| blob | 51f3c3e468a5fef949cad6bc57a5400092437770 |
1 { config, pkgs, lib, ... }:
2 let cfg = config.services.ombi;
4 in {
5 options = {
6 services.ombi = {
7 enable = lib.mkEnableOption ''
8 Ombi, a web application that automatically gives your shared Plex or
9 Emby users the ability to request content by themselves!
11 Optionally see <https://docs.ombi.app/info/reverse-proxy>
12 on how to set up a reverse proxy
13 '';
15 dataDir = lib.mkOption {
16 type = lib.types.str;
17 default = "/var/lib/ombi";
18 description = "The directory where Ombi stores its data files.";
19 };
21 port = lib.mkOption {
22 type = lib.types.port;
23 default = 5000;
24 description = "The port for the Ombi web interface.";
25 };
27 openFirewall = lib.mkOption {
28 type = lib.types.bool;
29 default = false;
30 description = "Open ports in the firewall for the Ombi web interface.";
31 };
33 user = lib.mkOption {
34 type = lib.types.str;
35 default = "ombi";
36 description = "User account under which Ombi runs.";
37 };
39 group = lib.mkOption {
40 type = lib.types.str;
41 default = "ombi";
42 description = "Group under which Ombi runs.";
43 };
44 };
45 };
47 config = lib.mkIf cfg.enable {
48 systemd.tmpfiles.rules = [
49 "d '${cfg.dataDir}' 0700 ${cfg.user} ${cfg.group} - -"
50 ];
52 systemd.services.ombi = {
53 description = "Ombi";
54 after = [ "network.target" ];
55 wantedBy = [ "multi-user.target" ];
57 serviceConfig = {
58 Type = "simple";
59 User = cfg.user;
60 Group = cfg.group;
61 ExecStart = "${pkgs.ombi}/bin/Ombi --storage '${cfg.dataDir}' --host 'http://*:${toString cfg.port}'";
62 Restart = "on-failure";
63 };
64 };
66 networking.firewall = lib.mkIf cfg.openFirewall {
67 allowedTCPPorts = [ cfg.port ];
68 };
70 users.users = lib.mkIf (cfg.user == "ombi") {
71 ombi = {
72 isSystemUser = true;
73 group = cfg.group;
74 home = cfg.dataDir;
75 };
76 };
78 users.groups = lib.mkIf (cfg.group == "ombi") { ombi = { }; };
79 };
80 }