modules/betanin: spring cleaning prepping for upstream
This commit is contained in:
parent
706e911539
commit
cf0dcee23f
@ -6,84 +6,79 @@ let
|
|||||||
|
|
||||||
cfg = config.services.betanin;
|
cfg = config.services.betanin;
|
||||||
|
|
||||||
defaultUser = "betanin";
|
|
||||||
defaultGroup = "betanin";
|
|
||||||
|
|
||||||
settingsFormat = pkgs.formats.toml { };
|
settingsFormat = pkgs.formats.toml { };
|
||||||
beetsFormat = pkgs.formats.yaml { };
|
beetsFormat = pkgs.formats.yaml { };
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options = {
|
options.services.betanin = {
|
||||||
services.betanin = {
|
enable = lib.mkEnableOption "betanin";
|
||||||
enable = lib.mkEnableOption "betanin";
|
|
||||||
|
|
||||||
package = mkOption {
|
package = mkOption {
|
||||||
description = "Package containing betanin program.";
|
description = "Package containing betanin program.";
|
||||||
type = types.package;
|
type = types.package;
|
||||||
default = pkgs.betanin or (import ../../.. { inherit pkgs; }).betanin;
|
default = pkgs.betanin or (import ../../.. { inherit pkgs; }).betanin;
|
||||||
};
|
};
|
||||||
|
|
||||||
openFirewall = mkOption {
|
openFirewall = mkOption {
|
||||||
description = "Open ports in the firewall for the server.";
|
description = "Open ports in the firewall for the server.";
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
port = mkOption {
|
port = mkOption {
|
||||||
description = "Port to access betanin on.";
|
description = "Port to access betanin on.";
|
||||||
type = types.port;
|
type = types.port;
|
||||||
default = 9393;
|
default = 9393;
|
||||||
};
|
};
|
||||||
|
|
||||||
user = mkOption {
|
user = mkOption {
|
||||||
description = "User that the betanin program should run under.";
|
description = "User that the betanin program should run under.";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = defaultUser;
|
default = "betanin";
|
||||||
};
|
};
|
||||||
|
|
||||||
group = mkOption {
|
group = mkOption {
|
||||||
description = "Group that the betanin program should run under.";
|
description = "Group that the betanin program should run under.";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = defaultGroup;
|
default = "betanin";
|
||||||
};
|
};
|
||||||
|
|
||||||
dataDir = mkOption {
|
dataDir = mkOption {
|
||||||
description = "Directory to store application data.";
|
description = "Directory to store application data.";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "/var/lib/betanin";
|
default = "/var/lib/betanin";
|
||||||
};
|
};
|
||||||
|
|
||||||
settings = mkOption {
|
settings = mkOption {
|
||||||
type = settingsFormat.type;
|
type = settingsFormat.type;
|
||||||
default = { };
|
default = { };
|
||||||
example = lib.literalExpression ''
|
example = lib.literalExpression ''
|
||||||
{
|
{
|
||||||
frontend = {
|
frontend = {
|
||||||
username = "foo";
|
username = "foo";
|
||||||
password { _secret = "/run/secrets/betaninPasswordFile"; };
|
password = { _secret = "/run/secrets/betaninPasswordFile"; };
|
||||||
};
|
};
|
||||||
clients = {
|
clients = {
|
||||||
api_key = { _secret = "/run/secrets/betaninApiKeyFile"; };
|
api_key = { _secret = "/run/secrets/betaninApiKeyFile"; };
|
||||||
};
|
};
|
||||||
server = {
|
server = {
|
||||||
num_parallel_jobs = 1;
|
num_parallel_jobs = 1;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
description = lib.mdDoc ''
|
description = ''
|
||||||
Configuration for betanin.
|
Configuration for betanin.
|
||||||
|
|
||||||
Options containing secret data should be set to an attribute set
|
Options containing secret data should be set to an attribute set
|
||||||
containing the attribute `_secret` - a string pointing to a file
|
containing the attribute `_secret` - a string pointing to a file
|
||||||
containing the value the option should be set to.
|
containing the value the option should be set to.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
beets.settings = mkOption {
|
beets.settings = mkOption {
|
||||||
type = beetsFormat.type;
|
type = beetsFormat.type;
|
||||||
default = { };
|
default = { };
|
||||||
description = lib.mdDoc "Configuration for beets used by betanin.";
|
description = "Configuration for beets used by betanin.";
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -123,17 +118,14 @@ in
|
|||||||
{
|
{
|
||||||
description = "Betanin service";
|
description = "Betanin service";
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = [ "networking.target" ];
|
after = [ "network.target" ];
|
||||||
|
path = [ pkgs.replace-secret ];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
HOME = cfg.dataDir;
|
HOME = cfg.dataDir;
|
||||||
};
|
};
|
||||||
path = [ pkgs.replace-secret ];
|
|
||||||
|
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p ${cfg.dataDir}/.config/betanin \
|
|
||||||
${cfg.dataDir}/.local/share/betanin \
|
|
||||||
${cfg.dataDir}/.config/beets
|
|
||||||
|
|
||||||
ln -sf ${beetsFile} ${cfg.dataDir}/.config/beets/config.yaml
|
ln -sf ${beetsFile} ${cfg.dataDir}/.config/beets/config.yaml
|
||||||
cat ${settingsFile} > ${cfg.dataDir}/.config/betanin/config.toml
|
cat ${settingsFile} > ${cfg.dataDir}/.config/betanin/config.toml
|
||||||
${secretReplacements}
|
${secretReplacements}
|
||||||
@ -141,28 +133,34 @@ in
|
|||||||
${cfg.package}/bin/betanin --port ${toString cfg.port}
|
${cfg.package}/bin/betanin --port ${toString cfg.port}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
serviceConfig = lib.mkMerge [
|
serviceConfig = {
|
||||||
{
|
User = cfg.user;
|
||||||
User = cfg.user;
|
Group = cfg.group;
|
||||||
Group = cfg.group;
|
PrivateTmp = true;
|
||||||
PrivateTmp = true;
|
Restart = "always";
|
||||||
Restart = "always";
|
WorkingDirectory = cfg.dataDir;
|
||||||
WorkingDirectory = cfg.dataDir;
|
StateDirectory = mkIf (cfg.dataDir == "/var/lib/betanin") "betanin";
|
||||||
}
|
};
|
||||||
(mkIf (cfg.dataDir == "/var/lib/betanin") {
|
|
||||||
StateDirectory = "betanin";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users = optionalAttrs (cfg.user == defaultUser) {
|
systemd.tmpfiles.rules = [
|
||||||
|
"d ${cfg.dataDir} 0710 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.config 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.config/betanin 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.config/beets 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.local 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.local/share 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d ${cfg.dataDir}/.local/share/betanin 0750 ${cfg.user} ${cfg.group} - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
users.users = optionalAttrs (cfg.user == "betanin") {
|
||||||
${cfg.user} = {
|
${cfg.user} = {
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
group = cfg.group;
|
group = cfg.group;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.groups = optionalAttrs (cfg.group == defaultGroup) {
|
users.groups = optionalAttrs (cfg.group == "betanin") {
|
||||||
${cfg.group} = { };
|
${cfg.group} = { };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user