collabora + posgres.enable check

hosts/miniserver/configuration.nix

@@ -37,7 +37,7 @@
       adguardhome.enable = false;
       audiobookshelf.enable = false;
       bazarr.enable = false;
-      collabora.enable = false;
+      collabora.enable = true;
       flame.enable = true;
       flameSecret.enable = true;
       go-vod.enable = false;

modules/servers/paperless.nix

@@ -1,28 +1,29 @@
 { lib, config, ... }: {
   options.my.servers.paperless.enable = lib.mkEnableOption "enable";
-  config = lib.mkIf config.my.servers.paperless.enable {
+  config = lib.mkIf
-    services.paperless = {
+    (config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
-      enable = true;
+      services.paperless = {
-      address = "0.0.0.0";
+        enable = true;
-      consumptionDirIsPublic = true;
+        address = "0.0.0.0";
-      consumptionDir = "/mnt/pool/scans/";
+        consumptionDirIsPublic = true;
-      settings = {
+        consumptionDir = "/mnt/pool/scans/";
-        PAPERLESS_DBENGINE = "postgress";
+        settings = {
-        PAPERLESS_DBNAME = "paperless";
+          PAPERLESS_DBENGINE = "postgress";
-        PAPERLESS_DBHOST = config.my.postgresSocket;
+          PAPERLESS_DBNAME = "paperless";
-        PAPERLESS_CONSUMER_IGNORE_PATTERN =
+          PAPERLESS_DBHOST = config.my.postgresSocket;
-          builtins.toJSON [ ".DS_STORE/*" "desktop.ini" ];
+          PAPERLESS_CONSUMER_IGNORE_PATTERN =
-        PAPERLESS_TIME_ZONE = "America/Mexico_City";
+            builtins.toJSON [ ".DS_STORE/*" "desktop.ini" ];
-        PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
+          PAPERLESS_TIME_ZONE = "America/Mexico_City";
-          optimize = 1;
+          PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
-          pdfa_image_compression = "lossless";
+            optimize = 1;
+            pdfa_image_compression = "lossless";
+          };
         };
       };
+      networking.firewall = {
+        enable = true;
+        allowedTCPPorts = [ config.services.paperless.port ];
+        allowedUDPPorts = [ config.services.paperless.port ];
+      };
     };
-    networking.firewall = {
-      enable = true;
-      allowedTCPPorts = [ config.services.paperless.port ];
-      allowedUDPPorts = [ config.services.paperless.port ];
-    };
-  };
 }

modules/servers/ryot.nix

@@ -4,31 +4,33 @@ let
   url = "tracker.${config.my.domain}";
 in {
   options.my.servers.ryot.enable = lib.mkEnableOption "enable";
-  config = lib.mkIf config.my.servers.ryot.enable {
+  config = lib.mkIf
-    virtualisation.oci-containers = {
+    (config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
-      backend = "docker";
+      virtualisation.oci-containers = {
-      containers.ryot = {
+        backend = "docker";
-        image = "ghcr.io/ignisda/ryot:v5.5.0";
+        containers.ryot = {
-        ports = [ "8765:8000" ];
+          image = "ghcr.io/ignisda/ryot:v5.5.0";
-        environment = {
+          ports = [ "8765:8000" ];
-          TZ = "America/Mexico_City";
+          environment = {
-          DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
+            TZ = "America/Mexico_City";
-          FRONTEND_INSECURE_COOKIES = "true";
+            DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
-          VIDEO_GAMES_TWITCH_CLIENT_ID = "tfu0hw0zbdbu4lco4h72nqkb8krxp9";
+            FRONTEND_INSECURE_COOKIES = "true";
-          VIDEO_GAMES_TWITCH_CLIENT_SECRET = "582ecfb01ihv6wnt8zbc9pf3hs9p54";
+            VIDEO_GAMES_TWITCH_CLIENT_ID = "tfu0hw0zbdbu4lco4h72nqkb8krxp9";
-        };
+            VIDEO_GAMES_TWITCH_CLIENT_SECRET = "582ecfb01ihv6wnt8zbc9pf3hs9p54";
-        volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
+          };
-        labels = {
+          volumes =
-          "flame.type" = "application";
+            [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
-          "flame.name" = "Ryot";
+          labels = {
-          "flame.url" = url;
+            "flame.type" = "application";
-          "flame.icon" = "radar";
+            "flame.name" = "Ryot";
+            "flame.url" = url;
+            "flame.icon" = "radar";
+          };
         };
       };
+      services.nginx = {
+        enable = true;
+        virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
+      };
     };
-    services.nginx = {
-      enable = true;
-      virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
-    };
-  };
 }

modules/servers/shiori.nix

@@ -2,20 +2,21 @@
   disabledModules = [ "services/web-apps/shiori.nix" ];
   imports = [ ../../pkgs/shiori/shiori-service.nix ];
   options.my.servers.shiori.enable = lib.mkEnableOption "enable";
-  config = lib.mkIf config.my.servers.shiori.enable {
+  config = lib.mkIf
-    services = {
+    (config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
-      shiori = {
+      services = {
-        enable = true;
+        shiori = {
-        port = 4368;
+          enable = true;
-        package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
+          port = 4368;
-        httpSecretKey = "password";
+          package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
-        databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
+          httpSecretKey = "password";
-      };
+          databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
-      nginx = {
+        };
-        enable = true;
+        nginx = {
-        virtualHosts."bookmarks.${config.my.domain}" =
+          enable = true;
-          proxyReverse config.services.shiori.port // { };
+          virtualHosts."bookmarks.${config.my.domain}" =
+            proxyReverse config.services.shiori.port // { };
+        };
       };
     };
-  };
 }

modules/servers/vaultwarden.nix

@@ -1,31 +1,32 @@
 { lib, config, pkgs, proxyReverse, ... }: {
   options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable";
-  config = lib.mkIf config.my.servers.vaultwarden.enable {
+  config = lib.mkIf (config.my.servers.vaultwarden.enable
-    services = {
+    && config.my.servers.postgres.enable) {
-      vaultwarden = {
+      services = {
-        enable = true;
+        vaultwarden = {
-        dbBackend = "postgresql";
+          enable = true;
-        package = pkgs.vaultwarden;
+          dbBackend = "postgresql";
-        environmentFile = "/var/lib/vaultwarden.env";
+          package = pkgs.vaultwarden;
-        config = {
+          environmentFile = "/var/lib/vaultwarden.env";
-          ROCKET_ADDRESS = "${config.my.localhost}";
+          config = {
-          ROCKET_PORT = 8222;
+            ROCKET_ADDRESS = "${config.my.localhost}";
-          WEBSOCKET_PORT = 8333;
+            ROCKET_PORT = 8222;
-          DATABASE_URL =
+            WEBSOCKET_PORT = 8333;
-            "postgresql:///vaultwarden?host=${config.my.postgresSocket}";
+            DATABASE_URL =
-          ENABLE_DB_WAL = false;
+              "postgresql:///vaultwarden?host=${config.my.postgresSocket}";
-          WEBSOCKET_ENABLED = true;
+            ENABLE_DB_WAL = false;
-          SHOW_PASSWORD_HINT = false;
+            WEBSOCKET_ENABLED = true;
-          SIGNUPS_ALLOWED = false;
+            SHOW_PASSWORD_HINT = false;
-          EXTENDED_LOGGING = true;
+            SIGNUPS_ALLOWED = false;
-          LOG_LEVEL = "warn";
+            EXTENDED_LOGGING = true;
+            LOG_LEVEL = "warn";
+          };
+        };
+        nginx = {
+          enable = true;
+          virtualHosts."vault.${config.my.domain}" =
+            proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
         };
       };
-      nginx = {
-        enable = true;
-        virtualHosts."vault.${config.my.domain}" =
-          proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
-      };
     };
-  };
 }