diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/misc/uhub.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/misc/uhub.nix | 116 |
1 files changed, 116 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/misc/uhub.nix b/nixpkgs/nixos/modules/services/misc/uhub.nix new file mode 100644 index 000000000000..80266b024e35 --- /dev/null +++ b/nixpkgs/nixos/modules/services/misc/uhub.nix @@ -0,0 +1,116 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + settingsFormat = { + type = with lib.types; attrsOf (oneOf [ bool int str ]); + generate = name: attrs: + pkgs.writeText name (lib.strings.concatStringsSep "\n" + (lib.attrsets.mapAttrsToList + (key: value: "${key}=${builtins.toJSON value}") attrs)); + }; +in { + options = { + + services.uhub = mkOption { + default = { }; + description = lib.mdDoc "Uhub ADC hub instances"; + type = types.attrsOf (types.submodule { + options = { + + enable = mkEnableOption (lib.mdDoc "hub instance") // { default = true; }; + + enableTLS = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc "Whether to enable TLS support."; + }; + + settings = mkOption { + inherit (settingsFormat) type; + description = lib.mdDoc '' + Configuration of uhub. + See https://www.uhub.org/doc/config.php for a list of options. + ''; + default = { }; + example = { + server_bind_addr = "any"; + server_port = 1511; + hub_name = "My Public Hub"; + hub_description = "Yet another ADC hub"; + max_users = 150; + }; + }; + + plugins = mkOption { + description = lib.mdDoc "Uhub plugin configuration."; + type = with types; + listOf (submodule { + options = { + plugin = mkOption { + type = path; + example = literalExpression + "$${pkgs.uhub}/plugins/mod_auth_sqlite.so"; + description = lib.mdDoc "Path to plugin file."; + }; + settings = mkOption { + description = lib.mdDoc "Settings specific to this plugin."; + type = with types; attrsOf str; + example = { file = "/etc/uhub/users.db"; }; + }; + }; + }); + default = [ ]; + }; + + }; + }); + }; + + }; + + config = let + hubs = lib.attrsets.filterAttrs (_: cfg: cfg.enable) config.services.uhub; + in { + + environment.etc = lib.attrsets.mapAttrs' (name: cfg: + let + settings' = cfg.settings // { + tls_enable = cfg.enableTLS; + file_plugins = pkgs.writeText "uhub-plugins.conf" + (lib.strings.concatStringsSep "\n" (map ({ plugin, settings }: + '' + plugin ${plugin} "${ + toString + (lib.attrsets.mapAttrsToList (key: value: "${key}=${value}") + settings) + }"'') cfg.plugins)); + }; + in { + name = "uhub/${name}.conf"; + value.source = settingsFormat.generate "uhub-${name}.conf" settings'; + }) hubs; + + systemd.services = lib.attrsets.mapAttrs' (name: cfg: { + name = "uhub-${name}"; + value = let pkg = pkgs.uhub.override { tlsSupport = cfg.enableTLS; }; + in { + description = "high performance peer-to-peer hub for the ADC network"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + serviceConfig = { + Type = "notify"; + ExecStart = "${pkg}/bin/uhub -c /etc/uhub/${name}.conf -L"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + DynamicUser = true; + + AmbientCapabilities = "CAP_NET_BIND_SERVICE"; + CapabilityBoundingSet = "CAP_NET_BIND_SERVICE"; + }; + }; + }) hubs; + }; + +} |