pyrox.dev
1{ config, pkgs, lib, ... }:
2
3with lib;
4
5let
6 cfg = config.services.readarr;
7in
8{
9 options = {
10 services.readarr = {
11 enable = mkEnableOption "Readarr, a Usenet/BitTorrent ebook downloader";
12
13 dataDir = mkOption {
14 type = types.str;
15 default = "/var/lib/readarr/";
16 description = "The directory where Readarr stores its data files.";
17 };
18
19 package = mkPackageOption pkgs "readarr" { };
20
21 openFirewall = mkOption {
22 type = types.bool;
23 default = false;
24 description = ''
25 Open ports in the firewall for Readarr
26 '';
27 };
28
29 user = mkOption {
30 type = types.str;
31 default = "readarr";
32 description = ''
33 User account under which Readarr runs.
34 '';
35 };
36
37 group = mkOption {
38 type = types.str;
39 default = "readarr";
40 description = ''
41 Group under which Readarr runs.
42 '';
43 };
44 };
45 };
46
47 config = mkIf cfg.enable {
48 systemd.tmpfiles.settings."10-readarr".${cfg.dataDir}.d = {
49 inherit (cfg) user group;
50 mode = "0700";
51 };
52
53 systemd.services.readarr = {
54 description = "Readarr";
55 after = [ "network.target" ];
56 wantedBy = [ "multi-user.target" ];
57
58 serviceConfig = {
59 Type = "simple";
60 User = cfg.user;
61 Group = cfg.group;
62 ExecStart = "${cfg.package}/bin/Readarr -nobrowser -data='${cfg.dataDir}'";
63 Restart = "on-failure";
64 };
65 };
66
67 networking.firewall = mkIf cfg.openFirewall {
68 allowedTCPPorts = [ 8787 ];
69 };
70
71 users.users = mkIf (cfg.user == "readarr") {
72 readarr = {
73 description = "Readarr service";
74 home = cfg.dataDir;
75 group = cfg.group;
76 isSystemUser = true;
77 };
78 };
79
80 users.groups = mkIf (cfg.group == "readarr") {
81 readarr = { };
82 };
83 };
84}