From 1003081a72b14ab2575985c2ad6d532a3889d8d7 Mon Sep 17 00:00:00 2001
From: diniamo <diniamo53@gmail.com>
Date: Sun, 20 Oct 2024 12:50:06 +0200
Subject: [PATCH] nixos/shokoserver: init

---
 nixos/modules/misc/ids.nix                  |  2 +
 nixos/modules/module-list.nix               |  1 +
 nixos/modules/services/misc/shokoserver.nix | 78 +++++++++++++++++++++
 nixos/tests/all-tests.nix                   |  1 +
 nixos/tests/shokoserver.nix                 | 17 +++++
 5 files changed, 99 insertions(+)
 create mode 100644 nixos/modules/services/misc/shokoserver.nix
 create mode 100644 nixos/tests/shokoserver.nix

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 8b0127dc29f74..a30cc3612bb53 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -355,6 +355,7 @@ in
       rstudio-server = 324;
       localtimed = 325;
       automatic-timezoned = 326;
+      shoko = 328;
 
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
@@ -666,6 +667,7 @@ in
       localtimed = 325;
       automatic-timezoned = 326;
       uinput = 327;
+      shoko = 328;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 42cf633be1fc8..a7b5609055362 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -835,6 +835,7 @@
   ./services/misc/safeeyes.nix
   ./services/misc/sdrplay.nix
   ./services/misc/serviio.nix
+  ./services/misc/shokoserver.nix
   ./services/misc/sickbeard.nix
   ./services/misc/signald.nix
   ./services/misc/siproxd.nix
diff --git a/nixos/modules/services/misc/shokoserver.nix b/nixos/modules/services/misc/shokoserver.nix
new file mode 100644
index 0000000000000..2efa160261e44
--- /dev/null
+++ b/nixos/modules/services/misc/shokoserver.nix
@@ -0,0 +1,78 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+let
+  inherit (lib) mkOption types mkIf;
+
+  cfg = config.services.shokoserver;
+in
+{
+  options = {
+    services.shokoserver = {
+      enable = lib.mkEnableOption "ShokoServer";
+
+      package = lib.mkPackageOption pkgs "shokoserver" { };
+
+      openFirewall = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Open ports in the firewall for the ShokoAnime api and web interface.
+        '';
+      };
+
+      user = mkOption {
+        type = types.str;
+        default = "shoko";
+        description = "User account under which ShokoServer runs.";
+      };
+
+      group = mkOption {
+        type = types.str;
+        default = "shoko";
+        description = "Group under which ShokoServer runs.";
+      };
+
+      dataDir = mkOption {
+        type = types.str;
+        default = "/var/lib/shoko";
+        description = "The directory where ShokoServer stores its data files.";
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    users = {
+      users.shoko = mkIf (cfg.user == "shoko") {
+        inherit (cfg) group;
+        home = cfg.dataDir;
+        uid = config.ids.uids.shoko;
+        createHome = true;
+      };
+
+      groups.shoko.gid = mkIf (cfg.group == "shoko") config.ids.gids.shoko;
+    };
+
+    systemd.services.shokoserver = {
+      description = "ShokoServer";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        Type = "simple";
+        User = cfg.user;
+        Group = cfg.group;
+        Environment = "SHOKO_HOME=${cfg.dataDir}";
+        ExecStart = lib.getExe pkgs.shokoserver;
+        Restart = "on-failure";
+      };
+    };
+
+    networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 8111 ];
+  };
+
+  meta.maintainers = [ lib.maintainers.diniamo ];
+}
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 8ddcc779ea90c..c39b14ea1b8d2 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -906,6 +906,7 @@ in {
   shadow = handleTest ./shadow.nix {};
   shadowsocks = handleTest ./shadowsocks {};
   shattered-pixel-dungeon = handleTest ./shattered-pixel-dungeon.nix {};
+  shokoserver = handleTest ./shokoserver.nix {};
   shiori = handleTest ./shiori.nix {};
   signal-desktop = handleTest ./signal-desktop.nix {};
   silverbullet = handleTest ./silverbullet.nix {};
diff --git a/nixos/tests/shokoserver.nix b/nixos/tests/shokoserver.nix
new file mode 100644
index 0000000000000..12015965f82d3
--- /dev/null
+++ b/nixos/tests/shokoserver.nix
@@ -0,0 +1,17 @@
+import ./make-test-python.nix (
+  { lib, ... }:
+  {
+    name = "ShokoServer";
+
+    nodes.machine = {
+      services.shokoserver.enable = true;
+    };
+    testScript = ''
+      machine.wait_for_unit("shokoserver.service")
+      machine.wait_for_open_port(8111)
+      machine.succeed("curl --fail http://localhost:8111")
+    '';
+
+    meta.maintainers = [ lib.maintainers.diniamo ];
+  }
+)