From 3805e0c9a51e9783b3de27e423092e4880bd0e3f Mon Sep 17 00:00:00 2001
From: Malte Tammena <malte.tammena@pm.me>
Date: Thu, 21 Nov 2024 09:36:39 +0100
Subject: [PATCH] feat(host/faunus-ater): replace mealie container with systemd
 service

---
 hosts/faunus-ater/modules/mealie.nix | 30 ++++++++++------------------
 1 file changed, 10 insertions(+), 20 deletions(-)

diff --git a/hosts/faunus-ater/modules/mealie.nix b/hosts/faunus-ater/modules/mealie.nix
index c7f659d..6ac6320 100644
--- a/hosts/faunus-ater/modules/mealie.nix
+++ b/hosts/faunus-ater/modules/mealie.nix
@@ -3,29 +3,17 @@
   config,
   ...
 }: {
-  virtualisation.oci-containers.containers."mealie" = {
-    image = "ghcr.io/mealie-recipes/mealie:v1.0.0-RC2";
-    ports = let port = builtins.toString config.state.services.eat.port; in ["${port}:${port}"];
-    environment = {
-      PUID = builtins.toString config.users.users.mealie.uid;
-      PGID = builtins.toString config.users.groups.mealie.gid;
+  services.mealie = {
+    enable = true;
+    listenAddress = "127.0.0.1";
+    port = config.state.services.eat.port;
+    settings = {
       ALLOW_SIGNUP = "false";
       TZ = "Europe/Berlin";
       BASE_URL = "https://eat.tammena.me";
       TOKEN_TIME = "8760";
     };
-    volumes = [
-      "/data/dirty/mealie:/app/data"
-    ];
   };
-
-  # Create user and group for the data
-  users.users.mealie = {
-    isSystemUser = true;
-    group = "mealie";
-  };
-  users.groups.mealie = {};
-
   # Configure nginx reverse proxy
   services.nginx.virtualHosts."eat.tammena.me" = {
     addSSL = true;
@@ -44,8 +32,10 @@
   };
 
   # Secrets
-  sops.secrets."certificate-key-eat-tammena-me" = {
-    owner = config.users.users.nginx.name;
-    mode = "0400";
+  sops.secrets = {
+    "certificate-key-eat-tammena-me" = {
+      owner = config.users.users.nginx.name;
+      mode = "0400";
+    };
   };
 }