pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5let
6 cfg = config.services.readarr;
7in
8{
9 options = {
10 services.readarr = {
11 enable = mkEnableOption (lib.mdDoc "Readarr");
12
13 dataDir = mkOption {
14 type = types.str;
15 default = "/var/lib/readarr/";
16 description = lib.mdDoc "The directory where Readarr stores its data files.";
17 };
18
19 package = mkOption {
20 type = types.package;
21 default = pkgs.readarr;
22 defaultText = literalExpression "pkgs.readarr";
23 description = lib.mdDoc "The Readarr package to use";
24 };
25
26 openFirewall = mkOption {
27 type = types.bool;
28 default = false;
29 description = lib.mdDoc ''
30 Open ports in the firewall for Readarr
31 '';
32 };
33
34 user = mkOption {
35 type = types.str;
36 default = "readarr";
37 description = lib.mdDoc ''
38 User account under which Readarr runs.
39 '';
40 };
41
42 group = mkOption {
43 type = types.str;
44 default = "readarr";
45 description = lib.mdDoc ''
46 Group under which Readarr runs.
47 '';
48 };
49 };
50 };
51
52 config = mkIf cfg.enable {
53 systemd.tmpfiles.rules = [
54 "d '${cfg.dataDir}' 0700 ${cfg.user} ${cfg.group} - -"
55 ];
56
57 systemd.services.readarr = {
58 description = "Readarr";
59 after = [ "network.target" ];
60 wantedBy = [ "multi-user.target" ];
61
62 serviceConfig = {
63 Type = "simple";
64 User = cfg.user;
65 Group = cfg.group;
66 ExecStart = "${cfg.package}/bin/Readarr -nobrowser -data='${cfg.dataDir}'";
67 Restart = "on-failure";
68 };
69 };
70
71 networking.firewall = mkIf cfg.openFirewall {
72 allowedTCPPorts = [ 8787 ];
73 };
74
75 users.users = mkIf (cfg.user == "readarr") {
76 readarr = {
77 description = "Readarr service";
78 home = cfg.dataDir;
79 group = cfg.group;
80 isSystemUser = true;
81 };
82 };
83
84 users.groups = mkIf (cfg.group == "readarr") {
85 readarr = { };
86 };
87 };
88}