From ee9fd330b1bdc581dde7f33b1015f0f6f7ea2ae6 Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Sun, 4 Jun 2023 15:15:17 +0200
Subject: [PATCH] pennyworth: calibre-web kobo support

---
 nixos/machines/pennyworth/default.nix |  14 +-
 nixos/modules/calibre-web.nix         | 176 ++++++++++++++++++++++++++
 pkgs/default.nix                      |   3 +
 3 files changed, 192 insertions(+), 1 deletion(-)
 create mode 100644 nixos/modules/calibre-web.nix

diff --git a/nixos/machines/pennyworth/default.nix b/nixos/machines/pennyworth/default.nix
index b21c6d8..58d82c8 100644
--- a/nixos/machines/pennyworth/default.nix
+++ b/nixos/machines/pennyworth/default.nix
@@ -14,12 +14,14 @@ let
   };
   vpn = import ../../vpn.nix;
 in {
+  disabledModules = [ "services/web-apps/calibre-web.nix" ];
   imports = [
     ./hetznercloud.nix
     ../../roles/server.nix
     ../../roles/datakami.nix
     ../../services/backup.nix
     ../../services/email.nix
+    ../../modules/calibre-web.nix
   ];
 
   system.stateVersion = "19.03";
@@ -89,7 +91,16 @@ in {
       '';
     };
     "media.yori.cc" = sslforward "http://${vpn.ips.frumar}:32001";
-    "calibre.yori.cc" = sslforward "http://[::1]:8083";
+    "calibre.yori.cc" = lib.mkMerge [ (sslforward "http://[::1]:8083") {
+      locations."/kobo/" = {
+        proxyPass = "http://[::1]:8083/kobo/";
+        extraConfig = ''
+          proxy_buffer_size 128k;
+          proxy_buffers 4 256k;
+          proxy_busy_buffers_size 256k;
+        '';
+      };
+    } ];
   };
   networking.firewall.allowedUDPPorts = [ 31790 ]; # wg
   networking.firewall.allowedTCPPorts = [ 60307 ]; # weechat relay
@@ -118,6 +129,7 @@ in {
     options = {
       enableBookUploading = true;
       #enableBookConversion = true;
+      extraConfig.config_kepubifypath = "${pkgs.kepubify}/bin/kepubify";
     };
   };
 }
diff --git a/nixos/modules/calibre-web.nix b/nixos/modules/calibre-web.nix
new file mode 100644
index 0000000..14df5df
--- /dev/null
+++ b/nixos/modules/calibre-web.nix
@@ -0,0 +1,176 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.services.calibre-web;
+
+  inherit (lib) mkIf optionalAttrs optionalString;
+
+  concatMapAttrsStringsSep = sep: f: attrs: lib.concatStringsSep sep (lib.mapAttrsToList f attrs);
+
+  toSQL = concatMapAttrsStringsSep ", " (key: value: "${key} = " + (if
+    lib.isStringLike value then "'${value}'" else
+      if value == false then "0" else toString value));
+in
+{
+  options = with lib; {
+    services.calibre-web = {
+      enable = mkEnableOption (mdDoc "Calibre-Web");
+
+      listen = {
+        ip = mkOption {
+          type = types.str;
+          default = "::1";
+          description = lib.mdDoc ''
+            IP address that Calibre-Web should listen on.
+          '';
+        };
+
+        port = mkOption {
+          type = types.port;
+          default = 8083;
+          description = lib.mdDoc ''
+            Listen port for Calibre-Web.
+          '';
+        };
+      };
+
+      dataDir = mkOption {
+        type = types.str;
+        default = "calibre-web";
+        description = lib.mdDoc ''
+          The directory below {file}`/var/lib` where Calibre-Web stores its data.
+        '';
+      };
+
+      user = mkOption {
+        type = types.str;
+        default = "calibre-web";
+        description = lib.mdDoc "User account under which Calibre-Web runs.";
+      };
+
+      group = mkOption {
+        type = types.str;
+        default = "calibre-web";
+        description = lib.mdDoc "Group account under which Calibre-Web runs.";
+      };
+
+      openFirewall = mkOption {
+        type = types.bool;
+        default = false;
+        description = lib.mdDoc ''
+          Open ports in the firewall for the server.
+        '';
+      };
+
+      options = {
+        calibreLibrary = mkOption {
+          type = types.nullOr types.path;
+          default = null;
+          description = lib.mdDoc ''
+            Path to Calibre library.
+          '';
+        };
+
+        enableBookConversion = mkOption {
+          type = types.bool;
+          default = false;
+          description = lib.mdDoc ''
+            Configure path to the Calibre's ebook-convert in the DB.
+          '';
+        };
+
+        enableBookUploading = mkOption {
+          type = types.bool;
+          default = false;
+          description = lib.mdDoc ''
+            Allow books to be uploaded via Calibre-Web UI.
+          '';
+        };
+
+        extraConfig = mkOption {
+          type = types.attrsOf types.str;
+          default = {};
+          description = lib.mdDoc ''
+            Additional settings to write to the DB.
+          '';
+        };
+
+        reverseProxyAuth = {
+          enable = mkOption {
+            type = types.bool;
+            default = false;
+            description = lib.mdDoc ''
+              Enable authorization using auth proxy.
+            '';
+          };
+
+          header = mkOption {
+            type = types.str;
+            default = "";
+            description = lib.mdDoc ''
+              Auth proxy header name.
+            '';
+          };
+        };
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.services.calibre-web = let
+      appDb = "/var/lib/${cfg.dataDir}/app.db";
+      gdriveDb = "/var/lib/${cfg.dataDir}/gdrive.db";
+      calibreWebCmd = "${pkgs.calibre-web}/bin/calibre-web -p ${appDb} -g ${gdriveDb}";
+
+      settings = toSQL ({
+        config_port = cfg.listen.port;
+        config_uploading = cfg.options.enableBookUploading;
+        config_allow_reverse_proxy_header_login = cfg.options.reverseProxyAuth.enable;
+        config_reverse_proxy_login_header_name = cfg.options.reverseProxyAuth.header;
+      } // optionalAttrs (cfg.options.calibreLibrary != null) {
+        config_calibre_dir = cfg.options.calibreLibrary;
+      } // optionalAttrs cfg.options.enableBookConversion {
+        config_converterpath = "{pkgs.calibre}/bin/ebook-convert";
+      } // cfg.options.extraConfig);
+    in
+      {
+        description = "Web app for browsing, reading and downloading eBooks stored in a Calibre database";
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        preStart = ''
+          __RUN_MIGRATIONS_AND_EXIT=1 ${calibreWebCmd}
+
+          ${pkgs.sqlite}/bin/sqlite3 ${appDb} "update settings set ${settings}"
+        '' + optionalString (cfg.options.calibreLibrary != null) ''
+          test -f "${cfg.options.calibreLibrary}/metadata.db" || { echo "Invalid Calibre library"; exit 1; }
+        '';
+
+        serviceConfig = {
+          Type = "simple";
+          User = cfg.user;
+          Group = cfg.group;
+
+          StateDirectory = cfg.dataDir;
+          ExecStart = "${calibreWebCmd} -i ${cfg.listen.ip}";
+          Restart = "on-failure";
+        };
+      };
+
+    networking.firewall = mkIf cfg.openFirewall {
+      allowedTCPPorts = [ cfg.listen.port ];
+    };
+
+    users.users = mkIf (cfg.user == "calibre-web") {
+      calibre-web = {
+        isSystemUser = true;
+        group = cfg.group;
+      };
+    };
+
+    users.groups = mkIf (cfg.group == "calibre-web") {
+      calibre-web = {};
+    };
+  };
+
+  meta.maintainers = with lib.maintainers; [ pborzenkov ];
+}
diff --git a/pkgs/default.nix b/pkgs/default.nix
index 5f9b23d..c7de69e 100644
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -53,5 +53,8 @@
       })
     ];
   });
+  calibre-web = super.calibre-web.overridePythonAttrs (o: {
+    propagatedBuildInputs = o.propagatedBuildInputs ++ [ self.python3.pkgs.jsonschema ];
+  });
 
 })