packages: { config, lib, pkgs, ... }: with lib; let suanni-server = packages."${pkgs.system}".nexus-client; cfg = config.suanni.server; in { options.suanni.server = with types; { enable = mkEnableOption "Enable Suan Ni guardian server."; verbose = mkEnableOption "Generate verbose logs and output."; event-listener = { hostname = mkOption { type = str; description = "Hostname of the event listener server."; default = ""; }; internal-port = mkOption { type = port; description = "Port on which to listen for incoming events."; default = 5354; }; }; synology-client = { host = mkOption { type = str; description = "Hostname of the Synology server."; }; port = mkOption { type = port; description = "Port on which to connect to the Synology server. Can be an SSL port."; default = 5001; }; username = mkOption { type = str; description = "User as which to connect to the Synology server."; }; password-file = mkOption { type = str; description = "File (on the local host) containing the password for the Synology server."; }; }; objectifier-client = { host = mkOption { type = str; description = "Hostname of the Objectifier server."; }; port = mkOption { type = port; description = "Port on which the Objectifier server is listening."; default = 80; }; }; mqtt-client = { host = mkOption { type = str; description = "Hostname of the MQTT server."; }; port = mkOption { type = port; description = "Port on which the MQTT server is listening."; default = 80; }; username = mkOption { type = str; description = "User as which to connect to the MQTT server."; }; password-file = mkOption { type = str; description = "File (on the local host) containing the password for the MQTT server."; }; }; }; config = mkIf cfg.enable { services.nginx = { enable = true; recommendedOptimisations = true; recommendedProxySettings = true; recommendedGzipSettings = true; virtualHosts."${cfg.hostname}" = { locations."/".proxyPass = "${toString cfg.port}"; }; }; systemd.suanni-server = { path = [ suanni-server ]; wantedBy = [ "" ]; serviceConfig = { DynamicUser = true; LoadCredential = [ "syno.passwd:${cfg.synology-client.password-file}" "mqtt.passwd:${cfg.mqtt-client.password-file}" ]; ExecStart = pkgs.writeShellScript "" (concatStringsSep " " ([ "suanni-server" "--hostname=${cfg.event-listener.hostname}" "--port=${toString cfg.event-listener.port}" "--synology-host=${}" "--synology-port=${toString cfg.synology-client.port}" "--synology-user=${cfg.synology-client.username}" "--synology-password-file=$CREDENTIALS_DIRECTORY/syno.passwd" "--mqtt-host=${}" "--mqtt-port=${toString cfg.mqtt-client.port}" "--mqtt-user=${cfg.mqtt-client.username}" "--mqtt-password-file=$CREDENTIALS_DIRECTORY/mqtt.passwd" "--objectifier-host=${}" "--objectifier-port=${cfg.objectifier-client.port}" ]) ++ (optional cfg.verbose "--verbose")); }; }; }; }