From 21a59137a649f9a8f6c898a7259028757846eaca Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 19:14:45 +0000 Subject: [PATCH 1/2] nixos/podgrab: add user/group options --- nixos/modules/services/misc/podgrab.nix | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/podgrab.nix b/nixos/modules/services/misc/podgrab.nix index c596122fd31c..44e88aac4ae1 100644 --- a/nixos/modules/services/misc/podgrab.nix +++ b/nixos/modules/services/misc/podgrab.nix @@ -22,6 +22,18 @@ in example = 4242; description = lib.mdDoc "The port on which Podgrab will listen for incoming HTTP traffic."; }; + + user = mkOption { + type = types.str; + default = "podgrab"; + description = "User under which Podgrab runs, and which owns the download directory."; + }; + + group = mkOption { + type = types.str; + default = "podgrab"; + description = "Group under which Podgrab runs, and which owns the download directory."; + }; }; config = lib.mkIf cfg.enable { @@ -35,7 +47,8 @@ in PORT = toString cfg.port; }; serviceConfig = { - DynamicUser = true; + User = cfg.user; + Group = cfg.group; EnvironmentFile = lib.optionals (cfg.passwordFile != null) [ cfg.passwordFile ]; @@ -44,6 +57,13 @@ in StateDirectory = [ "podgrab/config" "podgrab/data" ]; }; }; + + users.users.podgrab = lib.mkIf (cfg.user == "podgrab") { + isSystemUser = true; + group = cfg.group; + }; + + users.groups.podgrab = lib.mkIf (cfg.group == "podgrab") { }; }; meta.maintainers = with lib.maintainers; [ ambroisie ]; From 65251f102d3fd62cf267f592e09acf0ac0a31a1e Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Thu, 21 Mar 2024 19:21:30 +0000 Subject: [PATCH 2/2] nixos/podgrab: add 'dataDirectory' option --- nixos/modules/services/misc/podgrab.nix | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/misc/podgrab.nix b/nixos/modules/services/misc/podgrab.nix index 44e88aac4ae1..c428cb4244c1 100644 --- a/nixos/modules/services/misc/podgrab.nix +++ b/nixos/modules/services/misc/podgrab.nix @@ -1,6 +1,8 @@ { config, lib, pkgs, ... }: let cfg = config.services.podgrab; + + stateDir = "/var/lib/podgrab"; in { options.services.podgrab = with lib; { @@ -23,6 +25,13 @@ in description = lib.mdDoc "The port on which Podgrab will listen for incoming HTTP traffic."; }; + dataDirectory = mkOption { + type = types.path; + default = "${stateDir}/data"; + example = "/mnt/podcasts"; + description = "Directory to store downloads."; + }; + user = mkOption { type = types.str; default = "podgrab"; @@ -37,12 +46,16 @@ in }; config = lib.mkIf cfg.enable { + systemd.tmpfiles.settings."10-pyload" = { + ${cfg.dataDirectory}.d = { inherit (cfg) user group; }; + }; + systemd.services.podgrab = { description = "Podgrab podcast manager"; wantedBy = [ "multi-user.target" ]; environment = { - CONFIG = "/var/lib/podgrab/config"; - DATA = "/var/lib/podgrab/data"; + CONFIG = "${stateDir}/config"; + DATA = cfg.dataDirectory; GIN_MODE = "release"; PORT = toString cfg.port; }; @@ -54,7 +67,7 @@ in ]; ExecStart = "${pkgs.podgrab}/bin/podgrab"; WorkingDirectory = "${pkgs.podgrab}/share"; - StateDirectory = [ "podgrab/config" "podgrab/data" ]; + StateDirectory = [ "podgrab/config" ]; }; };