diff --git a/inventories/default.nix b/inventories/default.nix index a133d01..40e1deb 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -11,6 +11,7 @@ pocket-id = ../modules/clan/pocket-id; nextcloud = ../modules/clan/nextcloud; stirling-pdf = ../modules/clan/stirling-pdf; + actual-budget = ../modules/clan/actual-budget; }; inventory = { @@ -38,6 +39,13 @@ }; roles.default.machines.b4l = { }; }; + actual-budget = { + module = { + name = "actual-budget"; + input = "self"; + }; + roles.default.machines.b4l = { }; + }; }; services = { diff --git a/modules/clan/actual-budget/default.nix b/modules/clan/actual-budget/default.nix new file mode 100644 index 0000000..d625ebb --- /dev/null +++ b/modules/clan/actual-budget/default.nix @@ -0,0 +1,54 @@ +{ lib, ... }: +{ + _class = "clan.service"; + manifest.name = "actual-budget"; + manifest.description = "A local-first personal finance app "; + manifest.categories = [ "System" ]; + + roles.default = { + interface.options = { + domain = lib.mkOption { + type = lib.types.str; + default = "budget"; + description = "Sub domain for Actual Budget."; + }; + }; + + perInstance = + { + settings, + ... + }: + { + nixosModule = + { + config, + ... + }: + let + domain = "${settings.domain}.${config.networking.fqdn}"; + in + { + services.actual = { + enable = true; + openFirewall = true; + settings = { + port = 5006; + allowedLoginMethods = [ + "password" + "openid" + ]; + trustedProxies = [ "127.0.0.1" ]; + }; + }; + services.nginx.virtualHosts."${domain}" = { + forceSSL = true; + useACMEHost = "${config.networking.fqdn}"; + locations."/" = { + proxyPass = "http://localhost:${builtins.toString config.services.actual.settings.port}"; + }; + }; + }; + }; + }; +}