{ config, lib, ... }: with lib; let cfg = config.nixfiles.modules.gotify; in { options.nixfiles.modules.gotify = { enable = mkEnableOption "Gotify"; domain = mkOption { description = "Domain name sans protocol scheme."; type = with types; str; default = "gotify.${config.networking.domain}"; }; }; config = let db = "gotify"; in mkIf cfg.enable { nixfiles.modules = { nginx = { enable = true; upstreams.gotify.servers."127.0.0.1:${toString config.services.gotify.port}" = {}; virtualHosts.${cfg.domain} = { locations."/" = { proxyPass = "http://gotify"; proxyWebsockets = true; }; extraConfig = nginxInternalOnly; }; }; postgresql = { enable = true; extraPostStart = [ '' $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' '' ]; }; }; services = { gotify = { enable = true; port = 7665; }; postgresql = { ensureDatabases = [db]; ensureUsers = [ { name = db; ensurePermissions."DATABASE \"${db}\"" = "ALL"; } ]; }; }; systemd.services.gotify-server = { after = ["network-online.target" "postgresql.service"]; environment = { GOTIFY_DATABASE_DIALECT = "postgres"; GOTIFY_DATABASE_CONNECTION = concatStringsSep " " [ "host=/run/postgresql" "user=${db}" "dbname=${db}" "sslmode=disable" ]; }; }; }; }