scan-to-gpg/module.nix

47 lines
1.0 KiB
Nix
Raw Normal View History

2024-11-24 20:39:16 +01:00
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.scan-to-gpg;
in {
options = {
services.scan-to-gpg = {
enable = mkEnableOption "scan-to-gpg";
gpgkey = mkOption {
type = types.path;
description = "Path to a file containing to GPG public key to encrypt to";
};
};
};
config = mkIf cfg.enable {
systemd.services.scan-to-gpg = {
description = "FTP server that saves uploaded files GPG encrypted";
wantedBy = [ "multi-user.target" ];
requires = [ "network.target" ];
after = [ "network.target" ];
serviceConfig = {
type = "simple";
ExecStart = "${getExe pkgs.scan-to-gpg} -host 0.0.0.0 -output /var/lib/scan-to-gpg -gpgkey ${cfg.gpgkey}";
User = "scan-to-gpg";
Group = "scan-to-gpg";
StateDirectory = "scan-to-gpg";
StateDirectoryMode = "775";
};
};
users.users.scan-to-gpg = {
isSystemUser = true;
group = "scan-to-gpg";
};
users.groups.scan-to-gpg = {};
};
}