diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 07774dd1d29..17bd7996f9c 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -885,6 +885,7 @@ ./services/web-apps/atlassian/crowd.nix ./services/web-apps/atlassian/jira.nix ./services/web-apps/bookstack.nix + ./services/web-apps/calibre-web.nix ./services/web-apps/convos.nix ./services/web-apps/cryptpad.nix ./services/web-apps/documize.nix diff --git a/nixos/modules/services/web-apps/calibre-web.nix b/nixos/modules/services/web-apps/calibre-web.nix new file mode 100644 index 00000000000..704cd2cfa8a --- /dev/null +++ b/nixos/modules/services/web-apps/calibre-web.nix @@ -0,0 +1,165 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.services.calibre-web; + + inherit (lib) concatStringsSep mkEnableOption mkIf mkOption optional optionalString types; +in +{ + options = { + services.calibre-web = { + enable = mkEnableOption "Calibre-Web"; + + listen = { + ip = mkOption { + type = types.str; + default = "::1"; + description = '' + IP address that Calibre-Web should listen on. + ''; + }; + + port = mkOption { + type = types.port; + default = 8083; + description = '' + Listen port for Calibre-Web. + ''; + }; + }; + + dataDir = mkOption { + type = types.str; + default = "calibre-web"; + description = '' + The directory below /var/lib where Calibre-Web stores its data. + ''; + }; + + user = mkOption { + type = types.str; + default = "calibre-web"; + description = "User account under which Calibre-Web runs."; + }; + + group = mkOption { + type = types.str; + default = "calibre-web"; + description = "Group account under which Calibre-Web runs."; + }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Open ports in the firewall for the server. + ''; + }; + + options = { + calibreLibrary = mkOption { + type = types.nullOr types.path; + default = null; + description = '' + Path to Calibre library. + ''; + }; + + enableBookConversion = mkOption { + type = types.bool; + default = false; + description = '' + Configure path to the Calibre's ebook-convert in the DB. + ''; + }; + + enableBookUploading = mkOption { + type = types.bool; + default = false; + description = '' + Allow books to be uploaded via Calibre-Web UI. + ''; + }; + + reverseProxyAuth = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Enable authorization using auth proxy. + ''; + }; + + header = mkOption { + type = types.str; + default = ""; + description = '' + Auth proxy header name. + ''; + }; + }; + }; + }; + }; + + config = mkIf cfg.enable { + systemd.services.calibre-web = let + appDb = "/var/lib/${cfg.dataDir}/app.db"; + gdriveDb = "/var/lib/${cfg.dataDir}/gdrive.db"; + calibreWebCmd = "${pkgs.calibre-web}/bin/calibre-web -p ${appDb} -g ${gdriveDb}"; + + settings = concatStringsSep ", " ( + [ + "config_port = ${toString cfg.listen.port}" + "config_uploading = ${if cfg.options.enableBookUploading then "1" else "0"}" + "config_allow_reverse_proxy_header_login = ${if cfg.options.reverseProxyAuth.enable then "1" else "0"}" + "config_reverse_proxy_login_header_name = '${cfg.options.reverseProxyAuth.header}'" + ] + ++ optional (cfg.options.calibreLibrary != null) "config_calibre_dir = '${cfg.options.calibreLibrary}'" + ++ optional cfg.options.enableBookConversion "config_converterpath = '${pkgs.calibre}/bin/ebook-convert'" + ); + in + { + description = "Web app for browsing, reading and downloading eBooks stored in a Calibre database"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + User = cfg.user; + Group = cfg.group; + + StateDirectory = cfg.dataDir; + ExecStartPre = pkgs.writeShellScript "calibre-web-pre-start" ( + '' + __RUN_MIGRATIONS_AND_EXIT=1 ${calibreWebCmd} + + ${pkgs.sqlite}/bin/sqlite3 ${appDb} "update settings set ${settings}" + '' + optionalString (cfg.options.calibreLibrary != null) '' + test -f ${cfg.options.calibreLibrary}/metadata.db || { echo "Invalid Calibre library"; exit 1; } + '' + ); + + ExecStart = "${calibreWebCmd} -i ${cfg.listen.ip}"; + Restart = "on-failure"; + }; + }; + + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ cfg.listen.port ]; + }; + + users.users = mkIf (cfg.user == "calibre-web") { + calibre-web = { + isSystemUser = true; + group = cfg.group; + }; + }; + + users.groups = mkIf (cfg.group == "calibre-web") { + calibre-web = {}; + }; + }; + + meta.maintainers = with lib.maintainers; [ pborzenkov ]; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 3ce71b0abe6..45c296a27db 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -49,6 +49,7 @@ in cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {}; cage = handleTest ./cage.nix {}; cagebreak = handleTest ./cagebreak.nix {}; + calibre-web = handleTest ./calibre-web.nix {}; cassandra_2_1 = handleTest ./cassandra.nix { testPackage = pkgs.cassandra_2_1; }; cassandra_2_2 = handleTest ./cassandra.nix { testPackage = pkgs.cassandra_2_2; }; cassandra_3_0 = handleTest ./cassandra.nix { testPackage = pkgs.cassandra_3_0; }; diff --git a/nixos/tests/calibre-web.nix b/nixos/tests/calibre-web.nix new file mode 100644 index 00000000000..4f73b331112 --- /dev/null +++ b/nixos/tests/calibre-web.nix @@ -0,0 +1,53 @@ +import ./make-test-python.nix ( + { pkgs, lib, ... }: + + let + port = 3142; + defaultPort = 8083; + in + with lib; + { + name = "calibre-web"; + meta.maintainers = with pkgs.lib.maintainers; [ pborzenkov ]; + + nodes = { + default = { ... }: { + services.calibre-web.enable = true; + }; + + customized = { pkgs, ... }: { + services.calibre-web = { + enable = true; + listen.port = port; + options = { + calibreLibrary = "/tmp/books"; + reverseProxyAuth = { + enable = true; + header = "X-User"; + }; + }; + }; + environment.systemPackages = [ pkgs.calibre ]; + }; + }; + testScript = '' + start_all() + + default.wait_for_unit("calibre-web.service") + default.wait_for_open_port(${toString defaultPort}) + default.succeed( + "curl --fail 'http://localhost:${toString defaultPort}/basicconfig' | grep -q 'Basic Configuration'" + ) + + customized.succeed( + "mkdir /tmp/books && calibredb --library-path /tmp/books add -e --title test-book" + ) + customized.succeed("systemctl restart calibre-web") + customized.wait_for_unit("calibre-web.service") + customized.wait_for_open_port(${toString port}) + customized.succeed( + "curl --fail -H X-User:admin 'http://localhost:${toString port}' | grep -q test-book" + ) + ''; + } +) diff --git a/pkgs/servers/calibre-web/default.nix b/pkgs/servers/calibre-web/default.nix index 2886d96f0fc..f24a1f32f88 100644 --- a/pkgs/servers/calibre-web/default.nix +++ b/pkgs/servers/calibre-web/default.nix @@ -1,5 +1,6 @@ { lib , fetchFromGitHub +, nixosTests , python3 , python3Packages }: @@ -59,6 +60,8 @@ python3.pkgs.buildPythonApplication rec { Wand ]; + passthru.tests.calibre-web = nixosTests.calibre-web; + meta = with lib; { description = "Web app for browsing, reading and downloading eBooks stored in a Calibre database"; maintainers = with maintainers; [ pborzenkov ];