{ lib, config, ... }: let cfg = config.my.services.karakeep; in { options.my.services.karakeep = { enable = lib.mkEnableOption "Karakeep (services.karakeep)"; port = lib.mkOption { type = lib.types.port; default = 3000; description = '' HTTP port for the web service. Used for Caddy reverse_proxy and services.karakeep.extraEnvironment.PORT unless overridden there. ''; }; environmentFile = lib.mkOption { type = lib.types.nullOr lib.types.path; default = null; description = '' Optional environment file merged into Karakeep systemd units (e.g. agenix). ''; }; extraEnvironment = lib.mkOption { type = lib.types.attrsOf lib.types.str; default = { }; description = '' Merged into services.karakeep.extraEnvironment. PORT defaults to my.services.karakeep.port but can be overridden here. ''; }; proxy = { enable = lib.mkEnableOption "Set the Caddy reverse proxy entry for this service"; domain = lib.mkOption { default = "example.com"; type = lib.types.str; description = '' The domain where Caddy is reachable ''; }; subdomain = lib.mkOption { default = "keep"; type = lib.types.str; description = '' Subdomain for Karakeep ''; }; host = lib.mkOption { default = "localhost"; type = lib.types.str; description = '' Hostname where Karakeep is listening ''; }; }; }; config = lib.mkMerge [ (lib.mkIf cfg.enable { services.karakeep = { enable = true; browser.enable = true; meilisearch.enable = true; environmentFile = cfg.environmentFile; extraEnvironment = { PORT = toString cfg.port; DISABLE_NEW_RELEASE_CHECK = "true"; } // cfg.extraEnvironment; }; }) (lib.mkIf cfg.proxy.enable { services.caddy = with cfg.proxy; { virtualHosts."${subdomain}.${domain}".extraConfig = '' reverse_proxy http://${host}:${toString cfg.port} import cloudflare_${domain} ''; }; }) ]; }