nixpkgs/nixos/modules/services/networking/aria2.nix

{
  config,
  lib,
  pkgs,
  ...
}:

let
  cfg = config.services.aria2;

  homeDir = "/var/lib/aria2";
  defaultRpcListenPort = 6800;
  defaultDir = "${homeDir}/Downloads";

  portRangesToString =
    ranges:
    lib.concatStringsSep "," (
      map (
        x:
        if x.from == x.to then
          builtins.toString x.from
        else
          builtins.toString x.from + "-" + builtins.toString x.to
      ) ranges
    );

  customToKeyValue = lib.generators.toKeyValue {
    mkKeyValue = lib.generators.mkKeyValueDefault {
      mkValueString =
        v: if builtins.isList v then portRangesToString v else lib.generators.mkValueStringDefault { } v;
    } "=";
  };
in
{
  imports = [
    (lib.mkRemovedOptionModule [
      "services"
      "aria2"
      "rpcSecret"
    ] "Use services.aria2.rpcSecretFile instead")
    (lib.mkRemovedOptionModule [
      "services"
      "aria2"
      "extraArguments"
    ] "Use services.aria2.settings instead")
    (lib.mkRenamedOptionModule
      [ "services" "aria2" "downloadDir" ]
      [ "services" "aria2" "settings" "dir" ]
    )
    (lib.mkRenamedOptionModule
      [ "services" "aria2" "listenPortRange" ]
      [ "services" "aria2" "settings" "listen-port" ]
    )
    (lib.mkRenamedOptionModule
      [ "services" "aria2" "rpcListenPort" ]
      [ "services" "aria2" "settings" "rpc-listen-port" ]
    )
  ];

  options = {
    services.aria2 = {
      enable = lib.mkOption {
        type = lib.types.bool;
        default = false;
        description = ''
          Whether or not to enable the headless Aria2 daemon service.

          Aria2 daemon can be controlled via the RPC interface using one of many
          WebUIs (http://localhost:${toString defaultRpcListenPort}/ by default).

          Targets are downloaded to `${defaultDir}` by default and are
          accessible to users in the `aria2` group.
        '';
      };
      openPorts = lib.mkOption {
        type = lib.types.bool;
        default = false;
        description = ''
          Open listen and RPC ports found in `settings.listen-port` and
          `settings.rpc-listen-port` options in the firewall.
        '';
      };
      rpcSecretFile = lib.mkOption {
        type = lib.types.path;
        example = "/run/secrets/aria2-rpc-token.txt";
        description = ''
          A file containing the RPC secret authorization token.
          Read https://aria2.github.io/manual/en/html/aria2c.html#rpc-auth to know how this option value is used.
        '';
      };
      settings = lib.mkOption {
        description = ''
          Generates the `aria2.conf` file. Refer to [the documentation][0] for
          all possible settings.

          [0]: https://aria2.github.io/manual/en/html/aria2c.html#synopsis
        '';
        default = { };
        type = lib.types.submodule {
          freeformType =
            with lib.types;
            attrsOf (oneOf [
              bool
              int
              float
              singleLineStr
            ]);
          options = {
            save-session = lib.mkOption {
              type = lib.types.singleLineStr;
              default = "${homeDir}/aria2.session";
              description = "Save error/unfinished downloads to FILE on exit.";
            };
            dir = lib.mkOption {
              type = lib.types.singleLineStr;
              default = defaultDir;
              description = "Directory to store downloaded files.";
            };
            conf-path = lib.mkOption {
              type = lib.types.singleLineStr;
              default = "${homeDir}/aria2.conf";
              description = "Configuration file path.";
            };
            enable-rpc = lib.mkOption {
              type = lib.types.bool;
              default = true;
              description = "Enable JSON-RPC/XML-RPC server.";
            };
            listen-port = lib.mkOption {
              type = with lib.types; listOf (attrsOf port);
              default = [
                {
                  from = 6881;
                  to = 6999;
                }
              ];
              description = "Set UDP listening port range used by DHT(IPv4, IPv6) and UDP tracker.";
            };
            rpc-listen-port = lib.mkOption {
              type = lib.types.port;
              default = defaultRpcListenPort;
              description = "Specify a port number for JSON-RPC/XML-RPC server to listen to. Possible Values: 1024-65535";
            };
          };
        };
      };
    };
  };

  config = lib.mkIf cfg.enable {
    assertions = [
      {
        assertion = cfg.settings.enable-rpc;
        message = "RPC has to be enabled, the default module option takes care of that.";
      }
      {
        assertion = !(cfg.settings ? rpc-secret);
        message = "Set the RPC secret through services.aria2.rpcSecretFile so it will not end up in the world-readable nix store.";
      }
    ];

    # Need to open ports for proper functioning
    networking.firewall = lib.mkIf cfg.openPorts {
      allowedUDPPortRanges = config.services.aria2.settings.listen-port;
      allowedTCPPorts = [ config.services.aria2.settings.rpc-listen-port ];
    };

    users.users.aria2 = {
      group = "aria2";
      uid = config.ids.uids.aria2;
      description = "aria2 user";
      home = homeDir;
      createHome = false;
    };

    users.groups.aria2.gid = config.ids.gids.aria2;

    systemd.tmpfiles.rules = [
      "d '${homeDir}' 0770 aria2 aria2 - -"
      "d '${config.services.aria2.settings.dir}' 0770 aria2 aria2 - -"
    ];

    systemd.services.aria2 = {
      description = "aria2 Service";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      preStart = ''
        if [[ ! -e "${cfg.settings.save-session}" ]]
        then
          touch "${cfg.settings.save-session}"
        fi
        cp -f "${pkgs.writeText "aria2.conf" (customToKeyValue cfg.settings)}" "${cfg.settings.conf-path}"
        chmod +w "${cfg.settings.conf-path}"
        echo "rpc-secret=$(cat "$CREDENTIALS_DIRECTORY/rpcSecretFile")" >> "${cfg.settings.conf-path}"
      '';

      serviceConfig = {
        Restart = "on-abort";
        ExecStart = "${pkgs.aria2}/bin/aria2c --conf-path=${cfg.settings.conf-path}";
        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
        User = "aria2";
        Group = "aria2";
        LoadCredential = "rpcSecretFile:${cfg.rpcSecretFile}";
      };
    };
  };

  meta.maintainers = [ lib.maintainers.timhae ];
}
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`

			`let`
			`cfg = config.services.aria2;`

			`homeDir = "/var/lib/aria2";`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`defaultRpcListenPort = 6800;`
			`defaultDir = "${homeDir}/Downloads";`

			`portRangesToString =`
			`ranges:`
			`lib.concatStringsSep "," (`
			`map (`
			`x:`
			`if x.from == x.to then`
			`builtins.toString x.from`
			`else`
			`builtins.toString x.from + "-" + builtins.toString x.to`
			`) ranges`
			`);`

			`customToKeyValue = lib.generators.toKeyValue {`
			`mkKeyValue = lib.generators.mkKeyValueDefault {`
			`mkValueString =`
			`v: if builtins.isList v then portRangesToString v else lib.generators.mkValueStringDefault { } v;`
			`} "=";`
			`};`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`in`
			`{`
nixos/aria2: implement 'rpcSecretFile' Since this is supposed to be a secret, use a file path as an input instead of making it part of the expression, which would expose it in the nix store. 2023-12-23 14:39:02 +01:00			`imports = [`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`(lib.mkRemovedOptionModule [`
			`"services"`
			`"aria2"`
			`"rpcSecret"`
			`] "Use services.aria2.rpcSecretFile instead")`
			`(lib.mkRemovedOptionModule [`
			`"services"`
			`"aria2"`
			`"extraArguments"`
			`] "Use services.aria2.settings instead")`
			`(lib.mkRenamedOptionModule`
			`[ "services" "aria2" "downloadDir" ]`
			`[ "services" "aria2" "settings" "dir" ]`
			`)`
			`(lib.mkRenamedOptionModule`
			`[ "services" "aria2" "listenPortRange" ]`
			`[ "services" "aria2" "settings" "listen-port" ]`
			`)`
			`(lib.mkRenamedOptionModule`
			`[ "services" "aria2" "rpcListenPort" ]`
			`[ "services" "aria2" "settings" "rpc-listen-port" ]`
treewide: format all inactive Nix files After final improvements to the official formatter implementation, this commit now performs the first treewide reformat of Nix files using it. This is part of the implementation of RFC 166. Only "inactive" files are reformatted, meaning only files that aren't being touched by any PR with activity in the past 2 months. This is to avoid conflicts for PRs that might soon be merged. Later we can do a full treewide reformat to get the rest, which should not cause as many conflicts. A CI check has already been running for some time to ensure that new and already-formatted files are formatted, so the files being reformatted here should also stay formatted. This commit was automatically created and can be verified using nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \ --argstr baseRev 0128fbb0a58f0c85aeaf316b0dfa343246b929c2 result/bin/apply-formatting $NIXPKGS_PATH 2024-12-10 20:29:24 +01:00			`)`
nixos/aria2: implement 'rpcSecretFile' Since this is supposed to be a secret, use a file path as an input instead of making it part of the expression, which would expose it in the nix store. 2023-12-23 14:39:02 +01:00			`];`

Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`options = {`
			`services.aria2 = {`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`enable = lib.mkOption {`
			`type = lib.types.bool;`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`default = false;`
			`description = ''`
			`Whether or not to enable the headless Aria2 daemon service.`

nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`Aria2 daemon can be controlled via the RPC interface using one of many`
			`WebUIs (http://localhost:${toString defaultRpcListenPort}/ by default).`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			Targets are downloaded to `${defaultDir}` by default and are
			accessible to users in the `aria2` group.
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`'';`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`openPorts = lib.mkOption {`
			`type = lib.types.bool;`
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`default = false;`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`description = ''`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			Open listen and RPC ports found in `settings.listen-port` and
			`settings.rpc-listen-port` options in the firewall.
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`'';`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`rpcSecretFile = lib.mkOption {`
			`type = lib.types.path;`
nixos/aria2: implement 'rpcSecretFile' Since this is supposed to be a secret, use a file path as an input instead of making it part of the expression, which would expose it in the nix store. 2023-12-23 14:39:02 +01:00			`example = "/run/secrets/aria2-rpc-token.txt";`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`description = ''`
nixos/aria2: implement 'rpcSecretFile' Since this is supposed to be a secret, use a file path as an input instead of making it part of the expression, which would expose it in the nix store. 2023-12-23 14:39:02 +01:00			`A file containing the RPC secret authorization token.`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`Read https://aria2.github.io/manual/en/html/aria2c.html#rpc-auth to know how this option value is used.`
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`'';`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`settings = lib.mkOption {`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`description = ''`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			Generates the `aria2.conf` file. Refer to [the documentation][0] for
			`all possible settings.`

			`[0]: https://aria2.github.io/manual/en/html/aria2c.html#synopsis`
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`'';`
nixos/aria2: fix missing default 2024-06-15 12:55:06 +02:00			`default = { };`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`type = lib.types.submodule {`
			`freeformType =`
			`with lib.types;`
			`attrsOf (oneOf [`
			`bool`
			`int`
			`float`
			`singleLineStr`
			`]);`
			`options = {`
			`save-session = lib.mkOption {`
			`type = lib.types.singleLineStr;`
			`default = "${homeDir}/aria2.session";`
			`description = "Save error/unfinished downloads to FILE on exit.";`
			`};`
			`dir = lib.mkOption {`
			`type = lib.types.singleLineStr;`
			`default = defaultDir;`
			`description = "Directory to store downloaded files.";`
			`};`
			`conf-path = lib.mkOption {`
			`type = lib.types.singleLineStr;`
			`default = "${homeDir}/aria2.conf";`
			`description = "Configuration file path.";`
			`};`
			`enable-rpc = lib.mkOption {`
			`type = lib.types.bool;`
			`default = true;`
			`description = "Enable JSON-RPC/XML-RPC server.";`
			`};`
			`listen-port = lib.mkOption {`
			`type = with lib.types; listOf (attrsOf port);`
			`default = [`
			`{`
			`from = 6881;`
			`to = 6999;`
			`}`
			`];`
			`description = "Set UDP listening port range used by DHT(IPv4, IPv6) and UDP tracker.";`
			`};`
			`rpc-listen-port = lib.mkOption {`
			`type = lib.types.port;`
			`default = defaultRpcListenPort;`
			`description = "Specify a port number for JSON-RPC/XML-RPC server to listen to. Possible Values: 1024-65535";`
			`};`
			`};`
			`};`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`
			`};`
			`};`

nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`config = lib.mkIf cfg.enable {`
			`assertions = [`
			`{`
			`assertion = cfg.settings.enable-rpc;`
			`message = "RPC has to be enabled, the default module option takes care of that.";`
			`}`
			`{`
			`assertion = !(cfg.settings ? rpc-secret);`
			`message = "Set the RPC secret through services.aria2.rpcSecretFile so it will not end up in the world-readable nix store.";`
			`}`
			`];`
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`# Need to open ports for proper functioning`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`networking.firewall = lib.mkIf cfg.openPorts {`
			`allowedUDPPortRanges = config.services.aria2.settings.listen-port;`
			`allowedTCPPorts = [ config.services.aria2.settings.rpc-listen-port ];`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`

nixos/modules: users.(extraUsers\|extraGroup->users\|group) 2018-06-30 01:58:35 +02:00			`users.users.aria2 = {`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`group = "aria2";`
			`uid = config.ids.uids.aria2;`
			`description = "aria2 user";`
			`home = homeDir;`
			`createHome = false;`
			`};`

nixos/modules: users.(extraUsers\|extraGroup->users\|group) 2018-06-30 01:58:35 +02:00			`users.groups.aria2.gid = config.ids.gids.aria2;`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00
nixos/aria2: replace deprecated usage of PermissionsStartOnly see https://github.com/NixOS/nixpkgs/issues/53852 2019-02-24 13:02:10 -05:00			`systemd.tmpfiles.rules = [`
			`"d '${homeDir}' 0770 aria2 aria2 - -"`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`"d '${config.services.aria2.settings.dir}' 0770 aria2 aria2 - -"`
nixos/aria2: replace deprecated usage of PermissionsStartOnly see https://github.com/NixOS/nixpkgs/issues/53852 2019-02-24 13:02:10 -05:00			`];`

Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`systemd.services.aria2 = {`
			`description = "aria2 Service";`
nixos: remove dependencies on local-fs.target Since https://github.com/NixOS/nixpkgs/pull/61321, local-fs.target is part of sysinit.target again, meaning units without DefaultDependencies=no will automatically depend on it, and the manual set dependencies can be dropped. 2019-09-01 03:07:23 +02:00			`after = [ "network.target" ];`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`wantedBy = [ "multi-user.target" ];`
			`preStart = ''`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`if [[ ! -e "${cfg.settings.save-session}" ]]`
aria2 (nixos): actually load the module Fixes #33991 2018-01-31 09:40:15 +08:00			`then`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`touch "${cfg.settings.save-session}"`
Fix indentation. Fix openPorts option default to false. 2017-04-27 17:13:27 +03:00			`fi`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`cp -f "${pkgs.writeText "aria2.conf" (customToKeyValue cfg.settings)}" "${cfg.settings.conf-path}"`
			`chmod +w "${cfg.settings.conf-path}"`
			`echo "rpc-secret=$(cat "$CREDENTIALS_DIRECTORY/rpcSecretFile")" >> "${cfg.settings.conf-path}"`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`'';`

			`serviceConfig = {`
			`Restart = "on-abort";`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`ExecStart = "${pkgs.aria2}/bin/aria2c --conf-path=${cfg.settings.conf-path}";`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";`
			`User = "aria2";`
			`Group = "aria2";`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00			`LoadCredential = "rpcSecretFile:${cfg.rpcSecretFile}";`
Implement aria2 service for controlling a daemon via rpc. 2017-04-24 18:50:40 +03:00			`};`
			`};`
			`};`
nixos/aria2: add settings option I also took the liberty to add myself as module maintainer 2024-04-11 20:52:16 +02:00
			`meta.maintainers = [ lib.maintainers.timhae ];`
aria2 (nixos): actually load the module Fixes #33991 2018-01-31 09:40:15 +08:00			`}`