noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-11-04 11:43:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebbc9c5a5d46cbed0564edb23216ddda8608327c
dotfiles/platforms/nixos/modules/nmasur/presets/services/actualbudget/actualbudget.nix

133 lines
3.6 KiB
Nix
Raw Blame History

{
config,
pkgs,
lib,
...
}:
let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.actualbudget;
in
{
options.nmasur.presets.services.actualbudget = {
enable = lib.mkEnableOption "ActualBudget budgeting service";
port = lib.mkOption {
type = lib.types.port;
description = "Port to use for the localhost";
default = 5006;
};
prometheusPort = lib.mkOption {
type = lib.types.port;
description = "Port to use for prometheus actual exporter";
default = 5007;
};
};
config = lib.mkIf cfg.enable {
services.actual = {
enable = true;
settings = {
port = cfg.port;
};
};
# systemd.services.prometheus-actual-exporter = {
# enable = true;
# description = "Prometheus exporter for Actual budget";
# serviceConfig = {
# DynamicUser = true;
# Environment = [
# "ACTUAL_SERVER_URL=https://${hostnames.budget}:443"
# "PORT=${builtins.toString cfg.prometheusPort}"
# ];
# EnvironmentFile = [
# config.secrets.actualbudget-password.dest
# config.secrets.actualbudget-budget-id.dest
# ];
# ExecStart = lib.getExe pkgs.nmasur.prometheus-actual-exporter;
# };
# wantedBy = [
# "multi-user.target"
# ];
# };
# Used for prometheus exporter
virtualisation.podman.enable = true;
# Create a shared group for generic services
users.groups.shared = { };
users.users.actualbudget = {
isSystemUser = true;
group = "shared";
uid = 980;
};
virtualisation.oci-containers.containers.actualbudget-prometheus-exporter = {
workdir = null;
user = builtins.toString config.users.users.actualbudget.uid;
pull = "missing";
privileged = false;
ports = [ "127.0.0.1:5007:3001" ];
networks = [ ];
log-driver = "journald";
labels = {
app = "actualbudget-prometheus-exporter";
};
image = "docker.io/sakowicz/actual-budget-prometheus-exporter:1.1.5";
hostname = null;
environmentFiles = [
config.secrets.actualbudget-password.dest
config.secrets.actualbudget-budget-id.dest
];
environment = {
ACTUAL_SERVER_URL = "https://${hostnames.budget}:443";
};
# dependsOn = [ "actualbudget" ];
autoStart = true;
};
nmasur.presets.services.prometheus-exporters.scrapeTargets = [
"127.0.0.1:${builtins.toString cfg.prometheusPort}"
];
secrets.actualbudget-password = {
source = ./actualbudget-password.age;
dest = "${config.secretsDirectory}/actualbudget-password";
owner = builtins.toString config.users.users.actualbudget.uid;
group = builtins.toString config.users.users.actualbudget.uid;
};
secrets.actualbudget-budget-id = {
source = ./actualbudget-budget-id.age;
dest = "${config.secretsDirectory}/actualbudget-budget-id";
owner = builtins.toString config.users.users.actualbudget.uid;
group = builtins.toString config.users.users.actualbudget.uid;
};
# Allow web traffic to Caddy
nmasur.presets.services.caddy.routes = [
{
match = [ { host = [ hostnames.budget ]; } ];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${builtins.toString cfg.port}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.budget ];
# Backups
services.restic.backups.default.paths = [ "/var/lib/actual" ];
};
}
Reference in New Issue View Git Blame Copy Permalink