diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-apps/hledger-web.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/hledger-web.nix | 109 |
1 files changed, 87 insertions, 22 deletions
diff --git a/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix b/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix index 43fc4daa177f..a69767194c33 100644 --- a/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix +++ b/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix @@ -26,19 +26,46 @@ in { ''; }; - capabilities = mkOption { - type = types.commas; - default = "view"; + capabilities = { + view = mkOption { + type = types.bool; + default = true; + description = '' + Enable the view capability. + ''; + }; + add = mkOption { + type = types.bool; + default = false; + description = '' + Enable the add capability. + ''; + }; + manage = mkOption { + type = types.bool; + default = false; + description = '' + Enable the manage capability. + ''; + }; + }; + + stateDir = mkOption { + type = types.path; + default = "/var/lib/hledger-web"; description = '' - Enable the view, add, and/or manage capabilities. E.g. view,add + Path the service has access to. If left as the default value this + directory will automatically be created before the hledger-web server + starts, otherwise the sysadmin is responsible for ensuring the + directory exists with appropriate ownership and permissions. ''; }; - journalFile = mkOption { - type = types.path; - example = "/home/hledger/.hledger.journal"; + journalFiles = mkOption { + type = types.listOf types.str; + default = [ ".hledger.journal" ]; description = '' - Input journal file. + Paths to journal files relative to <option>services.hledger-web.stateDir</option>. ''; }; @@ -50,28 +77,66 @@ in { Base URL, when sharing over a network. ''; }; + + extraOptions = mkOption { + type = types.listOf types.str; + default = []; + example = [ "--forecast" ]; + description = '' + Extra command line arguments to pass to hledger-web. + ''; + }; + }; config = mkIf cfg.enable { - systemd.services.hledger-web = { + + users.users.hledger = { + name = "hledger"; + group = "hledger"; + isSystemUser = true; + home = cfg.stateDir; + useDefaultShell = true; + }; + + users.groups.hledger = {}; + + systemd.services.hledger-web = let + capabilityString = with cfg.capabilities; concatStringsSep "," ( + (optional view "view") + ++ (optional add "add") + ++ (optional manage "manage") + ); + serverArgs = with cfg; escapeShellArgs ([ + "--serve" + "--host=${host}" + "--port=${toString port}" + "--capabilities=${capabilityString}" + (optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}") + (optionalString (cfg.serveApi) "--serve-api") + ] ++ (map (f: "--file=${stateDir}/${f}") cfg.journalFiles) + ++ extraOptions); + in { description = "hledger-web - web-app for the hledger accounting tool."; documentation = [ https://hledger.org/hledger-web.html ]; wantedBy = [ "multi-user.target" ]; after = [ "networking.target" ]; - serviceConfig = { - ExecStart = '' - ${pkgs.hledger-web}/bin/hledger-web \ - --host=${cfg.host} \ - --port=${toString cfg.port} \ - --file=${cfg.journalFile} \ - "--capabilities=${cfg.capabilities}" \ - ${optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}"} \ - ${optionalString (cfg.serveApi) "--serve-api"} - ''; - Restart = "always"; - }; + serviceConfig = mkMerge [ + { + ExecStart = "${pkgs.hledger-web}/bin/hledger-web ${serverArgs}"; + Restart = "always"; + WorkingDirectory = cfg.stateDir; + User = "hledger"; + Group = "hledger"; + PrivateTmp = true; + } + (mkIf (cfg.stateDir == "/var/lib/hledger-web") { + StateDirectory = "hledger-web"; + }) + ]; }; + }; - meta.maintainers = with lib.maintainers; [ marijanp ]; + meta.maintainers = with lib.maintainers; [ marijanp erictapen ]; } |