My Nix Configuration
[marvin] init booklore service
+106
-1
+2
hosts/marvin/default.nix
+2
hosts/marvin/default.nix
···
11
11
# keep-sorted start
12
12
./services/anubis.nix
13
13
./services/avahi.nix
14
+
./services/booklore.nix
14
15
./services/bots.nix
15
16
./services/gdq-cals.nix
16
17
./services/git.nix
···
20
21
./services/jellyfin.nix
21
22
./services/matrix.nix
22
23
./services/miniflux.nix
24
+
./services/mysql.nix
23
25
./services/nextcloud
24
26
./services/nginx.nix
25
27
./services/paperless.nix
+91
hosts/marvin/services/booklore.nix
+91
hosts/marvin/services/booklore.nix
···
1
+
{
2
+
self,
3
+
config,
4
+
pkgs,
5
+
...
6
+
}:
7
+
let
8
+
d = self.lib.data.services.booklore;
9
+
dataDir = "/var/lib/booklore";
10
+
u = config.users.users.booklore;
11
+
g = config.users.groups.booklore;
12
+
sec = config.age.secrets;
13
+
14
+
bookloreFolder = {
15
+
d = {
16
+
mode = "0750";
17
+
user = "booklore";
18
+
group = "booklore";
19
+
};
20
+
};
21
+
in
22
+
{
23
+
virtualisation.oci-containers.containers.booklore-server = {
24
+
image = "ghcr.io/booklore-app/booklore:latest";
25
+
ports = [ "${toString d.port}:${toString d.port}" ];
26
+
volumes = [
27
+
"${dataDir}/data:/app/data"
28
+
"${dataDir}/books:/books"
29
+
"${dataDir}/bookdrop:/bookdrop"
30
+
];
31
+
environment = {
32
+
USER_ID = "${toString u.uid}";
33
+
GROUP_ID = "${toString g.gid}";
34
+
BOOKLORE_PORT = toString d.port;
35
+
TZ = "America/New_York";
36
+
DATABASE_USERNAME = "booklore";
37
+
DATABASE_URL = "jdbc:mariadb://localhost:3306/booklore";
38
+
DATABASE_PASSWORD = "bookloreDatabasePassword123!";
39
+
};
40
+
networks = [ "host" ];
41
+
# environmentFiles = [ sec.booklore-env.path ];
42
+
};
43
+
44
+
systemd.tmpfiles.settings = {
45
+
"10-booklore" = {
46
+
"${dataDir}/data" = bookloreFolder;
47
+
"${dataDir}/books" = bookloreFolder;
48
+
"${dataDir}/bookdrop" = bookloreFolder;
49
+
};
50
+
};
51
+
users = {
52
+
users.booklore = {
53
+
isSystemUser = true;
54
+
group = "booklore";
55
+
description = "Booklore service user";
56
+
uid = 940;
57
+
};
58
+
groups.booklore = {
59
+
gid = 940;
60
+
};
61
+
};
62
+
# Configure MySQL
63
+
services.mysql = {
64
+
ensureUsers = [
65
+
{
66
+
name = "booklore";
67
+
ensurePermissions = {
68
+
"booklore.*" = "ALL PRIVILEGES";
69
+
};
70
+
}
71
+
];
72
+
ensureDatabases = [ "booklore" ];
73
+
initialScript = pkgs.writeText "mysql-init.sql" ''
74
+
CREATE DATABASE IF NOT EXISTS booklore;
75
+
DROP USER IF EXISTS 'booklore'@'localhost';
76
+
CREATE USER IF NOT EXISTS 'booklore'@'localhost' IDENTIFIED WITH unix_socket;
77
+
ALTER USER 'booklore'@'localhost' IDENTIFIED BY 'bookloreDatabasePassword123!';
78
+
GRANT ALL PRIVILEGES ON booklore.* TO 'booklore'@'localhost';
79
+
FLUSH PRIVILEGES;
80
+
'';
81
+
};
82
+
systemd.services.docker-booklore-server.after = [ "mysql.service" ];
83
+
84
+
age.secrets = {
85
+
# booklore-env = {
86
+
# owner = "booklore";
87
+
# group = "booklore";
88
+
# file = ./secrets/booklore-env.age;
89
+
# };
90
+
};
91
+
}
+7
hosts/marvin/services/mysql.nix
+7
hosts/marvin/services/mysql.nix
+6
-1
lib/data/services.toml
+6
-1
lib/data/services.toml
···
6
6
# tsHost: (optional) What Tailscale host this service will run on, for services only available via Tailscale.
7
7
# # Should only be set if this is available externally, if at all, since TS-only services aren't able to be scraped.
8
8
# Current lowest unassigned service/anubis port: 6938/8410
9
-
# Misc available ports: 6905-6, 6908-11, 6913, 6916-21, 6923-4, 6927, 6933
9
+
# Misc available ports: 6906, 6908-11, 6913, 6916-21, 6923-4, 6927, 6933
10
10
# Misc Anubis available: 8401, 8407
11
+
12
+
[booklore]
13
+
port = 6905
14
+
host = "marvin"
15
+
extUrl = "lib.pyrox.dev"
11
16
12
17
[buildbot-server]
13
18
port = 6915