mkModule migration begin

2025-12-14 22:47:51 -06:00
parent 34539045e5
commit fedba849a7
9 changed files with 302 additions and 667 deletions
--- a/lib/module/default.nix
+++ b/lib/module/default.nix
@@ -48,6 +48,12 @@ rec {
          reverseProxies = [ reverseProxyConfig ];
        };

+        # Open firewall
+        networking.firewall = lib.mkIf cfg.openFirewall {
+          allowedTCPPorts = [ cfg.port ];
+          allowedUDPPorts = [ cfg.port ];
+        };
+
        users = lib.mkIf cfg.createUser {
          users.${name} = {
            isSystemUser = true;
@@ -57,6 +63,19 @@ rec {
          groups.${name} = { };
        };

+        services = {
+          # postgresql = lib.mkIf cfg.configureDb {
+          #   enable = true;
+          #   ensureDatabases = [ name ];
+          #   ensureUsers = [
+          #     {
+          #       name = name;
+          #       ensureDBOwnership = true;
+          #     }
+          #   ];
+          # };
+        };
+
        systemd.tmpfiles.rules = [
          "d ${cfg.configDir} 0700 ${name} ${name} - -"
          "d ${cfg.configDir}/server-files 0700 ${name} ${name} - -"
@@ -73,12 +92,26 @@ rec {

            port = mkOpt types.int 80 "Port for ${name} to be hosted on";

-            configDir = mkOpt types.str "/media/nas/main/nix-app-data/${name}" "Path to the config dir";
+            configDir = mkOpt types.str "/media/nas/main/nix-app-data" "Path to the config dir";

-            dataDir = mkOpt types.str "/media/nas/main/${name}" "Path to the data dir";
+            dataDir = mkOpt types.str "/media/nas/main" "Path to the data dir";

            createUser = mkBoolOpt false "create a user for this module/service";

+            configureDb = mkBoolOpt false "Manage db for this service";
+
+            environmentFile = mkOpt types.str "" "Environment File";
+
+            puid = mkOpt types.str "911" "default user id";
+
+            pgid = mkOpt types.str "1000" "default group id";
+
+            timeZone = mkOpt types.str "America/Chicago" "default timezone";
+
+            listenAddress = mkOpt types.str "0.0.0.0" "Environment File";
+
+            openFirewall = mkBoolOpt true "Open the firewall";
+
            reverseProxy = mkReverseProxyOpt;
          }
          // options;