Setup home-manager for some service users
diff --git a/modules/home-manager-users.nix b/modules/home-manager-users.nix
new file mode 100644
index 0000000..e83e0cb
--- /dev/null
+++ b/modules/home-manager-users.nix
@@ -0,0 +1,29 @@
+# Home manager is used separately from this deploy, but we still need to create
+# user accounts in the system config
+{ pkgs, lib, ... }:
+let
+ mkUser = username: {
+ isSystemUser = true;
+ linger = true;
+ createHome = true;
+ home = "/services/${username}";
+ group = "clicks";
+ shell = pkgs.bashInteractive;
+ };
+in
+{
+ imports = [
+ (builtins.fetchurl {
+ url = "https://gist.githubusercontent.com/graham33/fdbdcc18317a621d9dd54beb36be6683/raw/776ed252749313470f1c9a286a0419ba9746d133/loginctl-linger.nix";
+ sha256 = "sha256:0hwm4f13dwd27gbdn5ddvbrmcvfb70jr658jz4nbkzwzh8c02qj8";
+ })
+ ];
+
+ users.users = lib.pipe ../services [
+ builtins.readDir
+ (lib.filterAttrs (_name: value: value == "directory"))
+ builtins.attrNames
+ (map (name: { inherit name; value = mkUser name; }))
+ builtins.listToAttrs
+ ];
+}
diff --git a/services/README.md b/services/README.md
new file mode 100644
index 0000000..6caca82
--- /dev/null
+++ b/services/README.md
@@ -0,0 +1,16 @@
+# README
+
+IMPORTANT: **ONLY UNPRIVILEGED, NIX/SYSTEMD RUN SERVICES ARE INCLUDED HERE.
+SERVICES RUN WITH PM2 OR THAT NEED ROOT ARE NOT INCLUDED HERE**
+
+- systemd services should be *user* services so the unprivileged service account
+ can run them
+- all configuration should be [home-manager](https://github.com/nix-community/home-manager)
+ configuration files rather than NixOS configuration files
+
+## Installed services
+
+<!-- spell-checker:words etherpad -->
+- etherpad: <https://etherpad.org/>
+ - uses git-sync with home-manager to sync the release-3.x
+ - runs using a systemd service
diff --git a/services/etherpad/default.nix b/services/etherpad/default.nix
new file mode 100644
index 0000000..ceeed92
--- /dev/null
+++ b/services/etherpad/default.nix
@@ -0,0 +1,42 @@
+{ pkgs, config, lib, ... }: {
+ home.packages = [ pkgs.nodejs-14_x ];
+
+ services.git-sync = {
+ enable = true;
+
+ repositories = {
+ "etherpad" = {
+ path = "${config.home.homeDirectory}/etherpad/";
+ uri = "https://github.com/ether/etherpad-lite";
+ };
+ };
+ };
+
+ systemd.user.services = {
+ git-sync-etherpad.Service = {
+ Environment = [
+ "GIT_SYNC_EXECHOOK_COMMAND=${pkgs.systemd}/bin/systemctl restart etherpad --user"
+ "GIT_SYNC_REV=1.8.18"
+ "GIT_SYNC_ONE_TIME=true"
+ ];
+ ExecStart = lib.mkForce (builtins.replaceStrings [ "\n" ] [ "" ]
+ ''${pkgs.bashInteractive}/bin/sh -c "
+ ${pkgs.coreutils}/bin/mkdir -p ${config.services.git-sync.repositories.etherpad.path}
+ && cd ${config.services.git-sync.repositories.etherpad.path}
+ && ${pkgs.git}/bin/git clone ${config.services.git-sync.repositories.etherpad.uri} .
+ && ${pkgs.git}/bin/git checkout $GIT_SYNC_REV
+ ; ${config.services.git-sync.package}/bin/git-sync"'');
+ };
+ /* etherpad = { */
+ /* Unit.Description = "A service to run etherpad"; */
+
+ /* Install.WantedBy = [ "default.target" ]; */
+
+ /* Service = rec { */
+ /* ExecStart = "${pkgs.bashInteractive}/bin/sh -c \"export PATH=$PATH:/run/current-system/sw/bin && ${WorkingDirectory}src/bin/run.sh\""; */
+ /* Restart = "always"; */
+ /* WorkingDirectory = "${config.home.homeDirectory}/etherpad/"; */
+ /* }; */
+ /* }; */
+ };
+}
diff --git a/services/kavita/default.nix b/services/kavita/default.nix
new file mode 100644
index 0000000..c724ad7
--- /dev/null
+++ b/services/kavita/default.nix
@@ -0,0 +1 @@
+{ pkgs, config, lib, ... }: {}
diff --git a/services/mailu/default.nix b/services/mailu/default.nix
new file mode 100644
index 0000000..0967ef4
--- /dev/null
+++ b/services/mailu/default.nix
@@ -0,0 +1 @@
+{}