pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5let cfg = config.services.ombi;
6
7in {
8 options = {
9 services.ombi = {
10 enable = mkEnableOption ''
11 Ombi, a web application that automatically gives your shared Plex or
12 Emby users the ability to request content by themselves!
13
14 Optionally see <https://docs.ombi.app/info/reverse-proxy>
15 on how to set up a reverse proxy
16 '';
17
18 dataDir = mkOption {
19 type = types.str;
20 default = "/var/lib/ombi";
21 description = "The directory where Ombi stores its data files.";
22 };
23
24 port = mkOption {
25 type = types.port;
26 default = 5000;
27 description = "The port for the Ombi web interface.";
28 };
29
30 openFirewall = mkOption {
31 type = types.bool;
32 default = false;
33 description = "Open ports in the firewall for the Ombi web interface.";
34 };
35
36 user = mkOption {
37 type = types.str;
38 default = "ombi";
39 description = "User account under which Ombi runs.";
40 };
41
42 group = mkOption {
43 type = types.str;
44 default = "ombi";
45 description = "Group under which Ombi runs.";
46 };
47 };
48 };
49
50 config = mkIf cfg.enable {
51 systemd.tmpfiles.rules = [
52 "d '${cfg.dataDir}' 0700 ${cfg.user} ${cfg.group} - -"
53 ];
54
55 systemd.services.ombi = {
56 description = "Ombi";
57 after = [ "network.target" ];
58 wantedBy = [ "multi-user.target" ];
59
60 serviceConfig = {
61 Type = "simple";
62 User = cfg.user;
63 Group = cfg.group;
64 ExecStart = "${pkgs.ombi}/bin/Ombi --storage '${cfg.dataDir}' --host 'http://*:${toString cfg.port}'";
65 Restart = "on-failure";
66 };
67 };
68
69 networking.firewall = mkIf cfg.openFirewall {
70 allowedTCPPorts = [ cfg.port ];
71 };
72
73 users.users = mkIf (cfg.user == "ombi") {
74 ombi = {
75 isSystemUser = true;
76 group = cfg.group;
77 home = cfg.dataDir;
78 };
79 };
80
81 users.groups = mkIf (cfg.group == "ombi") { ombi = { }; };
82 };
83}