{ config, pkgs, lib, ... }: with lib; let cfg = config.services.prowlarr; in { options = { services.prowlarr = { enable = mkEnableOption "Prowlarr"; openFirewall = mkOption { type = types.bool; default = false; description = lib.mdDoc "Open ports in the firewall for the Prowlarr web interface."; }; }; }; config = mkIf cfg.enable { systemd.services.prowlarr = { description = "Prowlarr"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { Type = "simple"; DynamicUser = true; StateDirectory = "prowlarr"; ExecStart = "${pkgs.prowlarr}/bin/Prowlarr -nobrowser -data=/var/lib/prowlarr"; Restart = "on-failure"; }; }; networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = [ 9696 ]; }; }; }