47 lines
1.2 KiB
Nix
47 lines
1.2 KiB
Nix
{
|
|
pkgs,
|
|
service_configs,
|
|
username,
|
|
...
|
|
}:
|
|
let
|
|
owntracks_pkg = pkgs.owntracks-recorder.overrideAttrs (old: {
|
|
installPhase = old.installPhase + ''
|
|
mkdir -p $out/usr/share/ot-recorder
|
|
cp -R docroot/* $out/usr/share/ot-recorder'';
|
|
});
|
|
in
|
|
{
|
|
users.groups.owntracks = { };
|
|
users.users.owntracks = {
|
|
isNormalUser = true;
|
|
group = "owntracks";
|
|
};
|
|
|
|
systemd.services.owntracks = {
|
|
enable = true;
|
|
description = "Store and access data published by OwnTracks apps";
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = {
|
|
User = "owntracks";
|
|
Group = "owntracks";
|
|
WorkingDirectory = "${owntracks_pkg}";
|
|
ExecStart = "${owntracks_pkg}/bin/ot-recorder -S ${service_configs.owntracks.data_dir} --doc-root usr/share/ot-recorder --http-port ${builtins.toString service_configs.ports.owntracks} --port 0";
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"Z ${service_configs.owntracks.data_dir} 0770 owntracks owntracks"
|
|
];
|
|
|
|
services.caddy.virtualHosts."owntracks.${service_configs.https.domain}".extraConfig = ''
|
|
${builtins.readFile ../secrets/owntracks_caddy_auth}
|
|
reverse_proxy :${builtins.toString service_configs.ports.owntracks}
|
|
'';
|
|
|
|
users.users.${username}.extraGroups = [
|
|
"owntracks"
|
|
];
|
|
}
|