feat(APPA): migrate to official anki-sync-server module

2025-08-19 16:49:42 +02:00 · 2025-08-19 16:49:42 +02:00 · 11d0bc133f
commit 11d0bc133f
parent ce5aa85b30
1 changed files with 10 additions and 51 deletions
--- a/hosts/APPA/services/anki.nix
+++ b/hosts/APPA/services/anki.nix
@ -1,59 +1,18 @@
-{ config, pkgs, ... }:
-let
-  stateDir = "/var/lib/anki";
-  user = "anki";
-  group = "anki";
-  host = "127.0.0.1";
-  port = 8004;
-
-  anki-sync-server-run = pkgs.writeShellScriptBin "anki-sync-server-run" ''
-    export SYNC_USER1=admin:"$(cat "$1")"
-    exec ${pkgs.anki-sync-server}/bin/anki-sync-server
-  '';
-in
-{
-
-  users.users = {
-    "${user}" = {
-      description = "Anki Sync Server";
-      home = stateDir;
-      createHome = true;
-      useDefaultShell = true;
-      group = group;
-      isSystemUser = true;
-    };
-  };
-
-  users.groups = {
-    "${group}" = { };
-  };
+{ config, pkgs, ... }: {

  age.secrets.passwords-anki-admin = {
    file = ../../../secrets/passwords/anki/admin.age;
-    mode = "640";
-    owner = user;
-    group = group;
  };

-  systemd.services.anki-sync-server = {
-    description = "anki-sync-server: Anki sync server built into Anki";
-    after = [ "network.target" ];
-    wantedBy = [ "multi-user.target" ];
-    environment = {
-      SYNC_BASE = stateDir;
-      SYNC_HOST = host;
-      SYNC_PORT = toString port;
+  services.anki-sync-server = {
+    enable = true;
+    address = "127.0.0.1";
+    port = 8004;
+    openFirewall = true;
+    users = [{
+      username = "admin";
+      passwordFile = config.age.secrets.passwords-anki-admin.path;
+    }];
  };

-    serviceConfig = {
-      Type = "simple";
-      User = user;
-      Group = group;
-      ExecStart = "${anki-sync-server-run}/bin/anki-sync-server-run ${config.age.secrets.passwords-anki-admin.path}";
-      Restart = "always";
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [ port ];
-
 }