Refactor LNBits configuration to utilize flake imports and enhance modularity

Updated the lnbits.nix configuration to import the LNBits service module from a flake, improving maintainability and alignment with deployment practices. Adjusted the shared configuration to make the 'domain' parameter accessible to all imported modules, and removed the deprecated lnbits-service.nix file to streamline the setup.

config/lnbits.nix

@@ -1,6 +1,14 @@
-{ domain, pkgs, ... }:
+{ domain, pkgs, config, lib, ... }:
 
+let
+  lnbitsFlake = builtins.getFlake "path:/var/src/lnbits-src";
+in
 {
+  # Import the LNBits service module directly from the flake's nix/modules directory
+  imports = [
+    /var/src/lnbits-src/nix/modules/lnbits-service.nix
+  ];
+
   # LNBits service configuration
   services.lnbits = {
     enable = true;
@@ -8,9 +16,12 @@
     port = 5000;
     openFirewall = true;
     stateDir = "/var/lib/lnbits";
-    # Use lnbits from deployed flake source at /var/src/lnbits-src
+    # Use lnbits package from the flake
-    package = (builtins.getFlake "path:/var/src/lnbits-src").packages.${pkgs.system}.lnbits;
+    package = lnbitsFlake.packages.${pkgs.system}.lnbits;
     env = {
+      # Custom extensions path (if deployed via krops)
+      # Extensions from /var/src/lnbits-extensions will be symlinked to /var/lib/lnbits/extensions
+      # LNBITS_EXTENSIONS_PATH = "/var/lib/lnbits/extensions";
       LNBITS_ADMIN_UI = "true";
       AUTH_ALLOWED_METHODS = "user-id-only, username-password";
       LNBITS_BACKEND_WALLET_CLASS = "FakeWallet";
@@ -87,9 +98,9 @@
   # This will DELETE any extensions installed via the LNBits UI.
   #
   # Option 1: Replace extensions directory entirely (use with caution)
-  # systemd.tmpfiles.rules = [
+  systemd.tmpfiles.rules = [
-  #   "L+ /var/lib/lnbits/extensions - - - - /var/src/lnbits-extensions"
+    "L+ /var/lib/lnbits/extensions - - - - /var/src/lnbits-extensions"
-  # ];
+  ];
   #
   # Option 2: Manually merge deployed extensions with existing ones
   # Copy deployed extensions into the extensions directory without replacing it:

config/modules/lnbits-service.nix

@@ -1,123 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
-  defaultUser = "lnbits";
-  cfg = config.services.lnbits;
-  inherit (lib) mkOption mkIf types optionalAttrs literalExpression;
-in
-
-{
-  options = {
-    services.lnbits = {
-      enable = mkOption {
-        default = false;
-        type = types.bool;
-        description = ''
-          Whether to enable the lnbits service
-        '';
-      };
-      openFirewall = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Whether to open the ports used by lnbits in the firewall for the server
-        '';
-      };
-      package = mkOption {
-        type = types.package;
-        defaultText = literalExpression "pkgs.lnbits";
-        default = pkgs.lnbits;
-        description = ''
-          The lnbits package to use.
-        '';
-      };
-      stateDir = mkOption {
-        type = types.path;
-        default = "/var/lib/lnbits";
-        description = ''
-          The lnbits state directory
-        '';
-      };
-      host = mkOption {
-        type = types.str;
-        default = "127.0.0.1";
-        description = ''
-          The host to bind to
-        '';
-      };
-      port = mkOption {
-        type = types.port;
-        default = 8231;
-        description = ''
-          The port to run on
-        '';
-      };
-      user = mkOption {
-        type = types.str;
-        default = "lnbits";
-        description = "user to run lnbits as";
-      };
-      group = mkOption {
-        type = types.str;
-        default = "lnbits";
-        description = "group to run lnbits as";
-      };
-      env = mkOption {
-        type = types.attrsOf types.str;
-        default = {};
-        description = ''
-          Additional environment variables that are passed to lnbits.
-          Reference Variables: https://github.com/lnbits/lnbits/blob/dev/.env.example
-        '';
-        example = {
-          LNBITS_ADMIN_UI = "true";
-        };
-      };
-    };
-  };
-
-  config = mkIf cfg.enable {
-    users.users = optionalAttrs (cfg.user == defaultUser) {
-      ${defaultUser} = {
-        isSystemUser = true;
-        group = defaultUser;
-      };
-    };
-
-    users.groups = optionalAttrs (cfg.group == defaultUser) {
-      ${defaultUser} = { };
-    };
-
-    systemd.tmpfiles.rules = [
-      "d ${cfg.stateDir}                            0700 ${cfg.user} ${cfg.group} - -"
-      "d ${cfg.stateDir}/data                       0700 ${cfg.user} ${cfg.group} - -"
-    ];
-
-    systemd.services.lnbits = {
-      enable = true;
-      description = "lnbits";
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network-online.target" ];
-      environment = lib.mkMerge [
-        {
-          LNBITS_DATA_FOLDER = "${cfg.stateDir}/data";
-          # LNBits automatically appends '/extensions' to this path
-          LNBITS_EXTENSIONS_PATH = "${cfg.stateDir}";
-        }
-        cfg.env
-      ];
-      serviceConfig = {
-        User = cfg.user;
-        Group = cfg.group;
-        WorkingDirectory = "${cfg.package}/lib/python3.12/site-packages";
-        StateDirectory = "lnbits";
-        ExecStart = "${cfg.package}/bin/lnbits --port ${toString cfg.port} --host ${cfg.host}";
-        Restart = "always";
-        PrivateTmp = true;
-      };
-    };
-    networking.firewall = mkIf cfg.openFirewall {
-      allowedTCPPorts = [ cfg.port ];
-    };
-  };
-}

config/shared.nix

@@ -3,8 +3,7 @@
 {
   imports = [
     /var/src/config-nginx
-    /var/src/config-modules/lnbits-service.nix
+    { _module.args = { inherit domain; }; } # passes <mydomain.com> for nginx virtualHosts
-    { _module.args = { inherit domain; }; }
     /var/src/config-pict-rs
     /var/src/config-lnbits
   ];