mirror of
https://github.com/nmasur/dotfiles
synced 2025-01-04 05:44:52 +00:00
69 lines
1.8 KiB
Nix
69 lines
1.8 KiB
Nix
{ config, lib, ... }:
|
|
{
|
|
|
|
options = {
|
|
services.actualbudget = {
|
|
enable = lib.mkEnableOption "ActualBudget budgeting service";
|
|
port = lib.mkOption {
|
|
type = lib.types.port;
|
|
description = "Port to use for the localhost";
|
|
default = 5006;
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf config.services.actualbudget.enable {
|
|
|
|
virtualisation.podman.enable = lib.mkDefault true;
|
|
|
|
users.users.actualbudget = {
|
|
isSystemUser = true;
|
|
group = "shared";
|
|
uid = 980;
|
|
};
|
|
|
|
# Create budget directory, allowing others to manage it
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/lib/actualbudget 0770 actualbudget shared"
|
|
];
|
|
|
|
virtualisation.oci-containers.containers.actualbudget = {
|
|
workdir = null;
|
|
volumes = [ "/var/lib/actualbudget:/data" ];
|
|
user = "${toString (builtins.toString config.users.users.actualbudget.uid)}";
|
|
pull = "missing";
|
|
privileged = false;
|
|
ports = [ "127.0.0.1:${builtins.toString config.services.actualbudget.port}:5006" ];
|
|
networks = [ ];
|
|
log-driver = "journald";
|
|
labels = {
|
|
app = "actualbudget";
|
|
};
|
|
image = "ghcr.io/actualbudget/actual-server:latest";
|
|
hostname = null;
|
|
environmentFiles = [ ];
|
|
environment = { };
|
|
dependsOn = [ ];
|
|
autoStart = true;
|
|
};
|
|
|
|
# Allow web traffic to Caddy
|
|
caddy.routes = [
|
|
{
|
|
match = [ { host = [ config.hostnames.budget ]; } ];
|
|
handle = [
|
|
{
|
|
handler = "reverse_proxy";
|
|
upstreams = [ { dial = "localhost:${builtins.toString config.services.actualbudget.port}"; } ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
|
|
# Configure Cloudflare DNS to point to this machine
|
|
services.cloudflare-dyndns.domains = [ config.hostnames.budget ];
|
|
|
|
};
|
|
|
|
}
|