nixos: services: servarr: migrate prowlarr

The configuration doesn't have `group`, so it's a slightly different
configuration to the rest of the *arr services.

I also want to move the other two indexer modules under `servarr`, as
they are all closely related.

modules/nixos/services/indexers/default.nix

@@ -5,13 +5,11 @@ let
 
   jackettPort = 9117;
   nzbhydraPort = 5076;
-  prowlarrPort = 9696;
 in
 {
   options.my.services.indexers = with lib; {
     jackett.enable = mkEnableOption "Jackett torrent meta-indexer";
     nzbhydra.enable = mkEnableOption "NZBHydra2 usenet meta-indexer";
-    prowlarr.enable = mkEnableOption "Prowlarr torrent & usenet meta-indexer";
   };
 
   config = lib.mkMerge [
@@ -46,33 +44,5 @@ in
         };
       };
     })
-
-    (lib.mkIf cfg.prowlarr.enable {
-      services.prowlarr = {
-        enable = true;
-      };
-
-      my.services.nginx.virtualHosts = {
-        prowlarr = {
-          port = prowlarrPort;
-        };
-      };
-
-      services.fail2ban.jails = {
-        prowlarr = ''
-          enabled = true
-          filter = prowlarr
-          action = iptables-allports
-        '';
-      };
-
-      environment.etc = {
-        "fail2ban/filter.d/prowlarr.conf".text = ''
-          [Definition]
-          failregex = ^.*\|Warn\|Auth\|Auth-Failure ip <HOST> username .*$
-          journalmatch = _SYSTEMD_UNIT=prowlarr.service
-        '';
-      };
-    })
   ];
 }

modules/nixos/services/servarr/default.nix

@@ -6,6 +6,7 @@
 {
   imports = [
     ./bazarr.nix
+    ./prowlarr.nix
     (import ./starr.nix "lidarr")
     (import ./starr.nix "radarr")
     (import ./starr.nix "readarr")

modules/nixos/services/servarr/prowlarr.nix

@@ -0,0 +1,53 @@
+# Torrent and NZB indexer
+{ config, lib, ... }:
+let
+  cfg = config.my.services.servarr.prowlarr;
+in
+{
+  options.my.services.servarr.prowlarr = with lib; {
+    enable = lib.mkEnableOption "Prowlarr" // {
+      default = config.my.services.servarr.enableAll;
+    };
+
+    port = mkOption {
+      type = types.port;
+      default = 9696;
+      example = 8080;
+      description = "Internal port for webui";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.prowlarr = {
+      enable = true;
+
+      settings = {
+        server = {
+          port = cfg.port;
+        };
+      };
+    };
+
+    my.services.nginx.virtualHosts = {
+      prowlarr = {
+        inherit (cfg) port;
+      };
+    };
+
+    services.fail2ban.jails = {
+      prowlarr = ''
+        enabled = true
+        filter = prowlarr
+        action = iptables-allports
+      '';
+    };
+
+    environment.etc = {
+      "fail2ban/filter.d/prowlarr.conf".text = ''
+        [Definition]
+        failregex = ^.*\|Warn\|Auth\|Auth-Failure ip <HOST> username .*$
+        journalmatch = _SYSTEMD_UNIT=prowlarr.service
+      '';
+    };
+  };
+}