Commit 5c0e18a6 authored by Michael Auchter's avatar Michael Auchter
Browse files

nixos/soju: add defaults and assertions for TLS 

Enabling soju without providing a value for tlsCertificate currently
results in:

  error: The option `services.soju.tlsCertificate' is used but not
  defined.

Since tlsCertificate is intended to be optional, set default to null.

Additionally, add assertions to ensure that both tlsCertificate and
tlsCertificateKey are either set or unset.
parent 1d86e567

nixos/modules/services/networking/soju.nix

+12 −0
Original line number Diff line number Diff line
@@ -49,12 +49,14 @@ in 


    tlsCertificate = mkOption {

      type = types.nullOr types.path;

      default = null;

      example = "/var/host.cert";

      description = lib.mdDoc "Path to server TLS certificate.";

    };



    tlsCertificateKey = mkOption {

      type = types.nullOr types.path;

      default = null;

      example = "/var/host.key";

      description = lib.mdDoc "Path to server TLS certificate key.";

    };
@@ -97,6 +99,16 @@ in 
  ###### implementation



  config = mkIf cfg.enable {

    assertions = [

      {

        assertion = (cfg.tlsCertificate != null) == (cfg.tlsCertificateKey != null);

        message = ''

          services.soju.tlsCertificate and services.soju.tlsCertificateKey

          must both be specified to enable TLS.

        '';

      }

    ];



    systemd.services.soju = {

      description = "soju IRC bouncer";

      wantedBy = [ "multi-user.target" ];