{ config, lib, namespace, ... }: with lib; let name = "glance"; cfg = config.${namespace}.services.${name}; net = lib.${namespace}.network; hostedServiceSites = let servicesCfg = config.${namespace}.services; serviceNames = builtins.attrNames servicesCfg; in builtins.concatMap ( serviceName: let serviceCfg = servicesCfg.${serviceName}; hosted = serviceCfg.hostedService or null; in if hosted != null && hosted.enable then [ ( { title = hosted.title; url = hosted.url; icon = hosted.icon; } // optionalAttrs hosted.basicAuth { basic-auth = { username = "\${ARR_USER}"; password = "\${ARR_PASS}"; }; } ) ] else [ ] ) serviceNames; coreSites = { actual = { title = "Actual"; url = "https://actual.mjallen.dev/"; icon = "si:actualbudget"; }; jellyfin = { title = "Jellyfin"; url = "https://jellyfin.mjallen.dev/"; icon = "si:jellyfin"; }; gitea = { title = "Gitea"; url = "https://gitea.mjallen.dev/"; icon = "si:gitea"; }; nextcloud = { title = "Nextcloud"; url = "https://cloud.mjallen.dev/"; icon = "si:nextcloud"; }; immich = { title = "Immich"; url = "https://immich.mjallen.dev/"; icon = "si:immich"; }; homeassistant = { title = "Home Assistant"; url = "https://hass.mjallen.dev/"; icon = "si:homeassistant"; }; adguard = { title = "AdGuard Home"; url = "http://${net.hosts.pi5.lan}:${toString net.ports.pi5.adguard}/"; icon = "si:adguard"; allow-insecure = true; }; manyfold = { title = "Manyfold"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.manyfold}/collections"; icon = "sh:manyfold"; allow-insecure = true; }; code-server = { title = "Code Server"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.codeServer}/"; icon = "si:vscodium"; allow-insecure = true; }; nas-kvm = { title = "NAS KVM"; url = "http://nas-kvm.local/"; icon = "si:nanokvm"; allow-insecure = true; }; sonarr = { title = "Sonarr"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sonarr}/"; icon = "si:sonarr"; allow-insecure = true; basic-auth = { username = "\${ARR_USER}"; password = "\${ARR_PASS}"; }; }; radarr = { title = "Radarr"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.radarr}/"; icon = "si:radarr"; allow-insecure = true; basic-auth = { username = "\${ARR_USER}"; password = "\${ARR_PASS}"; }; }; sabnzbd = { title = "Sabnzbd"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sabnzbd}/"; icon = "si:sabnzbd"; allow-insecure = true; basic-auth = { username = "\${ARR_USER}"; password = "\${ARR_PASS}"; }; }; }; glanceConfig = lib.${namespace}.mkModule { inherit config name; description = "glance"; options = { nasPoolPath = lib.mkOption { type = lib.types.str; default = cfg.dataDir; description = "Path to the NAS pool mount to display in server-stats."; }; enableCoreSites = lib.mkOption { type = lib.types.bool; default = true; description = "Enable the default core service sites in the monitor widget"; }; enableHostedServices = lib.mkOption { type = lib.types.bool; default = true; description = "Auto-discover services with hostedService.enable and add them to the monitor widget"; }; coreServices = lib.mkOption { type = lib.types.listOf lib.types.str; default = builtins.attrNames coreSites; description = "List of core service keys to include (filtered by enableCoreSites)"; }; extraSites = lib.mkOption { type = lib.types.listOf ( lib.types.submodule { options = { title = lib.mkOption { type = lib.types.str; description = "Display title"; }; url = lib.mkOption { type = lib.types.str; description = "Service URL"; }; icon = lib.mkOption { type = lib.types.str; default = "si:glance"; description = "Icon identifier (e.g. si:servicename)"; }; allow-insecure = lib.mkOption { type = lib.types.bool; default = false; description = "Allow insecure connections"; }; basic-auth = lib.mkOption { type = lib.types.bool; default = false; description = "Require basic auth (uses ARR credentials)"; }; }; } ); default = [ ]; description = "Extra sites to display in the monitor widget"; }; }; moduleConfig = { services.glance = { enable = true; openFirewall = true; environmentFile = config.sops.templates."glance.env".path; settings = { server = { host = "0.0.0.0"; port = cfg.port; }; pages = [ { name = "Startpage"; width = "default"; hide-desktop-navigation = true; center-vertically = true; columns = [ { size = "small"; widgets = [ { type = "calendar"; first-day-of-week = "sunday"; } { type = "weather"; units = "imperial"; hour-format = "12h"; location = "Saint Paul, Minnesota, United States"; } { type = "server-stats"; servers = [ { type = "local"; name = "Jallen-NAS"; cpu-temp-sensor = "/sys/devices/pci0000:00/0000:00:08.1/0000:cd:00.0/hwmon/hwmon*/temp1_input"; mountpoints = { "/home" = { name = "Home"; }; "${cfg.nasPoolPath}" = { name = "nas_pool"; }; }; } ]; } ]; } { size = "full"; widgets = [ { type = "search"; autofocus = true; search-engine = "google"; bangs = [ { title = "YouTube"; shortcut = "!yt"; url = "https://www.youtube.com/results?search_query={QUERY}"; } ]; } { type = "monitor"; cache = "1m"; title = "Services"; sites = (if cfg.enableCoreSites then builtins.map (key: coreSites.${key}) cfg.coreServices else [ ]) ++ (if cfg.enableHostedServices then hostedServiceSites else [ ]) ++ builtins.map ( site: { title = site.title; url = site.url; icon = site.icon; } // optionalAttrs site.allow-insecure { allow-insecure = true; } ) cfg.extraSites; } { type = "bookmarks"; groups = [ { title = "General"; links = [ { title = "Gmail"; url = "https://mail.google.com/mail/u/0/"; } { title = "Proton Mail"; url = "https://mail.proton.me/u/0/inbox"; } { title = "MyNixOS"; url = "https://www.mynixos.com/"; } { title = "Github"; url = "https://github.com/"; } ]; } { title = "Entertainment"; links = [ { title = "YouTube"; url = "https://www.youtube.com/"; } { title = "Prime Video"; url = "https://www.primevideo.com/"; } { title = "Disney+"; url = "https://www.disneyplus.com/"; } ]; } { title = "Social"; links = [ { title = "Reddit"; url = "https://www.reddit.com/"; } { title = "Twitter"; url = "https://twitter.com/"; } { title = "Instagram"; url = "https://www.instagram.com/"; } ]; } ]; } { type = "reddit"; subreddit = "hockey"; } { type = "reddit"; subreddit = "formula1"; } ]; } ]; } ]; }; }; }; }; in { imports = [ glanceConfig { config = lib.mkIf cfg.enable ( lib.${namespace}.mkSopsEnvFile { name = "glance.env"; restartUnit = "glance.service"; secrets = { "jallen-nas/glance/arr-username" = { }; "jallen-nas/glance/arr-password" = { }; }; content = '' ARR_USER=${config.sops.placeholder."jallen-nas/glance/arr-username"} ARR_PASS=${config.sops.placeholder."jallen-nas/glance/arr-password"} ''; } ); } ]; }