movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

nixos/services.infinoted: remove with lib;

Browse source
This commit is contained in:
Felix Buehler 2024-08-27 20:43:11 +02:00
parent 11e4758bd3
commit fe2d014a09
1 changed files with 32 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

67
nixos/modules/services/editors/infinoted.nix
View file

@ -1,33 +1,30 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
cfg = config.services.infinoted; cfg = config.services.infinoted;
in { in {
options.services.infinoted = { options.services.infinoted = {
enable = mkEnableOption "infinoted"; enable = lib.mkEnableOption "infinoted";
package = mkPackageOption pkgs "libinfinity" { }; package = lib.mkPackageOption pkgs "libinfinity" { };
keyFile = mkOption { keyFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
description = '' description = ''
Private key to use for TLS Private key to use for TLS
''; '';
}; };
certificateFile = mkOption { certificateFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
description = '' description = ''
Server certificate to use for TLS Server certificate to use for TLS
''; '';
}; };
certificateChain = mkOption { certificateChain = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
description = '' description = ''
Chain of CA-certificates to which our `certificateFile` is relative. Chain of CA-certificates to which our `certificateFile` is relative.
@ -35,48 +32,48 @@ in {
''; '';
}; };
securityPolicy = mkOption { securityPolicy = lib.mkOption {
type = types.enum ["no-tls" "allow-tls" "require-tls"]; type = lib.types.enum ["no-tls" "allow-tls" "require-tls"];
default = "require-tls"; default = "require-tls";
description = '' description = ''
How strictly to enforce clients connection with TLS. How strictly to enforce clients connection with TLS.
''; '';
}; };
port = mkOption { port = lib.mkOption {
type = types.port; type = lib.types.port;
default = 6523; default = 6523;
description = '' description = ''
Port to listen on Port to listen on
''; '';
}; };
rootDirectory = mkOption { rootDirectory = lib.mkOption {
type = types.path; type = lib.types.path;
default = "/var/lib/infinoted/documents/"; default = "/var/lib/infinoted/documents/";
description = '' description = ''
Root of the directory structure to serve Root of the directory structure to serve
''; '';
}; };
plugins = mkOption { plugins = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ "note-text" "note-chat" "logging" "autosave" ]; default = [ "note-text" "note-chat" "logging" "autosave" ];
description = '' description = ''
Plugins to enable Plugins to enable
''; '';
}; };
passwordFile = mkOption { passwordFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
description = '' description = ''
File to read server-wide password from File to read server-wide password from
''; '';
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.lines; type = lib.types.lines;
default = '' default = ''
[autosave] [autosave]
interval=10 interval=10
@ -86,16 +83,16 @@ in {
''; '';
}; };
user = mkOption { user = lib.mkOption {
type = types.str; type = lib.types.str;
default = "infinoted"; default = "infinoted";
description = '' description = ''
What to call the dedicated user under which infinoted is run What to call the dedicated user under which infinoted is run
''; '';
}; };
group = mkOption { group = lib.mkOption {
type = types.str; type = lib.types.str;
default = "infinoted"; default = "infinoted";
description = '' description = ''
What to call the primary group of the dedicated user under which infinoted is run What to call the primary group of the dedicated user under which infinoted is run
@ -103,15 +100,15 @@ in {
}; };
}; };
config = mkIf (cfg.enable) { config = lib.mkIf (cfg.enable) {
users.users = optionalAttrs (cfg.user == "infinoted") users.users = lib.optionalAttrs (cfg.user == "infinoted")
{ infinoted = { { infinoted = {
description = "Infinoted user"; description = "Infinoted user";
group = cfg.group; group = cfg.group;
isSystemUser = true; isSystemUser = true;
}; };
}; };
users.groups = optionalAttrs (cfg.group == "infinoted") users.groups = lib.optionalAttrs (cfg.group == "infinoted")
{ infinoted = { }; { infinoted = { };
}; };
@ -134,14 +131,14 @@ in {
install -o ${cfg.user} -g ${cfg.group} -m 0600 /dev/null /var/lib/infinoted/infinoted.conf install -o ${cfg.user} -g ${cfg.group} -m 0600 /dev/null /var/lib/infinoted/infinoted.conf
cat >>/var/lib/infinoted/infinoted.conf <<EOF cat >>/var/lib/infinoted/infinoted.conf <<EOF
[infinoted] [infinoted]
${optionalString (cfg.keyFile != null) "key-file=${cfg.keyFile}"} ${lib.optionalString (cfg.keyFile != null) "key-file=${cfg.keyFile}"}
${optionalString (cfg.certificateFile != null) "certificate-file=${cfg.certificateFile}"} ${lib.optionalString (cfg.certificateFile != null) "certificate-file=${cfg.certificateFile}"}
${optionalString (cfg.certificateChain != null) "certificate-chain=${cfg.certificateChain}"} ${lib.optionalString (cfg.certificateChain != null) "certificate-chain=${cfg.certificateChain}"}
port=${toString cfg.port} port=${toString cfg.port}
security-policy=${cfg.securityPolicy} security-policy=${cfg.securityPolicy}
root-directory=${cfg.rootDirectory} root-directory=${cfg.rootDirectory}
plugins=${concatStringsSep ";" cfg.plugins} plugins=${lib.concatStringsSep ";" cfg.plugins}
${optionalString (cfg.passwordFile != null) "password=$(head -n 1 ${cfg.passwordFile})"} ${lib.optionalString (cfg.passwordFile != null) "password=$(head -n 1 ${cfg.passwordFile})"}
${cfg.extraConfig} ${cfg.extraConfig}
EOF EOF