nixos/modules/services/misc/etesync-dav.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / misc / etesync-dav.nix
at 23.11-pre 2.8 kB view raw
 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.etesync-dav;
 7in
 8  {
 9    options.services.etesync-dav = {
10      enable = mkEnableOption (lib.mdDoc "etesync-dav");
11
12      host = mkOption {
13        type = types.str;
14        default = "localhost";
15        description = lib.mdDoc "The server host address.";
16      };
17
18      port = mkOption {
19        type = types.port;
20        default = 37358;
21        description = lib.mdDoc "The server host port.";
22      };
23
24      apiUrl = mkOption {
25        type = types.str;
26        default = "https://api.etesync.com/";
27        description = lib.mdDoc "The url to the etesync API.";
28      };
29
30      openFirewall = mkOption {
31        default = false;
32        type = types.bool;
33        description = lib.mdDoc "Whether to open the firewall for the specified port.";
34      };
35
36      sslCertificate = mkOption {
37        type = types.nullOr types.path;
38        default = null;
39        example = "/var/etesync.crt";
40        description = lib.mdDoc ''
41          Path to server SSL certificate. It will be copied into
42          etesync-dav's data directory.
43        '';
44      };
45
46      sslCertificateKey = mkOption {
47        type = types.nullOr types.path;
48        default = null;
49        example = "/var/etesync.key";
50        description = lib.mdDoc ''
51          Path to server SSL certificate key.  It will be copied into
52          etesync-dav's data directory.
53        '';
54      };
55    };
56
57    config = mkIf cfg.enable {
58      networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
59
60      systemd.services.etesync-dav = {
61        description = "etesync-dav - A CalDAV and CardDAV adapter for EteSync";
62        after = [ "network-online.target" ];
63        wantedBy = [ "multi-user.target" ];
64        path = [ pkgs.etesync-dav ];
65        environment = {
66          ETESYNC_LISTEN_ADDRESS = cfg.host;
67          ETESYNC_LISTEN_PORT = toString cfg.port;
68          ETESYNC_URL = cfg.apiUrl;
69          ETESYNC_DATA_DIR = "/var/lib/etesync-dav";
70        };
71
72        serviceConfig = {
73          Type = "simple";
74          DynamicUser = true;
75          StateDirectory = "etesync-dav";
76          ExecStart = "${pkgs.etesync-dav}/bin/etesync-dav";
77          ExecStartPre = mkIf (cfg.sslCertificate != null || cfg.sslCertificateKey != null) (
78            pkgs.writers.writeBash "etesync-dav-copy-keys" ''
79              ${optionalString (cfg.sslCertificate != null) ''
80                cp ${toString cfg.sslCertificate} $STATE_DIRECTORY/etesync.crt
81              ''}
82              ${optionalString (cfg.sslCertificateKey != null) ''
83                cp ${toString cfg.sslCertificateKey} $STATE_DIRECTORY/etesync.key
84              ''}
85            ''
86          );
87          Restart = "on-failure";
88          RestartSec = "30min 1s";
89        };
90      };
91    };
92  }