diff options
author | Matthew Bauer <mjbauer95@gmail.com> | 2019-02-18 20:36:48 -0500 |
---|---|---|
committer | Matthew Bauer <mjbauer95@gmail.com> | 2019-02-18 20:36:48 -0500 |
commit | b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3 (patch) | |
tree | d6eaa4102b8caf97fd924395114f4d9df5d3b4ef /nixos/modules/services/networking/quassel.nix | |
parent | a808baa5e50e83c64b00f772d0070e5989f6afb9 (diff) | |
parent | 266315c91d5e4a6d7b8465eb44d4f6af30d90b30 (diff) | |
download | nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.gz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.bz2 nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.lz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.xz nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.tar.zst nixlib-b1bbd94bb680dbcb1c7b55128d129d5cdd3f81c3.zip |
Merge remote-tracking branch 'NixOS/master' into staging
Diffstat (limited to 'nixos/modules/services/networking/quassel.nix')
-rw-r--r-- | nixos/modules/services/networking/quassel.nix | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/quassel.nix b/nixos/modules/services/networking/quassel.nix index d850bb8b1305..b223a48e0550 100644 --- a/nixos/modules/services/networking/quassel.nix +++ b/nixos/modules/services/networking/quassel.nix @@ -23,6 +23,22 @@ in ''; }; + certificateFile = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Path to the certificate used for SSL connections with clients. + ''; + }; + + requireSSL = mkOption { + type = types.bool; + default = false; + description = '' + Require SSL for connections from clients. + ''; + }; + package = mkOption { type = types.package; default = pkgs.quasselDaemon; @@ -71,6 +87,10 @@ in ###### implementation config = mkIf cfg.enable { + assertions = [ + { assertion = cfg.requireSSL -> cfg.certificateFile != null; + message = "Quassel needs a certificate file in order to require SSL"; + }]; users.users = mkIf (cfg.user == null) [ { name = "quassel"; @@ -98,7 +118,13 @@ in serviceConfig = { - ExecStart = "${quassel}/bin/quasselcore --listen=${concatStringsSep '','' cfg.interfaces} --port=${toString cfg.portNumber} --configdir=${cfg.dataDir}"; + ExecStart = concatStringsSep " " ([ + "${quassel}/bin/quasselcore" + "--listen=${concatStringsSep "," cfg.interfaces}" + "--port=${toString cfg.portNumber}" + "--configdir=${cfg.dataDir}" + ] ++ optional cfg.requireSSL "--require-ssl" + ++ optional (cfg.certificateFile != null) "--ssl-cert=${cfg.certificateFile}"); User = user; PermissionsStartOnly = true; }; |