migrate selfprivacy-api NixOS module to selfprivacy API repository

But do not treat it as a SP module.

api/api-module.nix

@@ -1,152 +0,0 @@
-selfprivacy-graphql-api: { config, lib, pkgs, ... }:
-
-with lib;
-
-let
-  cfg = config.services.selfprivacy-api;
-  directionArg =
-    if cfg.direction == ""
-    then ""
-    else "--direction=${cfg.direction}";
-in
-{
-  options.services.selfprivacy-api = {
-    enable = mkOption {
-      default = true;
-      type = types.bool;
-      description = ''
-        Enable SelfPrivacy API service
-      '';
-    };
-    enableSwagger = mkOption {
-      default = false;
-      type = types.bool;
-      description = ''
-        Enable Swagger UI
-      '';
-    };
-    b2Bucket = mkOption {
-      type = types.str;
-      description = ''
-        B2 bucket
-      '';
-    };
-  };
-  config = lib.mkIf cfg.enable {
-
-    systemd.services.selfprivacy-api = {
-      description = "API Server used to control system from the mobile application";
-      environment = config.nix.envVars // {
-        inherit (config.environment.sessionVariables) NIX_PATH;
-        HOME = "/root";
-        PYTHONUNBUFFERED = "1";
-        ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0");
-        B2_BUCKET = cfg.b2Bucket;
-      } // config.networking.proxy.envVars;
-      path = [
-        "/var/"
-        "/var/dkim/"
-        pkgs.coreutils
-        pkgs.gnutar
-        pkgs.xz.bin
-        pkgs.gzip
-        pkgs.gitMinimal
-        config.nix.package.out
-        pkgs.nixos-rebuild
-        pkgs.restic
-        pkgs.mkpasswd
-        pkgs.util-linux
-        pkgs.e2fsprogs
-        pkgs.iproute2
-      ];
-      after = [ "network-online.target" ];
-      wantedBy = [ "network-online.target" ];
-      serviceConfig = {
-        User = "root";
-        ExecStart = "${selfprivacy-graphql-api}/bin/app.py";
-        Restart = "always";
-        RestartSec = "5";
-      };
-    };
-    systemd.services.selfprivacy-api-worker = {
-      description = "Task worker for SelfPrivacy API";
-      environment = config.nix.envVars // {
-        inherit (config.environment.sessionVariables) NIX_PATH;
-        HOME = "/root";
-        PYTHONUNBUFFERED = "1";
-        ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0");
-        B2_BUCKET = cfg.b2Bucket;
-        PYTHONPATH = selfprivacy-graphql-api.pythonPath + ":${selfprivacy-graphql-api}/lib/python3.10/site-packages/";
-      } // config.networking.proxy.envVars;
-      path = [
-        "/var/"
-        "/var/dkim/"
-        pkgs.coreutils
-        pkgs.gnutar
-        pkgs.xz.bin
-        pkgs.gzip
-        pkgs.gitMinimal
-        config.nix.package.out
-        pkgs.nixos-rebuild
-        pkgs.restic
-        pkgs.mkpasswd
-        pkgs.util-linux
-        pkgs.e2fsprogs
-        pkgs.iproute2
-      ];
-      after = [ "network-online.target" ];
-      wantedBy = [ "network-online.target" ];
-      serviceConfig = {
-        User = "root";
-        ExecStart = "${pkgs.python310Packages.huey}/bin/huey_consumer.py selfprivacy_api.task_registry.huey";
-        Restart = "always";
-        RestartSec = "5";
-      };
-    };
-    # One shot systemd service to rebuild NixOS using nixos-rebuild
-    systemd.services.sp-nixos-rebuild = {
-      description = "Upgrade NixOS using nixos-rebuild";
-      environment = config.nix.envVars // {
-        inherit (config.environment.sessionVariables) NIX_PATH;
-        HOME = "/root";
-      } // config.networking.proxy.envVars;
-      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
-      serviceConfig = {
-        User = "root";
-        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch";
-        KillMode = "none";
-        SendSIGKILL = "no";
-      };
-    };
-    # One shot systemd service to upgrade NixOS using nixos-rebuild
-    systemd.services.sp-nixos-upgrade = {
-      description = "Upgrade NixOS using nixos-rebuild";
-      environment = config.nix.envVars // {
-        inherit (config.environment.sessionVariables) NIX_PATH;
-        HOME = "/root";
-      } // config.networking.proxy.envVars;
-      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
-      serviceConfig = {
-        User = "root";
-        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --upgrade";
-        KillMode = "none";
-        SendSIGKILL = "no";
-      };
-    };
-    # One shot systemd service to rollback NixOS using nixos-rebuild
-    systemd.services.sp-nixos-rollback = {
-      description = "Rollback NixOS using nixos-rebuild";
-      environment = config.nix.envVars // {
-        inherit (config.environment.sessionVariables) NIX_PATH;
-        HOME = "/root";
-      } // config.networking.proxy.envVars;
-      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
-      serviceConfig = {
-        User = "root";
-        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --rollback";
-        KillMode = "none";
-        SendSIGKILL = "no";
-      };
-    };
-  };
-}

api/api.nix

@@ -1,18 +0,0 @@
-{ config, pkgs, ... }:
-{
-  services.selfprivacy-api = {
-    enable = true;
-    enableSwagger = config.selfprivacy.api.enableSwagger;
-    b2Bucket = config.selfprivacy.backup.bucket;
-  };
-
-  users.users."selfprivacy-api" = {
-    isNormalUser = false;
-    isSystemUser = true;
-    extraGroups = [ "opendkim" ];
-    group = "selfprivacy-api";
-  };
-  users.groups."selfprivacy-api" = {
-    members = [ "selfprivacy-api" ];
-  };
-}

configuration.nix

@@ -6,7 +6,6 @@
     ./volumes.nix
     ./users.nix
     ./vpn/ocserv.nix
-    ./api/api.nix
     ./social/pleroma.nix
     ./letsencrypt/acme.nix
     ./letsencrypt/resolve.nix

flake.lock

@@ -18,21 +18,21 @@
     "root": {
       "inputs": {
         "nixpkgs": "nixpkgs",
-        "selfprivacy-graphql-api": "selfprivacy-graphql-api"
+        "selfprivacy-api": "selfprivacy-api"
       }
     },
-    "selfprivacy-graphql-api": {
+    "selfprivacy-api": {
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1699259966,
-        "narHash": "sha256-NMZ1NZ/3I4d9AvegG95sSaV2Hv4A6WEfJ5UCpsFr+Zk=",
-        "ref": "flake",
-        "rev": "b6e84f2596b78da497f63179d72c903bb9b92d4e",
-        "revCount": 942,
+        "lastModified": 1700101644,
+        "narHash": "sha256-RtzREz64LQt0xO6mMW3CGtu6NOdKSStHqHM8Jlcnano=",
+        "ref": "nixos-module",
+        "rev": "e6e9d0677e51e5b1f2f5ee60809d190ab18a9f3e",
+        "revCount": 1028,
         "type": "git",
         "url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git"
       },

flake.nix

@@ -4,13 +4,13 @@
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs";
 
-    selfprivacy-graphql-api.url =
+    selfprivacy-api.url =
       "git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git";
-    # make selfprivacy-graphql-api use the same shared nixpkgs
-    selfprivacy-graphql-api.inputs.nixpkgs.follows = "nixpkgs";
+    # make selfprivacy-api use the same shared nixpkgs
+    selfprivacy-api.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = { self, nixpkgs, selfprivacy-graphql-api }: {
+  outputs = { self, nixpkgs, selfprivacy-api }: {
     nixosConfigurations-fun =
       { system
       , hardware-configuration
@@ -25,8 +25,7 @@
             hardware-configuration
             ./configuration.nix
             (import ./userdata-variables.nix userdata)
-            (import ./api/api-module.nix
-              selfprivacy-graphql-api.packages.${system}.default)
+            selfprivacy-api.nixosModules.default
             {
               # embed top-level flake source folder into the build
               environment.etc."selfprivacy/current-config-source".source =