Loading nixos/modules/module-list.nix +1 −0 Original line number Diff line number Diff line Loading @@ -1466,6 +1466,7 @@ ./services/web-apps/pretix.nix ./services/web-apps/prosody-filer.nix ./services/web-apps/rimgo.nix ./services/web-apps/screego.nix ./services/web-apps/sftpgo.nix ./services/web-apps/suwayomi-server.nix ./services/web-apps/rss-bridge.nix Loading nixos/modules/services/web-apps/screego.nix 0 → 100644 +96 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let inherit (lib) mkOption types mkIf; cfg = config.services.screego; defaultSettings = { SCREEGO_SERVER_ADDRESS = "127.0.0.1:5050"; SCREEGO_TURN_ADDRESS = "0.0.0.0:3478"; SCREEGO_TURN_PORT_RANGE = "50000:55000"; SCREEGO_SESSION_TIMEOUT_SECONDS = "0"; SCREEGO_CLOSE_ROOM_WHEN_OWNER_LEAVES = "true"; SCREEGO_AUTH_MODE = "turn"; SCREEGO_LOG_LEVEL = "info"; }; in { meta.maintainers = with lib.maintainers; [ pinpox ]; options.services.screego = { enable = lib.mkEnableOption "screego screen-sharing server for developers"; openFirewall = mkOption { type = types.bool; default = false; description = '' Open the firewall port(s). ''; }; environmentFile = mkOption { default = null; description = '' Environment file (see {manpage}`systemd.exec(5)` "EnvironmentFile=" section for the syntax) passed to the service. This option can be used to safely include secrets in the configuration. ''; example = "/run/secrets/screego-envfile"; type = with types; nullOr path; }; settings = lib.mkOption { type = types.attrsOf types.str; description = '' Screego settings passed as Nix attribute set, they will be merged with the defaults. Settings will be passed as environment variables. See https://screego.net/#/config for possible values ''; default = defaultSettings; example = { SCREEGO_EXTERNAL_IP = "dns:example.com"; }; }; }; config = let # User-provided settings should be merged with default settings, # overwriting where necessary mergedConfig = defaultSettings // cfg.settings; turnUDPPorts = lib.splitString ":" mergedConfig.SCREEGO_TURN_PORT_RANGE; turnPort = lib.toInt (builtins.elemAt (lib.splitString ":" mergedConfig.SCREEGO_TURN_ADDRESS) 1); in mkIf (cfg.enable) { networking.firewall = lib.mkIf cfg.openFirewall { allowedTCPPorts = [ turnPort ]; allowedUDPPorts = [ turnPort ]; allowedUDPPortRanges = [ { from = lib.toInt (builtins.elemAt turnUDPPorts 0); to = lib.toInt (builtins.elemAt turnUDPPorts 1); } ]; }; systemd.services.screego = { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; description = "screego screen-sharing for developers"; environment = mergedConfig; serviceConfig = { DynamicUser = true; ExecStart = "${lib.getExe pkgs.screego} serve"; Restart = "on-failure"; RestartSec = "5s"; } // lib.optionalAttrs (cfg.environmentFile != null) { EnvironmentFile = cfg.environmentFile; }; }; }; } Loading
nixos/modules/module-list.nix +1 −0 Original line number Diff line number Diff line Loading @@ -1466,6 +1466,7 @@ ./services/web-apps/pretix.nix ./services/web-apps/prosody-filer.nix ./services/web-apps/rimgo.nix ./services/web-apps/screego.nix ./services/web-apps/sftpgo.nix ./services/web-apps/suwayomi-server.nix ./services/web-apps/rss-bridge.nix Loading
nixos/modules/services/web-apps/screego.nix 0 → 100644 +96 −0 Original line number Diff line number Diff line { config, lib, pkgs, ... }: let inherit (lib) mkOption types mkIf; cfg = config.services.screego; defaultSettings = { SCREEGO_SERVER_ADDRESS = "127.0.0.1:5050"; SCREEGO_TURN_ADDRESS = "0.0.0.0:3478"; SCREEGO_TURN_PORT_RANGE = "50000:55000"; SCREEGO_SESSION_TIMEOUT_SECONDS = "0"; SCREEGO_CLOSE_ROOM_WHEN_OWNER_LEAVES = "true"; SCREEGO_AUTH_MODE = "turn"; SCREEGO_LOG_LEVEL = "info"; }; in { meta.maintainers = with lib.maintainers; [ pinpox ]; options.services.screego = { enable = lib.mkEnableOption "screego screen-sharing server for developers"; openFirewall = mkOption { type = types.bool; default = false; description = '' Open the firewall port(s). ''; }; environmentFile = mkOption { default = null; description = '' Environment file (see {manpage}`systemd.exec(5)` "EnvironmentFile=" section for the syntax) passed to the service. This option can be used to safely include secrets in the configuration. ''; example = "/run/secrets/screego-envfile"; type = with types; nullOr path; }; settings = lib.mkOption { type = types.attrsOf types.str; description = '' Screego settings passed as Nix attribute set, they will be merged with the defaults. Settings will be passed as environment variables. See https://screego.net/#/config for possible values ''; default = defaultSettings; example = { SCREEGO_EXTERNAL_IP = "dns:example.com"; }; }; }; config = let # User-provided settings should be merged with default settings, # overwriting where necessary mergedConfig = defaultSettings // cfg.settings; turnUDPPorts = lib.splitString ":" mergedConfig.SCREEGO_TURN_PORT_RANGE; turnPort = lib.toInt (builtins.elemAt (lib.splitString ":" mergedConfig.SCREEGO_TURN_ADDRESS) 1); in mkIf (cfg.enable) { networking.firewall = lib.mkIf cfg.openFirewall { allowedTCPPorts = [ turnPort ]; allowedUDPPorts = [ turnPort ]; allowedUDPPortRanges = [ { from = lib.toInt (builtins.elemAt turnUDPPorts 0); to = lib.toInt (builtins.elemAt turnUDPPorts 1); } ]; }; systemd.services.screego = { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; description = "screego screen-sharing for developers"; environment = mergedConfig; serviceConfig = { DynamicUser = true; ExecStart = "${lib.getExe pkgs.screego} serve"; Restart = "on-failure"; RestartSec = "5s"; } // lib.optionalAttrs (cfg.environmentFile != null) { EnvironmentFile = cfg.environmentFile; }; }; }; }
