Add api token param

api/api-module.nix

@@ -19,6 +19,12 @@ in
         Enable SelfPrivacy API service
       '';
     };
+    token = mkOption {
+      type = types.string;
+      description = ''
+        SelfPrivacy API token
+      '';
+    };
   };
   config = lib.mkIf cfg.enable {
 
@@ -28,6 +34,7 @@ in
         inherit (config.environment.sessionVariables) NIX_PATH;
         HOME = "/root";
         PYTHONUNBUFFERED = "1";
+        AUTH_TOKEN = cfg.token;
       } // config.networking.proxy.envVars;
       path = [ "/var/" "/var/dkim/" pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild pkgs.restic pkgs.mkpasswd ];
       after = [ "network-online.target" ];

api/api.nix

@@ -1,7 +1,8 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 {
   services.selfprivacy-api = {
     enable = true;
+    token = config.services.userdata.api.token;
   };
 
   users.users."selfprivacy-api" = {

userdata/schema.json

@@ -18,6 +18,14 @@
         "timezone": {
             "type": "string"
         },
+        "api": {
+            "type": "object",
+            "properties": {
+                "token": {
+                    "type": "string"
+                }
+            }
+        },
         "backblaze": {
             "type": "object",
             "properties": {

variables-module.nix

@@ -37,6 +37,14 @@ in
       '';
       type = types.nullOr types.string;
     };
+    api = {
+      token = mkOption {
+        description = ''
+          API token used to authenticate with the server
+        '';
+        type = types.nullOr types.string;
+      };
+    };
     backblaze = {
       bucket = mkOption {
         description = "Bucket name used for userdata backups";