feat: nixos module

2026-04-18 20:12:20 -06:00
parent 7e6fb22d03
commit 7aaec7388d
8 changed files with 152 additions and 25 deletions
--- a/module.nix
+++ b/module.nix
@@ -0,0 +1,107 @@
+{ self, ... }:
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.doerg;
+  doerg-config = pkgs.writeText "doerg-config.edn" ''
+    #:net.deertopia.doerg.config
+    {:org-roam-db-path "${cfg.databasePath}"
+     :state-directory "${cfg.stateDir}"
+     :port ${builtins.toString cfg.port}}
+  '';
+
+  inherit (lib) types;
+
+  org-roam-db-sync = pkgs.writeText "org-roam-db-sync.el" ''
+    #!/usr/bin/env -S emacs -Q -x
+    
+    (require 'org-roam)
+    
+    (setq org-roam-directory (expand-file-name (car command-line-args-left)))
+    (setq org-roam-db-location (expand-file-name (cadr command-line-args-left)))
+    
+    (org-roam-db-sync)
+  '';
+in {
+  options.services.doerg = {
+    enable = lib.mkEnableOption "Doerg";
+    org-roam-db-sync.enable = lib.mkEnableOption "Org-roam db sync";
+    port = lib.mkOption {
+      default = 21984;
+      type = lib.types.port;
+      description = ''
+        The port on which Doerg will listen.
+      '';
+    };
+    stateDir = lib.mkOption {
+      type = types.path;
+      default = "/var/lib/private/doerg";
+      description = "Daemon's state directory.";
+    };
+    orgDir = lib.mkOption {
+      type = types.path;
+      description = "Org roam directory.";
+    };
+    package = lib.mkPackageOption pkgs "doerg" {};
+    databasePath = lib.mkOption {
+      type = types.path;
+      description = "Org roam database path";
+      default = cfg.orgDir + "org-roam.db";
+    };
+    openFirewall = lib.mkOption {
+      type = types.bool;
+      description = "Open doerg ports?";
+      default = false;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    nixpkgs.overlays = [ self.overlays.default ];
+
+    systemd.services.org-roam-db-sync = lib.mkIf cfg.org-roam-db-sync.enable {
+      script = lib.escapeShellArgs [
+        (lib.getExe cfg.package.test-emacs)
+        "-Q" "-x" org-roam-db-sync cfg.orgDir cfg.databasePath
+      ];
+      serviceConfig = {
+        Type = "oneshot";
+        ReadOnlyBindPaths = [
+          cfg.orgDir
+        ];
+      };
+    };
+
+    systemd.timers.org-roam-db-sync = lib.mkIf cfg.org-roam-db-sync.enable {
+      unitConfig.StopWhenUnneeded = true;
+      timerConfig = {
+        OnActiveSec = "1h";
+        RandomizedDelaySec = "30m";
+        Persistent = true;
+      };
+    };
+
+    networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [
+      cfg.port
+    ];
+
+    systemd.services.doerg = {
+      after = [ "network-online.target" ];
+      wants = [ "network-online.target" "org-roam-db-sync.timer" ];
+      wantedBy = [ "multi-user.target" ];
+      environment.DOERG_CONFIG = doerg-config;
+      serviceConfig = {
+        # WorkingDirectory = cfg.stateDir;
+        StateDirectory = "doerg";
+        ExecStart = lib.getExe cfg.package;
+        DynamicUser = true;
+        ProtectSystem = "strict";
+        PrivateTmp = true;
+        BindReadOnlyPaths = [
+          cfg.orgDir
+          # cfg.databasePath
+          "/nix"
+        ];
+      };
+    };
+  };
+}