setup caddy and calibre-web

2024-09-19 20:34:46 +00:00 · 2022-10-02 14:48:51 +00:00 · 2022-10-02 14:48:51 +00:00 · 19de583433
commit 19de583433
parent 8a97d9b2da
3 changed files with 49 additions and 9 deletions
--- a/hosts/oracle/default.nix
+++ b/hosts/oracle/default.nix
@ -9,10 +9,10 @@ nixpkgs.lib.nixosSystem {
    home-manager.nixosModules.home-manager
    {
      networking.hostName = "oracle";
+      bookServer = "books.masu.rs";
      gui.enable = false;
      colorscheme = (import ../../modules/colorscheme/gruvbox);
-      passwordHash =
-        "$6$PZYiMGmJIIHAepTM$Wx5EqTQ5GApzXx58nvi8azh16pdxrN6Qrv1wunDlzveOgawitWzcIxuj76X9V868fsPi/NOIEO8yVXqwzS9UF.";
+      passwordHash = null;
      publicKey =
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
    }
--- a/modules/nixos/user.nix
+++ b/modules/nixos/user.nix
@ -3,7 +3,7 @@
  options = {

    passwordHash = lib.mkOption {
-      type = lib.types.str;
+      type = lib.types.nullOr lib.types.str;
      description = "Password created with mkpasswd -m sha-512";
      # Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM"
    };
--- a/modules/services/calibre.nix
+++ b/modules/services/calibre.nix
@ -2,27 +2,67 @@

 let

-  libraryPath = "/var/lib/calibre-server";
+  # Must set group owner to calibre-web
+  libraryPath = "/var/books";

 in {

-  options = { };
+  options = {
+    bookServer = lib.mkOption {
+      type = lib.types.str;
+      description = "Hostname for Calibre library";
+    };
+  };

  config = {
-    services.calibre-server = {
-      enable = true;
-      libraries = [ libraryPath ];
-    };

    services.calibre-web = {
      enable = true;
      openFirewall = true;
      options = {
+        calibreLibrary = libraryPath;
        reverseProxyAuth.enable = false;
        enableBookConversion = true;
      };
    };

+    services.caddy = {
+      enable = true;
+      adapter = "''"; # Required to enable JSON
+      configFile = pkgs.writeText "Caddyfile" (builtins.toJSON {
+        apps.http.servers = {
+          calibre = {
+            listen = [ ":443" ];
+            routes = [{
+              match = [{ host = [ config.bookServer ]; }];
+              handle = [{
+                handler = "reverse_proxy";
+                upstreams = [{ dial = "localhost:8083"; }];
+                headers.request.add."X-Script-Name" = [ "/calibre-web" ];
+              }];
+            }];
+          };
+        };
+      });
+
+    };
+
+    networking.firewall.interfaces.calibre = { allowedTCPPorts = [ 80 443 ]; };
+
+    # Create directory and set permissions
+    system.activationScripts.calibreLibrary.text = ''
+      if [ ! -d "${libraryPath}" ]; then
+          $DRY_RUN_CMD mkdir --parents $VERBOSE_ARG ${libraryPath}
+      fi
+      if [ ! "$(stat -c "%G" ${libraryPath})" = "calibre-web" ]; then
+          $DRY_RUN_CMD chown $VERBOSE_ARG -R calibre-web:calibre-web ${libraryPath}
+      fi
+      if [ ! "$(stat -c "%a" ${libraryPath})" = "775" ]; then
+          $DRY_RUN_CMD chmod $VERBOSE_ARG 0775 ${libraryPath}
+          $DRY_RUN_CMD chmod $VERBOSE_ARG -R 0640 ${libraryPath}/*
+      fi
+    '';
+
  };

 }