diff options
author | Justin Humm <justin.humm@posteo.de> | 2021-03-12 19:24:47 +0100 |
---|---|---|
committer | erictapen <justin.humm@posteo.de> | 2021-03-26 13:45:13 +0100 |
commit | 569940b9fd60ea40359a8d8f1bbffd5db31b19c8 (patch) | |
tree | 7297565d31a5dd66a070b112964f63622fd2fb2e /nixos/modules/services/web-apps/hledger-web.nix | |
parent | 71c55e53d7a6921ee1646e6585b65270600939ab (diff) | |
download | nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar.gz nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar.bz2 nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar.lz nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar.xz nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.tar.zst nixlib-569940b9fd60ea40359a8d8f1bbffd5db31b19c8.zip |
nixos/hledger-web: add stateDir, use own user, fix ExecStart
This allows for shared hledger installations, where the web interface is available via network and multiple user share a SSH access to the hledger user. Also added `--serve` to the CLI options, as hledger-web tries to open a webbrowser otherwise: hledger-web: xdg-open: rawSystem: runInteractiveProcess: exec: does not exist (No such file or directory) Co-authored-by: Aaron Andersen <aaron@fosslib.net>
Diffstat (limited to 'nixos/modules/services/web-apps/hledger-web.nix')
-rw-r--r-- | nixos/modules/services/web-apps/hledger-web.nix | 78 |
1 files changed, 61 insertions, 17 deletions
diff --git a/nixos/modules/services/web-apps/hledger-web.nix b/nixos/modules/services/web-apps/hledger-web.nix index 43fc4daa177f..f0c9b2b6c4c7 100644 --- a/nixos/modules/services/web-apps/hledger-web.nix +++ b/nixos/modules/services/web-apps/hledger-web.nix @@ -34,11 +34,22 @@ in { ''; }; - journalFile = mkOption { + stateDir = mkOption { type = types.path; - example = "/home/hledger/.hledger.journal"; + default = "/var/lib/hledger-web"; description = '' - Input journal file. + Path the service has access to. If left as the default value this + directory will automatically be created before the hledger-web server + starts, otherwise the sysadmin is responsible for ensuring the + directory exists with appropriate ownership and permissions. + ''; + }; + + journalFiles = mkOption { + type = types.listOf types.str; + default = [ ".hledger.journal" ]; + description = '' + Paths to journal files relative to <option>services.hledger-web.stateDir</option>. ''; }; @@ -50,28 +61,61 @@ in { Base URL, when sharing over a network. ''; }; + + extraOptions = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--forecast" ]; + description = '' + Extra command line arguments to pass to hledger-web. + ''; + }; + }; config = mkIf cfg.enable { - systemd.services.hledger-web = { + + users.users.hledger = { + name = "hledger"; + group = "hledger"; + isSystemUser = true; + home = cfg.stateDir; + useDefaultShell = true; + }; + + users.groups.hledger = {}; + + systemd.services.hledger-web = let + serverArgs = with cfg; escapeShellArgs ([ + "--serve" + "--host=${host}" + "--port=${toString port}" + "--capabilities=${capabilityString}" + (optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}") + (optionalString (cfg.serveApi) "--serve-api") + ] ++ (map (f: "--file=${stateDir}/${f}") cfg.journalFiles) + ++ extraOptions); + in { description = "hledger-web - web-app for the hledger accounting tool."; documentation = [ https://hledger.org/hledger-web.html ]; wantedBy = [ "multi-user.target" ]; after = [ "networking.target" ]; - serviceConfig = { - ExecStart = '' - ${pkgs.hledger-web}/bin/hledger-web \ - --host=${cfg.host} \ - --port=${toString cfg.port} \ - --file=${cfg.journalFile} \ - "--capabilities=${cfg.capabilities}" \ - ${optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}"} \ - ${optionalString (cfg.serveApi) "--serve-api"} - ''; - Restart = "always"; - }; + serviceConfig = mkMerge [ + { + ExecStart = "${pkgs.hledger-web}/bin/hledger-web ${serverArgs}"; + Restart = "always"; + WorkingDirectory = cfg.stateDir; + User = "hledger"; + Group = "hledger"; + PrivateTmp = true; + } + (mkIf (cfg.stateDir == "/var/lib/hledger-web") { + StateDirectory = "hledger-web"; + }) + ]; }; + }; - meta.maintainers = with lib.maintainers; [ marijanp ]; + meta.maintainers = with lib.maintainers; [ marijanp erictapen ]; } |