kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c14539cbe3730a45dadaa1b9c7216d1a2b89c1b9
nix-config/modules/services/kavita.nix
Kopatz f88d0bdf0a disable kavita temporarily
2024-04-13 21:11:51 +02:00

78 lines
2.4 KiB
Nix
Raw Blame History

{ config, pkgs, lib, inputs, ... }:
let
fqdn = "kavita.home.arpa";
useHttps = config.services.step-ca.enable;
baseDir = "/mnt/1tbssd/kavita";
mangal = "${pkgs.mangal}/bin/mangal";
in
{
networking.firewall.allowedTCPPorts = [ 5000 ];
systemd.tmpfiles.rules = [
"d ${baseDir} 0770 kavita kavita -"
"d ${baseDir}/manga 0770 kavita kavita -"
];
age.secrets.kavita = {
file = ../../secrets/kavita.age;
owner = "kavita";
group = "kavita";
};
services.kavita = {
enable = false;
user = "kavita";
settings.Port = 5000;
dataDir = baseDir;
tokenKeyFile = config.age.secrets.kavita.path;
settings.IpAddresses = "127.0.0.1";
settings.BaseUrl = "/kavita";
};
#todo: base url needs new kavita version
systemd.services.kavita = {
after = [ "nginx.service" "step-ca.service" ];
};
systemd.services.download-manga = {
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
startAt = "*-*-* 19:00:00";
script = ''
${mangal} inline -S Mangapill -q omniscient -m first -d
${mangal} inline -S Mangapill --query "oshi-no-ko" --manga first --download
${mangal} inline -S Mangapill --query "Frieren" --manga first --download
${mangal} inline -S Mangapill --query "Chainsaw" --manga first --download
'';
serviceConfig = {
PrivateTmp = true;
User = "kavita";
Group = "kavita";
Type = "oneshot";
WorkingDirectory = "${baseDir}/manga";
};
};
# services.nginx.virtualHosts."kopatz.ddns.net".locations."/kavita" = {
# proxyPass = "http://127.0.0.1:5000";
# extraConfig = ''
# add_header Access-Control-Allow-Origin *;
# add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
# add_header Access-Control-Allow-Headers "Authorization, Origin, X-Requested-With, Content-Type, Accept";
# '';
# };
security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory";
services.nginx.virtualHosts."${fqdn}" = {
forceSSL = useHttps;
enableACME = useHttps;
quic = useHttps;
http3 = useHttps;
locations."/".proxyPass = "http://127.0.0.1:5000";
locations."/".extraConfig = ''
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
add_header Access-Control-Allow-Headers "Authorization, Origin, X-Requested-With, Content-Type, Accept";
'';
};
}
Reference in New Issue View Git Blame Copy Permalink