2025-08-26 08:55:51 -07:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
options.fava = {
|
|
|
|
|
enable = lib.mkEnableOption "Enables fava double entry accounting";
|
2025-09-15 11:29:52 -07:00
|
|
|
ledgerFiles = lib.mkOption {
|
|
|
|
|
default = ["/var/lib/fava/ledger.beancount"];
|
|
|
|
|
};
|
2025-08-26 08:55:51 -07:00
|
|
|
port = lib.mkOption { default = "5000"; };
|
|
|
|
|
host = lib.mkOption { default = "localhost"; };
|
2025-09-15 11:29:52 -07:00
|
|
|
favaHome = lib.mkOption { default = "/var/lib/fava"; };
|
2025-08-26 08:55:51 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = lib.mkIf config.fava.enable {
|
|
|
|
|
systemd.services.fava = {
|
|
|
|
|
description = "Fava";
|
|
|
|
|
after = [ "network-online.target" ];
|
|
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
serviceConfig = {
|
2025-09-15 11:29:52 -07:00
|
|
|
ExecStart = with config.fava; let
|
|
|
|
|
command = lib.concatStringsSep " " ([
|
|
|
|
|
"${pkgs.fava}/bin/fava"
|
|
|
|
|
"--port ${port}"
|
|
|
|
|
"--host ${host}"
|
|
|
|
|
] ++ ["--"] ++ ledgerFiles);
|
|
|
|
|
in command;
|
2025-08-26 08:55:51 -07:00
|
|
|
Type = "simple";
|
|
|
|
|
User = "fava";
|
|
|
|
|
Group = "fava";
|
|
|
|
|
Restart = "on-failure";
|
|
|
|
|
RestartSec = "5s";
|
|
|
|
|
NoNewPrivileges = true;
|
|
|
|
|
PrivateTmp = true;
|
|
|
|
|
PrivateDevices = true;
|
|
|
|
|
ProtectHome = true;
|
|
|
|
|
ProtectSystem = "full";
|
2025-09-15 11:29:52 -07:00
|
|
|
ReadWriteDirectories = config.fava.favaHome;
|
2025-08-26 08:55:51 -07:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.users.fava = {
|
2025-09-15 11:29:52 -07:00
|
|
|
home = config.fava.favaHome;
|
2025-08-26 08:55:51 -07:00
|
|
|
createHome = true;
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
group = "fava";
|
|
|
|
|
};
|
|
|
|
|
users.groups.fava = {};
|
|
|
|
|
|
|
|
|
|
system.extraPkgs = [
|
|
|
|
|
pkgs.beancount
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
}
|
