2024-06-14 12:21:05 +07:00
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
cfg = config.profile.services.kavita;
|
|
|
|
user = config.profile.user;
|
|
|
|
inherit (lib) mkIf;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
fileSystems."/nas/kavita" = {
|
|
|
|
device = "/var/lib/kavita";
|
|
|
|
fsType = "none";
|
|
|
|
options = [ "bind" ];
|
|
|
|
};
|
2024-06-20 20:28:21 +07:00
|
|
|
system.activationScripts.ensure-kativa-permission = ''
|
|
|
|
chmod -R 0775 /nas/kavita
|
|
|
|
'';
|
2024-06-14 12:21:05 +07:00
|
|
|
users.groups.kavita.members = [ user.name ];
|
|
|
|
users.groups.${user.name}.members = [ "kavita" ]; # Allow kavita to read users's files copied to /var/lib/kavita via NAS
|
|
|
|
sops.secrets."kavita/token" = {
|
|
|
|
owner = "kavita";
|
|
|
|
sopsFile = ../../secrets/kavita.yaml;
|
|
|
|
};
|
|
|
|
services.caddy.virtualHosts."kavita.tigor.web.id".extraConfig = ''
|
|
|
|
reverse_proxy 0.0.0.0:${toString config.services.kavita.settings.Port}
|
|
|
|
'';
|
2024-11-24 20:46:15 +07:00
|
|
|
|
|
|
|
services.nginx.virtualHosts."kavita.tigor.web.id" = {
|
2024-11-24 21:31:04 +07:00
|
|
|
useACMEHost = "tigor.web.id";
|
2024-11-24 20:46:15 +07:00
|
|
|
forceSSL = true;
|
|
|
|
locations = {
|
|
|
|
"/" = {
|
|
|
|
proxyPass = "http://0.0.0.0:${toString config.services.kavita.settings.Port}";
|
|
|
|
proxyWebsockets = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-11-24 21:31:04 +07:00
|
|
|
|
|
|
|
security.acme.certs."tigor.web.id".extraDomainNames = [ "kavita.tigor.web.id" ];
|
2024-06-14 12:21:05 +07:00
|
|
|
services.kavita = {
|
|
|
|
enable = true;
|
|
|
|
tokenKeyFile = config.sops.secrets."kavita/token".path;
|
|
|
|
settings = {
|
|
|
|
Port = 40001;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|