From 9bf0fea6f50d00372acbbd2b22a22a4e2c10f039 Mon Sep 17 00:00:00 2001
From: Malte Brandy <malte.brandy@maralorn.de>
Date: Sat, 5 Jun 2021 16:08:19 +0200
Subject: [PATCH] Improve foundry config

---
 nixos/roles/foundryvtt.nix | 52 ++++++++++++++++++++++++++++----------
 1 file changed, 38 insertions(+), 14 deletions(-)

diff --git a/nixos/roles/foundryvtt.nix b/nixos/roles/foundryvtt.nix
index fcf7f29e..e714c68e 100644
--- a/nixos/roles/foundryvtt.nix
+++ b/nixos/roles/foundryvtt.nix
@@ -2,41 +2,65 @@
 let
   name = "foundryvtt";
   stateDir = "/var/lib/${name}";
-  port = "3333";
+  dataDir = "${stateDir}/data";
+  configFile = "${dataDir}/Config/options.json";
+  config = {
+    port = 3333;
+    upnp = false;
+    hostname = "rpg.maralorn.de";
+    routePrefix = null;
+    proxySSL = true;
+    proxyPort = null;
+    minifyStaticFiles = true;
+    updateChannel = "release";
+  };
+  declarativeConfigFile = builtins.toFile "foundry-options.json" (builtins.toJSON config);
 in
 {
   config = {
-    users = {
-      groups.${name} = { };
-      users.${name} = {
-        group = name;
-        home = stateDir;
-        isSystemUser = true;
-      };
-    };
     systemd.services.${name} = {
       enable = true;
       description = "Foundryvtt server";
       serviceConfig = {
+        StateDirectory = "${name}";
         WorkingDirectory = stateDir;
+        DynamicUser = true;
         Restart = "always";
-        # Ensure ./app and ./data exist and extract the game zip to ./app
-        ExecStart = "${pkgs.nodejs}/bin/node ${stateDir}/app/resources/app/main.js --port=${port} --dataPath=${stateDir}/data";
-        User = name;
+        ExecStartPre = pkgs.writeShellScript "setup-foundry-vtt" ''
+          uid
+          mkdir -p ${stateDir}/app
+          if [[ -f "${configFile}" ]]; then
+            tempfile=$(mktemp)
+            cp "${configFile}" "$tempfile"
+            ${pkgs.jq}/bin/jq ".[0] * .[1]" -s "$tempfile" "${declarativeConfigFile}" > "${configFile}"
+          else
+            cp "${declarativeConfigFile}" "${configFile}"
+          fi
+          if [[ ! -f "${stateDir}/app/resources/app/main.js" ]]; then
+            echo "No ${name} app found. Please download zip from foundryvtt.com and extract to ${stateDir}/app"
+          fi
+        '';
+        ExecStart = "${pkgs.nodejs}/bin/node ${stateDir}/app/resources/app/main.js --dataPath=${stateDir}/data";
       };
     };
     services = {
       nginx = {
         virtualHosts = {
-          "rpg.maralorn.de" = {
+          ${config.hostname} = {
             extraConfig = ''
               client_max_body_size 300M;
+              proxy_set_header Host $host;
             '';
             forceSSL = true;
             enableACME = true;
             locations."/" = {
-              proxyPass = "http://[::1]:${port}";
+              proxyPass = "http://[::1]:${toString config.port}";
               proxyWebsockets = true;
+              extraConfig = ''
+                proxy_set_header Host $host;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+              '';
             };
           };
         };