59 lines
1.3 KiB
Nix
59 lines
1.3 KiB
Nix
{ config, pkgs, ... }:
|
|
let
|
|
stateDir = "/var/lib/anki";
|
|
user = "anki";
|
|
group = "anki";
|
|
host = "127.0.0.1";
|
|
port = 8004;
|
|
|
|
anki-sync-server-run = pkgs.writeShellScriptBin "anki-sync-server-run" ''
|
|
export SYNC_USER1=admin:"$(cat "$1")"
|
|
exec ${pkgs.anki-sync-server}/bin/anki-sync-server
|
|
'';
|
|
in
|
|
{
|
|
|
|
users.users = {
|
|
"${user}" = {
|
|
description = "Anki Sync Server";
|
|
home = stateDir;
|
|
createHome = true;
|
|
useDefaultShell = true;
|
|
group = group;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
users.groups = {
|
|
"${group}" = { };
|
|
};
|
|
|
|
age.secrets.passwords-anki-admin = {
|
|
file = ../../../secrets/passwords/anki/admin.age;
|
|
mode = "640";
|
|
owner = user;
|
|
group = group;
|
|
};
|
|
|
|
systemd.services.anki-sync-server = {
|
|
description = "anki-sync-server: Anki sync server built into Anki";
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
environment = {
|
|
SYNC_BASE = stateDir;
|
|
SYNC_HOST = host;
|
|
SYNC_PORT = toString port;
|
|
};
|
|
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
User = user;
|
|
Group = group;
|
|
ExecStart = "${anki-sync-server-run}/bin/anki-sync-server-run ${config.age.secrets.passwords-anki-admin.path}";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ port ];
|
|
|
|
}
|