagetool/default.nix +++ b/nixos/modules/nixos/services/languagetool/default.nix @@ -76,6 +76,11 @@ in # "d ${persistentFolder}/ 0750 ${user} ${group} -" # ]; + environment.persistence."${config.mySystem.system.impermanence.persistPath}" = lib.mkIf config.mySystem.system.impermanence.enable { + directories = [{ directory = appFolder; inherit user; inherit group; mode = "750"; }]; + }; + + ## service # services.test= { # enable = true; diff --git a/nixos/modules/nixos/services/rss-bridge/default.nix b/nixos/modules/nixos/services/rss-bridge/default.nix index 14108aa..bf979e6 100644 --- a/nixos/modules/nixos/services/rss-bridge/default.nix +++ b/nixos/modules/nixos/services/rss-bridge/default.nix @@ -10,8 +10,8 @@ let category = "services"; description = "rss feed for sites without"; # image = "%{image}"; - inherit (services.rss-bridge) user;#string - inherit (services.rss-bridge) group;#string + inherit (config.services.rss-bridge) user;#string + inherit (config.services.rss-bridge) group;#string port = 1234; #int appFolder = "/var/lib/${app}"; # persistentFolder = "${config.mySystem.persistentFolder}/var/lib/${appFolder}"; @@ -70,16 +70,12 @@ in users.users.truxnell.extraGroups = [ group ]; - - # Folder perms - only for containers - # systemd.tmpfiles.rules = [ - # "d ${persistentFolder}/ 0750 ${user} ${group} -" - # ]; - ## service - # services.test= { - # enable = true; - # }; + services.rss-bridge = { + enable = true; + whitelist = [ "*" ]; + virtualHost = "${url}"; + }; # homepage integration mySystem.services.homepage.infrastructure = mkIf cfg.addToHomepage [ @@ -107,9 +103,6 @@ in services.nginx.virtualHosts.${url} = { forceSSL = true; useACMEHost = config.networking.domain; - locations."^~ /" = { - proxyPass = "http://127.0.0.1:${builtins.toString port}"; - }; }; ### firewall config @@ -125,12 +118,12 @@ in "WARNING: Backups for ${app} are disabled!") ]; - services.restic.backups = config.lib.mySystem.mkRestic + services.restic.backups = mkIf cfg.backup (config.lib.mySystem.mkRestic { inherit app user; paths = [ appFolder ]; inherit appFolder; - }; + }); # services.postgresqlBackup = {