colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
40e49b40ab
nixpkgs/nixos/modules/services/networking/syncplay.nix
Jade Lovelace 6c5ab28fce nixos: fix a bunch of services missing dep on network-online.target 
This was done by generating a truly hilarious configuration:

rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix

The following were not tested due to other evaluation errors. They
should probably be manually audited.
services.amule
services.castopod
services.ceph
services.chatgpt-retrieval-plugin
services.clamsmtp
services.clight
services.dante
services.dex
services.discourse
services.dwm-status
services.engelsystem
services.foundationdb
services.frigate
services.frp
services.grocy
services.guacamole-client
services.hedgedoc
services.home-assistant
services.honk
services.imaginary
services.jitsi-meet
services.kerberos_server
services.limesurvey
services.mastodon
services.mediawiki
services.mobilizon
services.moodle
services.mosquitto
services.nextcloud
services.nullmailer
services.patroni
services.pfix-srsd
services.pgpkeyserver-lite
services.postfixadmin
services.roundcube
services.schleuder
services.self-deploy
services.slskd
services.spacecookie
services.statsd
services.step-ca
services.sympa
services.tsmBackup
services.vdirsyncer
services.vikunja
services.yandex-disk
services.zabbixWeb
2024-01-19 00:11:34 -08:00

132 lines
3.8 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.syncplay;
cmdArgs =
[ "--port" cfg.port ]
++ optionals (cfg.salt != null) [ "--salt" cfg.salt ]
++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ]
++ cfg.extraArgs;
in
{
options = {
services.syncplay = {
enable = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "If enabled, start the Syncplay server.";
};
port = mkOption {
type = types.port;
default = 8999;
description = lib.mdDoc ''
TCP port to bind to.
'';
};
salt = mkOption {
type = types.nullOr types.str;
default = null;
description = lib.mdDoc ''
Salt to allow room operator passwords generated by this server
instance to still work when the server is restarted. The salt will be
readable in the nix store and the processlist. If this is not
intended use `saltFile` instead. Mutually exclusive with
<option>services.syncplay.saltFile</option>.
'';
};
saltFile = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
Path to the file that contains the server salt. This allows room
operator passwords generated by this server instance to still work
when the server is restarted. `null`, the server doesn't load the
salt from a file. Mutually exclusive with
<option>services.syncplay.salt</option>.
'';
};
certDir = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
TLS certificates directory to use for encryption. See
<https://github.com/Syncplay/syncplay/wiki/TLS-support>.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
description = lib.mdDoc ''
Additional arguments to be passed to the service.
'';
};
user = mkOption {
type = types.str;
default = "nobody";
description = lib.mdDoc ''
User to use when running Syncplay.
'';
};
group = mkOption {
type = types.str;
default = "nogroup";
description = lib.mdDoc ''
Group to use when running Syncplay.
'';
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
description = lib.mdDoc ''
Path to the file that contains the server password. If
`null`, the server doesn't require a password.
'';
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.salt == null || cfg.saltFile == null;
message = "services.syncplay.salt and services.syncplay.saltFile are mutually exclusive.";
}
];
systemd.services.syncplay = {
description = "Syncplay Service";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
serviceConfig = {
User = cfg.user;
Group = cfg.group;
LoadCredential = lib.optional (cfg.passwordFile != null) "password:${cfg.passwordFile}"
++ lib.optional (cfg.saltFile != null) "salt:${cfg.saltFile}";
};
script = ''
${lib.optionalString (cfg.passwordFile != null) ''
export SYNCPLAY_PASSWORD=$(cat "''${CREDENTIALS_DIRECTORY}/password")
''}
${lib.optionalString (cfg.saltFile != null) ''
export SYNCPLAY_SALT=$(cat "''${CREDENTIALS_DIRECTORY}/salt")
''}
exec ${pkgs.syncplay-nogui}/bin/syncplay-server ${escapeShellArgs cmdArgs}
'';
};
};
}
Reference in New Issue View Git Blame Copy Permalink