diff --git a/config/lnbits.nix b/config/lnbits.nix index 690f900..b0070d0 100644 --- a/config/lnbits.nix +++ b/config/lnbits.nix @@ -1,6 +1,14 @@ -{ domain, pkgs, ... }: +{ domain, pkgs, config, lib, ... }: +let + lnbitsFlake = builtins.getFlake "path:/var/src/lnbits-src"; +in { + # Import the LNBits service module directly from the flake's nix/modules directory + imports = [ + /var/src/lnbits-src/nix/modules/lnbits-service.nix + ]; + # LNBits service configuration services.lnbits = { enable = true; @@ -8,9 +16,12 @@ port = 5000; openFirewall = true; stateDir = "/var/lib/lnbits"; - # Use lnbits from deployed flake source at /var/src/lnbits-src - package = (builtins.getFlake "path:/var/src/lnbits-src").packages.${pkgs.system}.lnbits; + # Use lnbits package from the flake + package = lnbitsFlake.packages.${pkgs.system}.lnbits; env = { + # Custom extensions path (if deployed via krops) + # Extensions from /var/src/lnbits-extensions will be symlinked to /var/lib/lnbits/extensions + # LNBITS_EXTENSIONS_PATH = "/var/lib/lnbits/extensions"; LNBITS_ADMIN_UI = "true"; AUTH_ALLOWED_METHODS = "user-id-only, username-password"; LNBITS_BACKEND_WALLET_CLASS = "FakeWallet"; @@ -87,9 +98,9 @@ # This will DELETE any extensions installed via the LNBits UI. # # Option 1: Replace extensions directory entirely (use with caution) - # systemd.tmpfiles.rules = [ - # "L+ /var/lib/lnbits/extensions - - - - /var/src/lnbits-extensions" - # ]; + systemd.tmpfiles.rules = [ + "L+ /var/lib/lnbits/extensions - - - - /var/src/lnbits-extensions" + ]; # # Option 2: Manually merge deployed extensions with existing ones # Copy deployed extensions into the extensions directory without replacing it: diff --git a/config/modules/.gitkeep b/config/modules/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/config/modules/lnbits-service.nix b/config/modules/lnbits-service.nix deleted file mode 100644 index 358f300..0000000 --- a/config/modules/lnbits-service.nix +++ /dev/null @@ -1,123 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - defaultUser = "lnbits"; - cfg = config.services.lnbits; - inherit (lib) mkOption mkIf types optionalAttrs literalExpression; -in - -{ - options = { - services.lnbits = { - enable = mkOption { - default = false; - type = types.bool; - description = '' - Whether to enable the lnbits service - ''; - }; - openFirewall = mkOption { - type = types.bool; - default = false; - description = '' - Whether to open the ports used by lnbits in the firewall for the server - ''; - }; - package = mkOption { - type = types.package; - defaultText = literalExpression "pkgs.lnbits"; - default = pkgs.lnbits; - description = '' - The lnbits package to use. - ''; - }; - stateDir = mkOption { - type = types.path; - default = "/var/lib/lnbits"; - description = '' - The lnbits state directory - ''; - }; - host = mkOption { - type = types.str; - default = "127.0.0.1"; - description = '' - The host to bind to - ''; - }; - port = mkOption { - type = types.port; - default = 8231; - description = '' - The port to run on - ''; - }; - user = mkOption { - type = types.str; - default = "lnbits"; - description = "user to run lnbits as"; - }; - group = mkOption { - type = types.str; - default = "lnbits"; - description = "group to run lnbits as"; - }; - env = mkOption { - type = types.attrsOf types.str; - default = {}; - description = '' - Additional environment variables that are passed to lnbits. - Reference Variables: https://github.com/lnbits/lnbits/blob/dev/.env.example - ''; - example = { - LNBITS_ADMIN_UI = "true"; - }; - }; - }; - }; - - config = mkIf cfg.enable { - users.users = optionalAttrs (cfg.user == defaultUser) { - ${defaultUser} = { - isSystemUser = true; - group = defaultUser; - }; - }; - - users.groups = optionalAttrs (cfg.group == defaultUser) { - ${defaultUser} = { }; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.stateDir} 0700 ${cfg.user} ${cfg.group} - -" - "d ${cfg.stateDir}/data 0700 ${cfg.user} ${cfg.group} - -" - ]; - - systemd.services.lnbits = { - enable = true; - description = "lnbits"; - wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; - environment = lib.mkMerge [ - { - LNBITS_DATA_FOLDER = "${cfg.stateDir}/data"; - # LNBits automatically appends '/extensions' to this path - LNBITS_EXTENSIONS_PATH = "${cfg.stateDir}"; - } - cfg.env - ]; - serviceConfig = { - User = cfg.user; - Group = cfg.group; - WorkingDirectory = "${cfg.package}/lib/python3.12/site-packages"; - StateDirectory = "lnbits"; - ExecStart = "${cfg.package}/bin/lnbits --port ${toString cfg.port} --host ${cfg.host}"; - Restart = "always"; - PrivateTmp = true; - }; - }; - networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [ cfg.port ]; - }; - }; -} diff --git a/config/shared.nix b/config/shared.nix index 0840e56..20eeed5 100644 --- a/config/shared.nix +++ b/config/shared.nix @@ -3,8 +3,7 @@ { imports = [ /var/src/config-nginx - /var/src/config-modules/lnbits-service.nix - { _module.args = { inherit domain; }; } + { _module.args = { inherit domain; }; } # passes for nginx virtualHosts /var/src/config-pict-rs /var/src/config-lnbits ];