pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6 cfg = config.services.ankisyncd;
7
8 name = "ankisyncd";
9
10 stateDir = "/var/lib/${name}";
11
12 toml = pkgs.formats.toml {};
13
14 configFile = toml.generate "ankisyncd.conf" {
15 listen = {
16 host = cfg.host;
17 port = cfg.port;
18 };
19 paths.root_dir = stateDir;
20 # encryption.ssl_enable / cert_file / key_file
21 };
22in
23 {
24 options.services.ankisyncd = {
25 enable = mkEnableOption (lib.mdDoc "ankisyncd");
26
27 package = mkOption {
28 type = types.package;
29 default = pkgs.ankisyncd;
30 defaultText = literalExpression "pkgs.ankisyncd";
31 description = lib.mdDoc "The package to use for the ankisyncd command.";
32 };
33
34 host = mkOption {
35 type = types.str;
36 default = "localhost";
37 description = lib.mdDoc "ankisyncd host";
38 };
39
40 port = mkOption {
41 type = types.port;
42 default = 27701;
43 description = lib.mdDoc "ankisyncd port";
44 };
45
46 openFirewall = mkOption {
47 default = false;
48 type = types.bool;
49 description = lib.mdDoc "Whether to open the firewall for the specified port.";
50 };
51 };
52
53 config = mkIf cfg.enable {
54 networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
55
56 systemd.services.ankisyncd = {
57 description = "ankisyncd - Anki sync server";
58 after = [ "network.target" ];
59 wantedBy = [ "multi-user.target" ];
60 path = [ cfg.package ];
61
62 serviceConfig = {
63 Type = "simple";
64 DynamicUser = true;
65 StateDirectory = name;
66 ExecStart = "${cfg.package}/bin/ankisyncd --config ${configFile}";
67 Restart = "always";
68 };
69 };
70 };
71 }