diff options
author | Adam C. Stephens <2071575+adamcstephens@users.noreply.github.com> | 2024-02-21 08:37:46 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-21 08:37:46 -0500 |
commit | d1e284766481f5698e7893671a2e5f2af8cd123c (patch) | |
tree | 3b076999003cf76f3c96e4e12746af27a3f51c03 /nixos/modules/services/networking | |
parent | b0e2f850516c4f570037da67a0b77c25a2218acf (diff) | |
parent | c49e6bf8b8e27877ef31fda183fcc599e2e05756 (diff) | |
download | nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar.gz nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar.bz2 nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar.lz nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar.xz nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.tar.zst nixlib-d1e284766481f5698e7893671a2e5f2af8cd123c.zip |
Merge pull request #281000 from cablespaghetti/master
sabnzbd: Add configurability of state directory owner and firewall
Diffstat (limited to 'nixos/modules/services/networking')
-rw-r--r-- | nixos/modules/services/networking/sabnzbd.nix | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/nixos/modules/services/networking/sabnzbd.nix b/nixos/modules/services/networking/sabnzbd.nix index cff2622b38e9..2f0d17ad3d17 100644 --- a/nixos/modules/services/networking/sabnzbd.nix +++ b/nixos/modules/services/networking/sabnzbd.nix @@ -36,6 +36,14 @@ in default = "sabnzbd"; description = lib.mdDoc "Group to run the service as"; }; + + openFirewall = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + Open ports in the firewall for the sabnzbd web interface + ''; + }; }; }; @@ -43,17 +51,16 @@ in ###### implementation config = mkIf cfg.enable { - - users.users.sabnzbd = { - uid = config.ids.uids.sabnzbd; - group = "sabnzbd"; - description = "sabnzbd user"; - home = "/var/lib/sabnzbd/"; - createHome = true; + users.users = mkIf (cfg.user == "sabnzbd") { + sabnzbd = { + uid = config.ids.uids.sabnzbd; + group = cfg.group; + description = "sabnzbd user"; + }; }; - users.groups.sabnzbd = { - gid = config.ids.gids.sabnzbd; + users.groups = mkIf (cfg.group == "sabnzbd") { + sabnzbd.gid = config.ids.gids.sabnzbd; }; systemd.services.sabnzbd = { @@ -63,10 +70,15 @@ in serviceConfig = { Type = "forking"; GuessMainPID = "no"; - User = "${cfg.user}"; - Group = "${cfg.group}"; + User = cfg.user; + Group = cfg.group; + StateDirectory = "sabnzbd"; ExecStart = "${lib.getBin cfg.package}/bin/sabnzbd -d -f ${cfg.configFile}"; }; }; + + networking.firewall = mkIf cfg.openFirewall { + allowedTCPPorts = [ 8080 ]; + }; }; } |