move around

2024-03-28 14:55:31 +01:00
parent 6b1f2cf9de
commit 9b088ec40a
17 changed files with 79 additions and 78 deletions
--- a/modules/services/kavita.nix
+++ b/modules/services/kavita.nix
@@ -0,0 +1,74 @@
+{ config, pkgs, lib, inputs, ... }:
+let
+  fqdn = "kavita.home.arpa";
+  useHttps = config.services.step-ca.enable;
+  baseDir = "/mnt/1tbssd/kavita";
+  mangal = "${pkgs.mangal}/bin/mangal";
+in
+{
+  networking.firewall.allowedTCPPorts = [ 5000 ];
+  systemd.tmpfiles.rules = [
+      "d ${baseDir} 0770 kavita kavita -"
+      "d ${baseDir}/manga 0770 kavita kavita -"
+  ];
+  age.secrets.kavita = {
+    file = ../../secrets/kavita.age;
+    owner = "kavita";
+    group = "kavita";
+  };
+  services.kavita = {
+    enable = true;
+    user = "kavita";
+    port = 5000;
+    dataDir = baseDir;
+    tokenKeyFile = config.age.secrets.kavita.path;
+  };
+
+  #todo: base url needs new kavita version
+  systemd.services.kavita = {
+      preStart = ''
+        umask u=rwx,g=rx,o=
+        cat > "/mnt/1tbssd/kavita/config/appsettings.json" <<EOF
+        {
+          "TokenKey": "$(cat ${config.age.secrets.kavita.path})",
+          "Port": 5000,
+          "BaseUrl" : "/books",
+          "IpAddresses": "${lib.concatStringsSep "," ["0.0.0.0" "::"]}"
+        }
+        EOF
+      '';
+  };
+
+  systemd.services.download-manga = {
+    wantedBy = [ "multi-user.target" ];
+    
+    wants = [ "network-online.target" ];
+    after = [ "network-online.target" ];
+    startAt = "*-*-* 19:00:00";
+    script = ''
+      ${mangal} inline -S Mangapill -q omniscient -m first -d
+      ${mangal} inline -S Mangapill --query "oshi-no-ko" --manga first --download
+    '';
+    serviceConfig = {
+    	PrivateTmp = true;
+    	User = "kavita";
+    	Group = "kavita";
+        Type = "oneshot";
+    	WorkingDirectory = "${baseDir}/manga";
+    };
+  };
+
+  security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory";
+  services.nginx.virtualHosts."${fqdn}" = {
+    forceSSL = useHttps;
+    enableACME = useHttps;
+    quic = useHttps;
+    http3 = useHttps;
+    locations."/".proxyPass = "http://127.0.0.1:5000";
+    locations."/".extraConfig = ''
+      add_header Access-Control-Allow-Origin *;
+      add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
+      add_header Access-Control-Allow-Headers "Authorization, Origin, X-Requested-With, Content-Type, Accept";
+    '';
+  };
+}