{ config, lib, ... }: let cfg = config.my.services.pdf-edit; in { options.my.services.pdf-edit = with lib; { enable = mkEnableOption "PDF edition service"; port = mkOption { type = types.port; default = 8089; example = 8080; description = "Internal port for webui"; }; loginFile = mkOption { type = types.str; example = "/run/secrets/pdf-edit/login.env"; description = '' `SECURITY_INITIALLOGIN_USERNAME` and `SECURITY_INITIALLOGIN_PASSWORD` defined in the format of 'EnvironmentFile' (see `systemd.exec(5)`). ''; }; }; config = lib.mkIf cfg.enable { services.stirling-pdf = lib.mkIf cfg.enable { enable = true; environment = { SERVER_PORT = cfg.port; SECURITY_CSRFDISABLED = "false"; SYSTEM_SHOWUPDATE = "false"; # We don't care about update notifications INSTALL_BOOK_AND_ADVANCED_HTML_OPS = "true"; # Installed by the module SECURITY_ENABLELOGIN = "true"; }; environmentFiles = [ cfg.loginFile ]; }; my.services.nginx.virtualHosts = { pdf-edit = { inherit (cfg) port; }; }; }; }