From ef8633e86510b585fe498dfb3739c9ceccbbd34a Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Sat, 2 Mar 2024 12:48:08 +0100
Subject: [PATCH 1/3] modules: nixos: services: add mealie

---
 modules/nixos/services/default.nix        |  1 +
 modules/nixos/services/mealie/default.nix | 72 +++++++++++++++++++++++
 2 files changed, 73 insertions(+)
 create mode 100644 modules/nixos/services/mealie/default.nix

diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix
index 67504da..90dd3e1 100644
--- a/modules/nixos/services/default.nix
+++ b/modules/nixos/services/default.nix
@@ -16,6 +16,7 @@
     ./jellyfin
     ./lohr
     ./matrix
+    ./mealie
     ./miniflux
     ./monitoring
     ./navidrome
diff --git a/modules/nixos/services/mealie/default.nix b/modules/nixos/services/mealie/default.nix
new file mode 100644
index 0000000..ebbebb2
--- /dev/null
+++ b/modules/nixos/services/mealie/default.nix
@@ -0,0 +1,72 @@
+{ config, lib, ... }:
+let
+  cfg = config.my.services.mealie;
+in
+{
+  options.my.services.mealie = with lib; {
+    enable = mkEnableOption "Mealie service";
+
+    port = mkOption {
+      type = types.port;
+      default = 4537;
+      example = 8080;
+      description = "Internal port for webui";
+    };
+
+    credentialsFile = mkOption {
+      type = types.str;
+      example = "/var/lib/mealie/credentials.env";
+      description = ''
+        Configuration file for secrets.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.mealie = {
+      enable = true;
+      inherit (cfg) port credentialsFile;
+
+      settings = {
+        # Basic settings
+        BASE_URL = "https://mealie.${config.networking.domain}";
+        TZ = config.time.timeZone;
+        ALLOw_SIGNUP = "false";
+
+        # Use PostgreSQL
+        DB_ENGINE = "postgres";
+        POSTGRES_USER = "mealie";
+        POSTGRES_PASSWORD = "";
+        POSTGRES_SERVER = "/run/postgresql";
+        # Pydantic and/or mealie doesn't handle the URI correctly, hijack it
+        # with query parameters...
+        POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie";
+      };
+    };
+
+    systemd.services = {
+      mealie = {
+        after = [ "postgresql.service" ];
+        requires = [ "postgresql.service" ];
+      };
+    };
+
+    # Set-up database
+    services.postgresql = {
+      enable = true;
+      ensureDatabases = [ "mealie" ];
+      ensureUsers = [
+        {
+          name = "mealie";
+          ensureDBOwnership = true;
+        }
+      ];
+    };
+
+    my.services.nginx.virtualHosts = {
+      mealie = {
+        inherit (cfg) port;
+      };
+    };
+  };
+}

From a454cef0d7eef9a1b905c845353961001fa97e8d Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Sat, 2 Mar 2024 12:48:42 +0100
Subject: [PATCH 2/3] hosts: nixos: porthos: secrets: add mealie mail

---
 hosts/nixos/porthos/secrets/mealie/mail.age | Bin 0 -> 516 bytes
 hosts/nixos/porthos/secrets/secrets.nix     |   4 ++++
 2 files changed, 4 insertions(+)
 create mode 100644 hosts/nixos/porthos/secrets/mealie/mail.age

diff --git a/hosts/nixos/porthos/secrets/mealie/mail.age b/hosts/nixos/porthos/secrets/mealie/mail.age
new file mode 100644
index 0000000000000000000000000000000000000000..b7348ae2a09fbf001f2354936f2df7112ed29c5d
GIT binary patch
literal 516
zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCSn_Ri1BO;-r;FpNkx
zarH6C4=*q_$PdV^^3Mw|@riKHk4g%!N(}Th2nj4s%`D4z_vA|Vjm#?Yc6Kawb16$J
zHgpMbuQV?X$qdP?NH(nUEHMiz3v|v%EG_k{Oh&gYD<Ho-FI^!&yF4hxyTBkfImjtI
zAUVg#BgiDzC&Rg*(m$=pt<p8uz$7dz+cP)I-GVE$O5Zmk*efU_$RxzCDl6A5GQ-$0
z&(u)cGP%kvJWAiE!rk1}$)lpu-Iq&OS63lFE4;MQFw`)^Ez{gJC^90aJS4y|u_CG}
zFDEoKAjKlXFw(-O+{nelt(+^(>dN{xo*F+wSMJ%o+)34Qd+m$Y#mNF2nAzMs+zmCZ
z&HkO;SFQHv_}4?xM|;~Qq<<+mA+_rmgEqgD?OD!_Kj9&@^Z#_{x_13#%22y&^)Az0
zYmp+WBU25pX>QpU{}mgV3oV+S%QPoCC#oAvx+|#8!d`zx;7Rp8zG&tf!rQZWpU(F6
z*?IH(%8v^^9AYf7@Y(wF|K9|0riHO=+L2#*-Y>sV+qFDQonOmAkHPHSX2-s*GY_7d
zy}Kc*<3{?G)01B=%sMEVsJ$zXk89V>r5C0>cJT~bmUFSQxxVDqmm3`kZ;j%20{|t3
B%@+Uw

literal 0
HcmV?d00001

diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix
index 43a9b35..3545e3a 100644
--- a/hosts/nixos/porthos/secrets/secrets.nix
+++ b/hosts/nixos/porthos/secrets/secrets.nix
@@ -41,6 +41,10 @@ in
     publicKeys = all;
   };
 
+  "mealie/mail.age" = {
+    publicKeys = all;
+  };
+
   "miniflux/credentials.age".publicKeys = all;
 
   "monitoring/password.age" = {

From ed806aca69b909a07620e745a7f287e676ef732c Mon Sep 17 00:00:00 2001
From: Bruno BELANYI <bruno@belanyi.fr>
Date: Sat, 2 Mar 2024 12:48:59 +0100
Subject: [PATCH 3/3] hosts: nixos: porthos: services: enable mealie

---
 hosts/nixos/porthos/services.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix
index 2486752..c3ffa39 100644
--- a/hosts/nixos/porthos/services.nix
+++ b/hosts/nixos/porthos/services.nix
@@ -68,6 +68,10 @@ in
         secretFile = secrets."matrix/sliding-sync-secret".path;
       };
     };
+    mealie = {
+      enable = true;
+      credentialsFile = secrets."mealie/mail".path;
+    };
     miniflux = {
       enable = true;
       credentialsFiles = secrets."miniflux/credentials".path;