diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/quassel.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/quassel.nix | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/quassel.nix b/nixpkgs/nixos/modules/services/networking/quassel.nix new file mode 100644 index 000000000000..b223a48e0550 --- /dev/null +++ b/nixpkgs/nixos/modules/services/networking/quassel.nix @@ -0,0 +1,135 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.quassel; + quassel = cfg.package; + user = if cfg.user != null then cfg.user else "quassel"; +in + +{ + + ###### interface + + options = { + + services.quassel = { + + enable = mkOption { + default = false; + description = '' + Whether to run the Quassel IRC client daemon. + ''; + }; + + certificateFile = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + Path to the certificate used for SSL connections with clients. + ''; + }; + + requireSSL = mkOption { + type = types.bool; + default = false; + description = '' + Require SSL for connections from clients. + ''; + }; + + package = mkOption { + type = types.package; + default = pkgs.quasselDaemon; + defaultText = "pkgs.quasselDaemon"; + description = '' + The package of the quassel daemon. + ''; + example = literalExample "pkgs.quasselDaemon"; + }; + + interfaces = mkOption { + default = [ "127.0.0.1" ]; + description = '' + The interfaces the Quassel daemon will be listening to. If `[ 127.0.0.1 ]', + only clients on the local host can connect to it; if `[ 0.0.0.0 ]', clients + can access it from any network interface. + ''; + }; + + portNumber = mkOption { + default = 4242; + description = '' + The port number the Quassel daemon will be listening to. + ''; + }; + + dataDir = mkOption { + default = ''/home/${user}/.config/quassel-irc.org''; + description = '' + The directory holding configuration files, the SQlite database and the SSL Cert. + ''; + }; + + user = mkOption { + default = null; + description = '' + The existing user the Quassel daemon should run as. If left empty, a default "quassel" user will be created. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf cfg.enable { + assertions = [ + { assertion = cfg.requireSSL -> cfg.certificateFile != null; + message = "Quassel needs a certificate file in order to require SSL"; + }]; + + users.users = mkIf (cfg.user == null) [ + { name = "quassel"; + description = "Quassel IRC client daemon"; + group = "quassel"; + uid = config.ids.uids.quassel; + }]; + + users.groups = mkIf (cfg.user == null) [ + { name = "quassel"; + gid = config.ids.gids.quassel; + }]; + + systemd.services.quassel = + { description = "Quassel IRC client daemon"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ] ++ optional config.services.postgresql.enable "postgresql.service" + ++ optional config.services.mysql.enable "mysql.service"; + + preStart = '' + mkdir -p ${cfg.dataDir} + chown ${user} ${cfg.dataDir} + ''; + + serviceConfig = + { + ExecStart = concatStringsSep " " ([ + "${quassel}/bin/quasselcore" + "--listen=${concatStringsSep "," cfg.interfaces}" + "--port=${toString cfg.portNumber}" + "--configdir=${cfg.dataDir}" + ] ++ optional cfg.requireSSL "--require-ssl" + ++ optional (cfg.certificateFile != null) "--ssl-cert=${cfg.certificateFile}"); + User = user; + PermissionsStartOnly = true; + }; + }; + + }; + +} |