diff options
| author | gnidorah <gnidorah@users.noreply.github.com> | 2018-03-27 22:42:37 +0300 |
|---|---|---|
| committer | gnidorah <gnidorah@users.noreply.github.com> | 2018-03-27 22:44:29 +0300 |
| commit | 276d10dae6b14e457c8206e9e292ce8341434520 (patch) | |
| tree | c12dabf4fce6a419411b1afd35e9b84faf177eb7 /nixos | |
| parent | 16c5866ceced4a9f0c5c4ea0f09d6e7d9dd5693b (diff) | |
| download | nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar.gz nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar.bz2 nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar.lz nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar.xz nixlib-276d10dae6b14e457c8206e9e292ce8341434520.tar.zst nixlib-276d10dae6b14e457c8206e9e292ce8341434520.zip | |
nixos/iodine: passwordFile option #24288
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/iodine.nix | 38 |
1 files changed, 33 insertions, 5 deletions
diff --git a/nixos/modules/services/networking/iodine.nix b/nixos/modules/services/networking/iodine.nix index 512dbd77ae4b..66569a7e9127 100644 --- a/nixos/modules/services/networking/iodine.nix +++ b/nixos/modules/services/networking/iodine.nix @@ -32,7 +32,7 @@ in foo = { server = "tunnel.mdomain.com"; relay = "8.8.8.8"; - extraConfig = "-P mysecurepassword"; + extraConfig = "-v"; } } ''; @@ -57,7 +57,13 @@ in type = types.str; default = ""; description = "Additional command line parameters"; - example = "-P mysecurepassword -l 192.168.1.10 -p 23"; + example = "-l 192.168.1.10 -p 23"; + }; + + passwordFile = mkOption { + type = types.str; + default = ""; + description = "File that containts password"; }; }; })); @@ -88,7 +94,13 @@ in type = types.str; default = ""; description = "Additional command line parameters"; - example = "-P mysecurepassword -l 192.168.1.10 -p 23"; + example = "-l 192.168.1.10 -p 23"; + }; + + passwordFile = mkOption { + type = types.str; + default = ""; + description = "File that containts password"; }; }; @@ -108,10 +120,18 @@ in description = "iodine client - ${name}"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; + preStart = '' + cat > /run/iodine/${name}-script << EOF + #!/bin/sh + ${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${optionalString (cfg.passwordFile != "") "-P $(cat \"${cfg.passwordFile}\")"} ${cfg.relay} ${cfg.server} + EOF + chmod 700 /run/iodine/${name}-script + ''; + script = "/run/iodine/${name}-script"; serviceConfig = { RestartSec = "30s"; Restart = "always"; - ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}"; + RuntimeDirectory = [ "iodine" ]; }; }; in @@ -124,7 +144,15 @@ in description = "iodine, ip over dns server daemon"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}"; + preStart = '' + cat > /run/iodined/script << EOF + #!/bin/sh + ${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${optionalString (cfg.passwordFile != "") "-P $(cat \"${cfg.passwordFile}\")"} ${cfg.server.ip} ${cfg.server.domain} + EOF + chmod 700 /run/iodined/script + ''; + script = "/run/iodined/script"; + serviceConfig.RuntimeDirectory = [ "iodined" ]; }; }; |