movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-10 03:23:29 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/murmur: Get rid global lib expansion

Browse source 
Signed-off-by: Felix Singer <felixsinger@posteo.net>
This commit is contained in:
Felix Singer 2025-05-31 17:19:56 +02:00 committed by Bjørn Forsman
parent 1c9df5c6de
commit b6c81af12d
1 changed files with 88 additions and 90 deletions
Download patch file Download diff file Expand all files Collapse all files

178
nixos/modules/services/networking/murmur.nix
View file

@ -5,8 +5,6 @@
... ...
}: }:
with lib;
let let
cfg = config.services.murmur; cfg = config.services.murmur;
forking = cfg.logFile != null; forking = cfg.logFile != null;
@ -18,44 +16,44 @@ let
autobanTimeframe=${toString cfg.autobanTimeframe} autobanTimeframe=${toString cfg.autobanTimeframe}
autobanTime=${toString cfg.autobanTime} autobanTime=${toString cfg.autobanTime}
logfile=${optionalString (cfg.logFile != null) cfg.logFile} logfile=${lib.optionalString (cfg.logFile != null) cfg.logFile}
${optionalString forking "pidfile=/run/murmur/murmurd.pid"} ${lib.optionalString forking "pidfile=/run/murmur/murmurd.pid"}
welcometext="${cfg.welcometext}" welcometext="${cfg.welcometext}"
port=${toString cfg.port} port=${toString cfg.port}
${optionalString (cfg.hostName != "") "host=${cfg.hostName}"} ${lib.optionalString (cfg.hostName != "") "host=${cfg.hostName}"}
${optionalString (cfg.password != "") "serverpassword=${cfg.password}"} ${lib.optionalString (cfg.password != "") "serverpassword=${cfg.password}"}
bandwidth=${toString cfg.bandwidth} bandwidth=${toString cfg.bandwidth}
users=${toString cfg.users} users=${toString cfg.users}
textmessagelength=${toString cfg.textMsgLength} textmessagelength=${toString cfg.textMsgLength}
imagemessagelength=${toString cfg.imgMsgLength} imagemessagelength=${toString cfg.imgMsgLength}
allowhtml=${boolToString cfg.allowHtml} allowhtml=${lib.boolToString cfg.allowHtml}
logdays=${toString cfg.logDays} logdays=${toString cfg.logDays}
bonjour=${boolToString cfg.bonjour} bonjour=${lib.boolToString cfg.bonjour}
sendversion=${boolToString cfg.sendVersion} sendversion=${lib.boolToString cfg.sendVersion}
${optionalString (cfg.registerName != "") "registerName=${cfg.registerName}"} ${lib.optionalString (cfg.registerName != "") "registerName=${cfg.registerName}"}
${optionalString (cfg.registerPassword != "") "registerPassword=${cfg.registerPassword}"} ${lib.optionalString (cfg.registerPassword != "") "registerPassword=${cfg.registerPassword}"}
${optionalString (cfg.registerUrl != "") "registerUrl=${cfg.registerUrl}"} ${lib.optionalString (cfg.registerUrl != "") "registerUrl=${cfg.registerUrl}"}
${optionalString (cfg.registerHostname != "") "registerHostname=${cfg.registerHostname}"} ${lib.optionalString (cfg.registerHostname != "") "registerHostname=${cfg.registerHostname}"}
certrequired=${boolToString cfg.clientCertRequired} certrequired=${lib.boolToString cfg.clientCertRequired}
${optionalString (cfg.sslCert != "") "sslCert=${cfg.sslCert}"} ${lib.optionalString (cfg.sslCert != "") "sslCert=${cfg.sslCert}"}
${optionalString (cfg.sslKey != "") "sslKey=${cfg.sslKey}"} ${lib.optionalString (cfg.sslKey != "") "sslKey=${cfg.sslKey}"}
${optionalString (cfg.sslCa != "") "sslCA=${cfg.sslCa}"} ${lib.optionalString (cfg.sslCa != "") "sslCA=${cfg.sslCa}"}
${optionalString (cfg.dbus != null) "dbus=${cfg.dbus}"} ${lib.optionalString (cfg.dbus != null) "dbus=${cfg.dbus}"}
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
in in
{ {
imports = [ imports = [
(mkRenamedOptionModule [ "services" "murmur" "welcome" ] [ "services" "murmur" "welcometext" ]) (lib.mkRenamedOptionModule [ "services" "murmur" "welcome" ] [ "services" "murmur" "welcometext" ])
(mkRemovedOptionModule [ "services" "murmur" "pidfile" ] "Hardcoded to /run/murmur/murmurd.pid now") (lib.mkRemovedOptionModule [ "services" "murmur" "pidfile" ] "Hardcoded to /run/murmur/murmurd.pid now")
]; ];
options = { options = {
@ -64,8 +62,8 @@ in
openFirewall = lib.mkEnableOption "opening ports in the firewall for the Mumble server"; openFirewall = lib.mkEnableOption "opening ports in the firewall for the Mumble server";
user = mkOption { user = lib.mkOption {
type = types.str; type = lib.types.str;
default = "murmur"; default = "murmur";
description = '' description = ''
The name of an existing user to use to run the service. The name of an existing user to use to run the service.
@ -73,8 +71,8 @@ in
''; '';
}; };
group = mkOption { group = lib.mkOption {
type = types.str; type = lib.types.str;
default = "murmur"; default = "murmur";
description = '' description = ''
The name of an existing group to use to run the service. The name of an existing group to use to run the service.
@ -82,16 +80,16 @@ in
''; '';
}; };
stateDir = mkOption { stateDir = lib.mkOption {
type = types.path; type = lib.types.path;
default = "/var/lib/murmur"; default = "/var/lib/murmur";
description = '' description = ''
Directory to store data for the server. Directory to store data for the server.
''; '';
}; };
autobanAttempts = mkOption { autobanAttempts = lib.mkOption {
type = types.int; type = lib.types.int;
default = 10; default = 10;
description = '' description = ''
Number of attempts a client is allowed to make in Number of attempts a client is allowed to make in
@ -100,8 +98,8 @@ in
''; '';
}; };
autobanTimeframe = mkOption { autobanTimeframe = lib.mkOption {
type = types.int; type = lib.types.int;
default = 120; default = 120;
description = '' description = ''
Timeframe in which a client can connect without being banned Timeframe in which a client can connect without being banned
@ -109,47 +107,47 @@ in
''; '';
}; };
autobanTime = mkOption { autobanTime = lib.mkOption {
type = types.int; type = lib.types.int;
default = 300; default = 300;
description = "The amount of time an IP ban lasts (in seconds)."; description = "The amount of time an IP ban lasts (in seconds).";
}; };
logFile = mkOption { logFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
example = "/var/log/murmur/murmurd.log"; example = "/var/log/murmur/murmurd.log";
description = "Path to the log file for Murmur daemon. Empty means log to journald."; description = "Path to the log file for Murmur daemon. Empty means log to journald.";
}; };
welcometext = mkOption { welcometext = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Welcome message for connected clients."; description = "Welcome message for connected clients.";
}; };
port = mkOption { port = lib.mkOption {
type = types.port; type = lib.types.port;
default = 64738; default = 64738;
description = "Ports to bind to (UDP and TCP)."; description = "Ports to bind to (UDP and TCP).";
}; };
hostName = mkOption { hostName = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Host to bind to. Defaults binding on all addresses."; description = "Host to bind to. Defaults binding on all addresses.";
}; };
package = mkPackageOption pkgs "murmur" { }; package = lib.mkPackageOption pkgs "murmur" { };
password = mkOption { password = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Required password to join server, if specified."; description = "Required password to join server, if specified.";
}; };
bandwidth = mkOption { bandwidth = lib.mkOption {
type = types.int; type = lib.types.int;
default = 72000; default = 72000;
description = '' description = ''
Maximum bandwidth (in bits per second) that clients may send Maximum bandwidth (in bits per second) that clients may send
@ -157,26 +155,26 @@ in
''; '';
}; };
users = mkOption { users = lib.mkOption {
type = types.int; type = lib.types.int;
default = 100; default = 100;
description = "Maximum number of concurrent clients allowed."; description = "Maximum number of concurrent clients allowed.";
}; };
textMsgLength = mkOption { textMsgLength = lib.mkOption {
type = types.int; type = lib.types.int;
default = 5000; default = 5000;
description = "Max length of text messages. Set 0 for no limit."; description = "Max length of text messages. Set 0 for no limit.";
}; };
imgMsgLength = mkOption { imgMsgLength = lib.mkOption {
type = types.int; type = lib.types.int;
default = 131072; default = 131072;
description = "Max length of image messages. Set 0 for no limit."; description = "Max length of image messages. Set 0 for no limit.";
}; };
allowHtml = mkOption { allowHtml = lib.mkOption {
type = types.bool; type = lib.types.bool;
default = true; default = true;
description = '' description = ''
Allow HTML in client messages, comments, and channel Allow HTML in client messages, comments, and channel
@ -184,8 +182,8 @@ in
''; '';
}; };
logDays = mkOption { logDays = lib.mkOption {
type = types.int; type = lib.types.int;
default = 31; default = 31;
description = '' description = ''
How long to store RPC logs for in the database. Set 0 to How long to store RPC logs for in the database. Set 0 to
@ -195,14 +193,14 @@ in
bonjour = lib.mkEnableOption "Bonjour auto-discovery, which allows clients over your LAN to automatically discover Mumble servers"; bonjour = lib.mkEnableOption "Bonjour auto-discovery, which allows clients over your LAN to automatically discover Mumble servers";
sendVersion = mkOption { sendVersion = lib.mkOption {
type = types.bool; type = lib.types.bool;
default = true; default = true;
description = "Send Murmur version in UDP response."; description = "Send Murmur version in UDP response.";
}; };
registerName = mkOption { registerName = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = '' description = ''
Public server registration name, and also the name of the Public server registration name, and also the name of the
@ -211,8 +209,8 @@ in
''; '';
}; };
registerPassword = mkOption { registerPassword = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = '' description = ''
Public server registry password, used authenticate your Public server registry password, used authenticate your
@ -221,14 +219,14 @@ in
''; '';
}; };
registerUrl = mkOption { registerUrl = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "URL website for your server."; description = "URL website for your server.";
}; };
registerHostname = mkOption { registerHostname = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = '' description = ''
DNS hostname where your server can be reached. This is only DNS hostname where your server can be reached. This is only
@ -240,34 +238,34 @@ in
clientCertRequired = lib.mkEnableOption "requiring clients to authenticate via certificates"; clientCertRequired = lib.mkEnableOption "requiring clients to authenticate via certificates";
sslCert = mkOption { sslCert = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Path to your SSL certificate."; description = "Path to your SSL certificate.";
}; };
sslKey = mkOption { sslKey = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Path to your SSL key."; description = "Path to your SSL key.";
}; };
sslCa = mkOption { sslCa = lib.mkOption {
type = types.str; type = lib.types.str;
default = ""; default = "";
description = "Path to your SSL CA certificate."; description = "Path to your SSL CA certificate.";
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.lines; type = lib.types.lines;
default = ""; default = "";
description = "Extra configuration to put into murmur.ini."; description = "Extra configuration to put into murmur.ini.";
}; };
environmentFile = mkOption { environmentFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
example = literalExpression ''"''${config.services.murmur.stateDir}/murmurd.env"''; example = lib.literalExpression ''"''${config.services.murmur.stateDir}/murmurd.env"'';
description = '' description = ''
Environment file as defined in {manpage}`systemd.exec(5)`. Environment file as defined in {manpage}`systemd.exec(5)`.
@ -290,8 +288,8 @@ in
''; '';
}; };
dbus = mkOption { dbus = lib.mkOption {
type = types.enum [ type = lib.types.enum [
null null
"session" "session"
"system" "system"
@ -302,19 +300,19 @@ in
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.murmur = mkIf (cfg.user == "murmur") { users.users.murmur = lib.mkIf (cfg.user == "murmur") {
description = "Murmur Service user"; description = "Murmur Service user";
home = cfg.stateDir; home = cfg.stateDir;
createHome = true; createHome = true;
uid = config.ids.uids.murmur; uid = config.ids.uids.murmur;
group = cfg.group; group = cfg.group;
}; };
users.groups.murmur = mkIf (cfg.group == "murmur") { users.groups.murmur = lib.mkIf (cfg.group == "murmur") {
gid = config.ids.gids.murmur; gid = config.ids.gids.murmur;
}; };
networking.firewall = mkIf cfg.openFirewall { networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ]; allowedTCPPorts = [ cfg.port ];
allowedUDPPorts = [ cfg.port ]; allowedUDPPorts = [ cfg.port ];
}; };
@ -332,8 +330,8 @@ in
serviceConfig = { serviceConfig = {
# murmurd doesn't fork when logging to the console. # murmurd doesn't fork when logging to the console.
Type = if forking then "forking" else "simple"; Type = if forking then "forking" else "simple";
PIDFile = mkIf forking "/run/murmur/murmurd.pid"; PIDFile = lib.mkIf forking "/run/murmur/murmurd.pid";
EnvironmentFile = mkIf (cfg.environmentFile != null) cfg.environmentFile; EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile;
ExecStart = "${cfg.package}/bin/mumble-server -ini /run/murmur/murmurd.ini"; ExecStart = "${cfg.package}/bin/mumble-server -ini /run/murmur/murmurd.ini";
Restart = "always"; Restart = "always";
RuntimeDirectory = "murmur"; RuntimeDirectory = "murmur";
@ -369,7 +367,7 @@ in
# currently not included in upstream package, addition requested at # currently not included in upstream package, addition requested at
# https://github.com/mumble-voip/mumble/issues/6078 # https://github.com/mumble-voip/mumble/issues/6078
services.dbus.packages = mkIf (cfg.dbus == "system") [ services.dbus.packages = lib.mkIf (cfg.dbus == "system") [
(pkgs.writeTextFile { (pkgs.writeTextFile {
name = "murmur-dbus-policy"; name = "murmur-dbus-policy";
text = '' text = ''
@ -411,19 +409,19 @@ in
r /run/murmur/murmurd.ini, r /run/murmur/murmurd.ini,
r ${configFile}, r ${configFile},
'' ''
+ optionalString (cfg.logFile != null) '' + lib.optionalString (cfg.logFile != null) ''
rw ${cfg.logFile}, rw ${cfg.logFile},
'' ''
+ optionalString (cfg.sslCert != "") '' + lib.optionalString (cfg.sslCert != "") ''
r ${cfg.sslCert}, r ${cfg.sslCert},
'' ''
+ optionalString (cfg.sslKey != "") '' + lib.optionalString (cfg.sslKey != "") ''
r ${cfg.sslKey}, r ${cfg.sslKey},
'' ''
+ optionalString (cfg.sslCa != "") '' + lib.optionalString (cfg.sslCa != "") ''
r ${cfg.sslCa}, r ${cfg.sslCa},
'' ''
+ optionalString (cfg.dbus != null) '' + lib.optionalString (cfg.dbus != null) ''
dbus bus=${cfg.dbus} dbus bus=${cfg.dbus}
'' ''
+ '' + ''