ookflix: add containers

2024-12-02 12:30:30 +11:00 · 2024-12-02 12:30:30 +11:00 · 79a37fa8eb
commit 79a37fa8eb
parent 4ee2e2a877
13 changed files with 303 additions and 68 deletions
--- a/modules/nixos/server/services/ookflix/lib.nix
+++ b/modules/nixos/server/services/ookflix/lib.nix
@ -1,6 +1,7 @@
 {
  lib,
  config,
+  self,
  ...
 }: let
  inherit (lib) mkOption mkEnableOption elem assertMsg;
@ -87,6 +88,15 @@
    user = mkUserOption name args.uid;
    group = mkGroupOption name args.gid;
  };
+  mkBasicServiceOptions = name: {
+    gid,
+    uid,
+    ...
+  } @ args: {
+    enable = mkEnableOption "Enable ${name} container";
+    user = mkUserOption name args.uid;
+    group = mkGroupOption name args.gid;
+  };
  mkServiceUser = service: {
    users.${service} = {
      isSystemUser = true;
@ -106,6 +116,13 @@
      group = cfg.services.${service}.group.name;
    };
  };
+  mkServiceSecret = name: service: {
+    ${name} = {
+      file = "${self}/secrets/container/${name}.age";
+      owner = cfg.services.${service}.user.name;
+      group = cfg.services.${service}.group.name;
+    };
+  };
 in {
-  inherit mkServiceOptions mkServiceStateDir mkServiceUser mkUserOption mkPortOption mkGroupOption mkVolumeOption mkSubdomainOption;
+  inherit mkServiceSecret mkBasicServiceOptions mkServiceOptions mkServiceStateDir mkServiceUser mkUserOption mkPortOption mkGroupOption mkVolumeOption mkSubdomainOption;
 }