Add module options implementing the user services

module.nix

@@ -1,13 +1,67 @@
 flake: { config, lib, pkgs, ... }:
 
 let
-  inherit (lib) mkIf mkOption types;
+  inherit (lib) mapAttrsToList mkEnableOption mkMerge mkOption types;
-
+  intakeCfg = config.services.intake;
-  cfg = config.services.intake;
 in {
   options = {
+    services.intake = {
+      listen.addr = mkOption {
+        type = types.str;
+        default = "0.0.0.0";
+        description = "Listen address for the nginx entry point.";
+      };
+
+      listen.port = mkOption {
+        type = types.port;
+        default = 80;
+        description = "Listen port for the nginx entry point.";
+      };
+
+      users = mkOption {
+        description = "User intake service definitions.";
+        default = {};
+        type = types.attrsOf (types.submodule {
+          options = {
+            enable = mkEnableOption "intake, a personal feed aggregator.";
+
+            packages = mkOption {
+              type = types.listOf types.package;
+              default = [];
+              description = "Additional packages available to the intake service.";
+            };
+          };
+        });
+      };
+    };
   };
 
-  config = {
+  config =
+  let
+    # Define the intake package and a python environment to run it from
+    intake = flake.packages.${pkgs.stdenv.hostPlatform.system}.default;
+    pythonEnv = pkgs.python38.withPackages (pypkgs: [ intake ]);
+  in {
+    systemd.services =
+    let
+      runScript = userName: pkgs.writeShellScript "intake-run.sh" ''
+        ${pythonEnv}/bin/intake run -d /home/${userName}/.local/share/intake
+      '';
+      # systemd service definition for a single user, given `services.intake.users.userName` = `userCfg`
+      userServiceConfig = userName: userCfg: {
+        "intake@${userName}" = {
+          description = "Intake service for user ${userName}";
+          script = "${runScript userName}";
+          path = userCfg.packages;
+          serviceConfig = {
+            User = userName;
+            Type = "simple";
+          };
+          wantedBy = [ "multi-user.target" ];
+          after = [ "network.target" ];
+          enable = userCfg.enable;
+        };
+      };
+    in mkMerge (mapAttrsToList userServiceConfig intakeCfg.users);
   };
-}
+}

tests/demo.nix

@@ -1,15 +1,6 @@
 flake: { pkgs, ... }:
 
-let
+{
-  intake = flake.packages.${pkgs.stdenv.hostPlatform.system}.default;
-
-  pythonPkg = pkgs.python38;
-  pythonEnv = pythonPkg.withPackages (pypkgs: [ intake ]);
-
-  intakeRun = pkgs.writeShellScript "intake-run.sh" ''
-    ${pythonEnv}/bin/intake run -d /home/alpha/.local/share/intake
-  '';
-in {
   system.stateVersion = "22.11";
 
   nixos-shell.mounts = {
@@ -18,18 +9,7 @@ in {
     cache = "none";
   };
 
-  systemd.services."intake@alpha" = {
+  services.intake.users.alpha.enable = true;
-    description = "Intake service for user alpha";
-    script = "${intakeRun}";
-    path = [ ];
-    serviceConfig = {
-      User = "alpha";
-      Type = "simple";
-    };
-    wantedBy = [ "multi-user.target" ];
-    after = [ "network.target" ];
-    enable = true;
-  };
 
   services.nginx.enable = true;
   services.nginx.virtualHosts = {
@@ -37,10 +17,7 @@ in {
       listen = [ { addr = "localhost"; port = 8030; } ];
       locations."/".tryFiles = "/dev/null @dummy";
       locations."@dummy" = {
-        return = "200 'this is alpha'";
+        proxyPass = "http://127.0.0.1:5000";
-        extraConfig = ''
-          add_header Content-Type text/plain always;
-        '';
       };
     };
     beta-fsid = {