{ lib, pkgs, config, ... }: with lib; let cfg = config.services.brownpaper; cfgc = config.programs.brownpaper; in { options.services.brownpaper = { enable = mkEnableOption "brownpaper service"; listen = mkOption { type = types.str; default = "0.0.0.0"; }; port = mkOption { type = types.int; default = 3000; }; dataDir = mkOption { type = types.path; default = "/var/lib/brownpaper"; }; user = mkOption { type = types.str; default = "brownpaper"; }; pgpKeys = mkOption { type = with types; listOf path; default = [ ]; }; }; options.programs.brownpaper = { enable = mkEnableOption "brownpaper client"; endpoint = mkOption { type = types.str; default = "http://localhost:3000"; }; }; config = { users.users = mkIf cfg.enable { ${cfg.user} = { }; }; systemd.services.brownpaper = mkIf cfg.enable { wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; path = [ pkgs.coreutils ]; environment.BROWNPAPER_STORAGE_DIR = "${toString cfg.dataDir}"; serviceConfig = let keyDir = pkgs.runCommand "brownpaper-keys" { } '' mkdir -p $out ${concatStringsSep " && " (builtins.map (key: "ln -s ${key} $out") cfg.pgpKeys)} ''; keyScript = pkgs.writeScript "brownpaper-keyscript" '' DATADIR='${toString cfg.dataDir}' ([ ! -s "$DATADIR/keys" ] && [ -d "$DATADIR/keys" ]) && mv "$DATADIR/keys" "$DATADIR/keys.bak" [ -s "$DATADIR/keys" ] && rm "$DATADIR/keys" ln -s ${keyDir} "$DATADIR/keys" ''; in { ExecStartPre = "+${pkgs.bash}/bin/bash -c '${concatStringsSep " && " ([ "mkdir -p ${toString cfg.dataDir}" "chown ${toString cfg.user} ${toString cfg.dataDir}" ] ++ (optionals (cfg.pgpKeys != [ ]) [ "${keyScript}" ])) }'"; ExecStart = "${(pkgs.callPackage ./. { inherit pkgs; src = ./.; }).server.rootCrate.build}/bin/brownpaper ${cfg.listen}:${toString cfg.port}"; User = cfg.user; }; }; environment.systemPackages = optionals cfgc.enable [ (pkgs.writeScriptBin "brownpaper" '' BROWNPAPER_ENDPOINT='${cfgc.endpoint}' ${(pkgs.callPackage ./. { inherit pkgs; src = ./.; }).client}/bin/brownpaper "$@" '') ]; }; }