Projects/roowho2
1
1
Fork 0
Code Issues 27 Pull Requests Actions Releases Activity
Files
4d004fd1d18cd10fd76468fc278ce974e2bf47c9
roowho2/nix/module.nix

65 lines
1.8 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
let
cfg = config.services.roowho2;
format = pkgs.formats.toml { };
in {
options.services.roowho2 = {
enable = lib.mkEnableOption "the roowho2 daemon, replacement for multiple linux netkit services";
package = lib.mkPackageOption pkgs "roowho2" { };
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = format.type;
options = {
rwhod = {
enable = lib.mkEnableOption "the rwhod service" // {
default = true;
};
# TODO: allow configuring socket config
};
};
};
default = { };
description = "Configuration settings for Roowho2.";
};
};
config = lib.mkIf cfg.enable {
systemd.sockets.roowho2-client = {
wantedBy = [ "sockets.target" ];
description = "Roowho2 Client Communication Socket";
listenStreams = [ "/run/roowho2/roowho2.varlink" ];
socketConfig = {
Service = "roowho2.service";
FileDescriptorName = "client_socket";
};
};
systemd.sockets.roowho2-rwhod = lib.mkIf cfg.settings.rwhod.enable {
wantedBy = [ "sockets.target" ];
description = "Roowho2 Rwhod Socket";
listenDatagrams = [ "0.0.0.0:513" ];
socketConfig = {
Service = "roowho2.service";
FileDescriptorName = "rwhod_socket";
Broadcast = true;
};
};
systemd.services.roowho2 = {
serviceConfig = {
ExecStart = "${lib.getExe' cfg.package "roowhod"} --config ${format.generate "roowho2-config.toml" cfg.settings}";
Restart = "on-failure";
DynamicUser = true;
# TODO: hardening
};
};
networking.firewall.allowedUDPPorts = lib.mkIf cfg.settings.rwhod.enable [ 513 ];
environment.systemPackages = [ cfg.package ];
};
}
Reference in New Issue View Git Blame Copy Permalink