diff --git a/services/default.nix b/services/default.nix index 1498830..51e37bf 100644 --- a/services/default.nix +++ b/services/default.nix @@ -9,6 +9,7 @@ ./jellyfin.nix ./lohr.nix ./matrix.nix + ./mealie.nix ./media.nix ./microbin.nix ./miniflux.nix diff --git a/services/mealie.nix b/services/mealie.nix new file mode 100644 index 0000000..26f3c6e --- /dev/null +++ b/services/mealie.nix @@ -0,0 +1,55 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit + (lib) + mkEnableOption + mkIf + mkOption + ; + + cfg = config.my.services.mealie; + my = config.my; + + domain = config.networking.domain; + hostname = config.networking.hostName; + fqdn = "${hostname}.${domain}"; +in { + options.my.services.mealie = let + inherit (lib) types; + in { + enable = mkEnableOption "Mealie"; + port = mkOption { + type = types.port; + example = 8080; + description = "Internal port for Mealie webapp"; + }; + }; + + config = mkIf cfg.enable { + services.mealie = { + enable = true; + listenAddress = "127.0.0.1"; + port = cfg.port; + }; + + services.nginx.virtualHosts."mealie.${domain}" = { + forceSSL = true; + useACMEHost = fqdn; + + locations."/" = { + proxyPass = "http://127.0.0.1:${toString cfg.port}/"; + proxyWebsockets = true; + }; + }; + + security.acme.certs.${fqdn}.extraDomainNames = ["mealie.${domain}"]; + + my.services.restic-backup = { + paths = ["/var/lib/mealie"]; + }; + }; +}