From 19de5834338cbb7f6b6dfad86a15f7834fbb23f4 Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Sun, 2 Oct 2022 14:48:51 +0000
Subject: [PATCH] setup caddy and calibre-web

---
 hosts/oracle/default.nix     |  4 +--
 modules/nixos/user.nix       |  2 +-
 modules/services/calibre.nix | 52 +++++++++++++++++++++++++++++++-----
 3 files changed, 49 insertions(+), 9 deletions(-)

diff --git a/hosts/oracle/default.nix b/hosts/oracle/default.nix
index 2d1ce42..b267dc2 100644
--- a/hosts/oracle/default.nix
+++ b/hosts/oracle/default.nix
@@ -9,10 +9,10 @@ nixpkgs.lib.nixosSystem {
     home-manager.nixosModules.home-manager
     {
       networking.hostName = "oracle";
+      bookServer = "books.masu.rs";
       gui.enable = false;
       colorscheme = (import ../../modules/colorscheme/gruvbox);
-      passwordHash =
-        "$6$PZYiMGmJIIHAepTM$Wx5EqTQ5GApzXx58nvi8azh16pdxrN6Qrv1wunDlzveOgawitWzcIxuj76X9V868fsPi/NOIEO8yVXqwzS9UF.";
+      passwordHash = null;
       publicKey =
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
     }
diff --git a/modules/nixos/user.nix b/modules/nixos/user.nix
index dd5b2bd..24d0ff8 100644
--- a/modules/nixos/user.nix
+++ b/modules/nixos/user.nix
@@ -3,7 +3,7 @@
   options = {
 
     passwordHash = lib.mkOption {
-      type = lib.types.str;
+      type = lib.types.nullOr lib.types.str;
       description = "Password created with mkpasswd -m sha-512";
       # Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM"
     };
diff --git a/modules/services/calibre.nix b/modules/services/calibre.nix
index bf7009d..9ca3838 100644
--- a/modules/services/calibre.nix
+++ b/modules/services/calibre.nix
@@ -2,27 +2,67 @@
 
 let
 
-  libraryPath = "/var/lib/calibre-server";
+  # Must set group owner to calibre-web
+  libraryPath = "/var/books";
 
 in {
 
-  options = { };
+  options = {
+    bookServer = lib.mkOption {
+      type = lib.types.str;
+      description = "Hostname for Calibre library";
+    };
+  };
 
   config = {
-    services.calibre-server = {
-      enable = true;
-      libraries = [ libraryPath ];
-    };
 
     services.calibre-web = {
       enable = true;
       openFirewall = true;
       options = {
+        calibreLibrary = libraryPath;
         reverseProxyAuth.enable = false;
         enableBookConversion = true;
       };
     };
 
+    services.caddy = {
+      enable = true;
+      adapter = "''"; # Required to enable JSON
+      configFile = pkgs.writeText "Caddyfile" (builtins.toJSON {
+        apps.http.servers = {
+          calibre = {
+            listen = [ ":443" ];
+            routes = [{
+              match = [{ host = [ config.bookServer ]; }];
+              handle = [{
+                handler = "reverse_proxy";
+                upstreams = [{ dial = "localhost:8083"; }];
+                headers.request.add."X-Script-Name" = [ "/calibre-web" ];
+              }];
+            }];
+          };
+        };
+      });
+
+    };
+
+    networking.firewall.interfaces.calibre = { allowedTCPPorts = [ 80 443 ]; };
+
+    # Create directory and set permissions
+    system.activationScripts.calibreLibrary.text = ''
+      if [ ! -d "${libraryPath}" ]; then
+          $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG ${libraryPath}
+      fi
+      if [ ! "$(stat -c "%G" ${libraryPath})" = "calibre-web" ]; then
+          $DRY_RUN_CMD chown $VERBOSE_ARG -R calibre-web:calibre-web ${libraryPath}
+      fi
+      if [ ! "$(stat -c "%a" ${libraryPath})" = "775" ]; then
+          $DRY_RUN_CMD chmod $VERBOSE_ARG 0775 ${libraryPath}
+          $DRY_RUN_CMD chmod $VERBOSE_ARG -R 0640 ${libraryPath}/*
+      fi
+    '';
+
   };
 
 }