nixos/lidarr: add user/group/openFirewall opts.

This commit adds new configuration options to the Lidarr module that allows configuration of the user and group that Lidarr runs as; and to open the firewall for the Lidarr port.
2019-07-01 16:15:27 +01:00 · 2019-07-01 16:15:27 +01:00 · 6ba90c2aae
commit 6ba90c2aae
parent f08b05d89f
1 changed files with 40 additions and 7 deletions
--- a/nixos/modules/services/misc/lidarr.nix
+++ b/nixos/modules/services/misc/lidarr.nix
@ -16,6 +16,30 @@ in
        defaultText = "pkgs.lidarr";
        description = "The Lidarr package to use";
      };
+
+      openFirewall = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Open ports in the firewall for Lidarr
+        '';
+      };
+
+      user = mkOption {
+        type = types.str;
+        default = "lidarr";
+        description = ''
+          User account under which Lidarr runs.
+        '';
+      };
+
+      group = mkOption {
+        type = types.str;
+        default = "lidarr";
+        description = ''
+          Group under which Lidarr runs.
+        '';
+      };
    };
  };

@ -27,8 +51,8 @@ in

      serviceConfig = {
        Type = "simple";
-        User = "lidarr";
-        Group = "lidarr";
+        User = cfg.user;
+        Group = cfg.group;
        ExecStart = "${cfg.package}/bin/Lidarr";
        Restart = "on-failure";

@ -37,12 +61,21 @@ in
      };
    };

-    users.users.lidarr = {
-      uid = config.ids.uids.lidarr;
-      home = "/var/lib/lidarr";
-      group = "lidarr";
+    networking.firewall = mkIf cfg.openFirewall {
+      allowedTCPPorts = [ 8686 ];
    };

-    users.groups.lidarr.gid = config.ids.gids.lidarr;
+    users.users = mkIf (cfg.user == "lidarr") {
+      lidarr = {
+        group = cfg.group;
+        uid = config.ids.uids.lidarr;
+      };
+    };
+
+    users.groups = mkIf (cfg.group == "lidarr") {
+      lidarr = {
+        gid = config.ids.gids.lidarr;
+      };
+    };
  };
 }