From a26fa45c8028180d4cc18608bf4f1804606d5f21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Sun, 17 Mar 2024 20:10:23 +0100
Subject: [PATCH 1/2] docuum: init at 0.23.1

---
 pkgs/by-name/do/docuum/package.nix | 38 ++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 pkgs/by-name/do/docuum/package.nix

diff --git a/pkgs/by-name/do/docuum/package.nix b/pkgs/by-name/do/docuum/package.nix
new file mode 100644
index 000000000000..65c455038e67
--- /dev/null
+++ b/pkgs/by-name/do/docuum/package.nix
@@ -0,0 +1,38 @@
+{ lib
+, rustPlatform
+, fetchFromGitHub
+, stdenv
+, darwin
+}:
+
+rustPlatform.buildRustPackage rec {
+  pname = "docuum";
+  version = "0.23.1";
+
+  src = fetchFromGitHub {
+    owner = "stepchowfun";
+    repo = "docuum";
+    rev = "v${version}";
+    hash = "sha256-jZJkI4rk/8O6MsHjuDqmIiRc1LJpTajk/rSUVYnHiOs=";
+  };
+
+  cargoHash = "sha256-qBigfW0W3t0a43y99H22gmKBnhsu08Yd1CTTatsRfRs=";
+
+  checkFlags = [
+    # fails, no idea why
+    "--skip=format::tests::code_str_display"
+  ];
+
+  buildInputs = lib.optionals stdenv.isDarwin [
+    darwin.apple_sdk.frameworks.IOKit
+  ];
+
+  meta = with lib; {
+    description = "Least recently used (LRU) eviction of Docker images";
+    homepage = "https://github.com/stepchowfun/docuum";
+    changelog = "https://github.com/stepchowfun/docuum/blob/${src.rev}/CHANGELOG.md";
+    license = licenses.mit;
+    maintainers = with maintainers; [ mkg20001 ];
+    mainProgram = "docuum";
+  };
+}

From 94d6d4e93a3ce6b467d4b165aa74a71482d344e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Sat, 23 Mar 2024 18:25:55 +0100
Subject: [PATCH 2/2] nixos/docuum: add module for docuum package

Co-Authored-By: Martin Weinelt <mweinelt@users.noreply.github.com>
---
 nixos/modules/module-list.nix           |  1 +
 nixos/modules/services/admin/docuum.nix | 45 +++++++++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 nixos/modules/services/admin/docuum.nix

diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index d17e638a0883..2fcb4c5be055 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -330,6 +330,7 @@
   ./security/systemd-confinement.nix
   ./security/tpm2.nix
   ./security/wrappers/default.nix
+  ./services/admin/docuum.nix
   ./services/admin/meshcentral.nix
   ./services/admin/oxidized.nix
   ./services/admin/pgadmin.nix
diff --git a/nixos/modules/services/admin/docuum.nix b/nixos/modules/services/admin/docuum.nix
new file mode 100644
index 000000000000..6f6cd4e02733
--- /dev/null
+++ b/nixos/modules/services/admin/docuum.nix
@@ -0,0 +1,45 @@
+{ config, pkgs, lib, utils, ... }:
+
+let
+  cfg = config.services.docuum;
+  inherit (lib) mkIf mkEnableOption mkOption getExe types;
+in
+{
+  options.services.docuum = {
+    enable = mkEnableOption "docuum daemon";
+
+    threshold = mkOption {
+      description = "Threshold for deletion in bytes, like `10 GB`, `10 GiB`, `10GB` or percentage-based thresholds like `50%`";
+      type = types.str;
+      default = "10 GB";
+      example = "50%";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = config.virtualisation.docker.enable;
+        message = "docuum requires docker on the host";
+      }
+    ];
+
+    systemd.services.docuum = {
+      after = [ "docker.socket" ];
+      requires = [ "docker.socket" ];
+      wantedBy = [ "multi-user.target" ];
+      path = [ config.virtualisation.docker.package ];
+      environment.HOME = "/var/lib/docuum";
+
+      serviceConfig = {
+        DynamicUser = true;
+        StateDirectory = "docuum";
+        SupplementaryGroups = [ "docker" ];
+        ExecStart = utils.escapeSystemdExecArgs [
+          (getExe pkgs.docuum)
+          "--threshold" cfg.threshold
+        ];
+      };
+    };
+  };
+}