Loading pkgs/by-name/gh/ghostunnel/package.nix +1 −5 Original line number Diff line number Diff line Loading @@ -5,8 +5,6 @@ lib, nixosTests, ghostunnel, writeScript, runtimeShell, }: buildGoModule rec { Loading Loading @@ -37,9 +35,7 @@ buildGoModule rec { passthru.services.default = { imports = [ (lib.modules.importApply ./service.nix { inherit writeScript runtimeShell; }) (lib.modules.importApply ./service.nix { }) ]; ghostunnel.package = ghostunnel; # FIXME: finalAttrs.finalPackage }; Loading pkgs/by-name/gh/ghostunnel/service.nix +51 −57 Original line number Diff line number Diff line # Non-module dependencies (`importApply`) { writeScript, runtimeShell }: { }: # Service module { Loading Loading @@ -185,29 +185,7 @@ in # TODO assertions process = { argv = # Use a shell if credentials need to be pulled from the environment. optional (builtins.any (v: v != null) [ cfg.keystore cfg.cert cfg.key cfg.cacert ]) ( writeScript "load-credentials" '' #!${runtimeShell} exec $@ ${ concatStringsSep " " ( optional (cfg.keystore != null) "--keystore=$CREDENTIALS_DIRECTORY/keystore" ++ optional (cfg.cert != null) "--cert=$CREDENTIALS_DIRECTORY/cert" ++ optional (cfg.key != null) "--key=$CREDENTIALS_DIRECTORY/key" ++ optional (cfg.cacert != null) "--cacert=$CREDENTIALS_DIRECTORY/cacert" ) } '' ) ++ [ argv = [ (getExe cfg.package) "server" "--listen" Loading @@ -225,8 +203,23 @@ in ++ cfg.extraArguments; }; } // lib.optionalAttrs (options ? systemd) { # refine the service # Refine the service for systemd // lib.optionalAttrs (options ? systemd) ( let # Build credential flags with systemd variable substitution credentialFlags = concatStringsSep " " ( optional (cfg.keystore != null) "--keystore=\${CREDENTIALS_DIRECTORY}/keystore" ++ optional (cfg.cert != null) "--cert=\${CREDENTIALS_DIRECTORY}/cert" ++ optional (cfg.key != null) "--key=\${CREDENTIALS_DIRECTORY}/key" ++ optional (cfg.cacert != null) "--cacert=\${CREDENTIALS_DIRECTORY}/cacert" ); in { # Use mainExecStart to add credential flags with systemd variable substitution systemd.mainExecStart = config.systemd.lib.escapeSystemdExecArgs config.process.argv + lib.optionalString (credentialFlags != "") " ${credentialFlags}"; systemd.service = { after = [ "network.target" ]; wants = [ "network.target" ]; Loading @@ -242,5 +235,6 @@ in ++ optional (cfg.cacert != null) "cacert:${cfg.cacert}"; }; }; }; } ); } Loading
pkgs/by-name/gh/ghostunnel/package.nix +1 −5 Original line number Diff line number Diff line Loading @@ -5,8 +5,6 @@ lib, nixosTests, ghostunnel, writeScript, runtimeShell, }: buildGoModule rec { Loading Loading @@ -37,9 +35,7 @@ buildGoModule rec { passthru.services.default = { imports = [ (lib.modules.importApply ./service.nix { inherit writeScript runtimeShell; }) (lib.modules.importApply ./service.nix { }) ]; ghostunnel.package = ghostunnel; # FIXME: finalAttrs.finalPackage }; Loading
pkgs/by-name/gh/ghostunnel/service.nix +51 −57 Original line number Diff line number Diff line # Non-module dependencies (`importApply`) { writeScript, runtimeShell }: { }: # Service module { Loading Loading @@ -185,29 +185,7 @@ in # TODO assertions process = { argv = # Use a shell if credentials need to be pulled from the environment. optional (builtins.any (v: v != null) [ cfg.keystore cfg.cert cfg.key cfg.cacert ]) ( writeScript "load-credentials" '' #!${runtimeShell} exec $@ ${ concatStringsSep " " ( optional (cfg.keystore != null) "--keystore=$CREDENTIALS_DIRECTORY/keystore" ++ optional (cfg.cert != null) "--cert=$CREDENTIALS_DIRECTORY/cert" ++ optional (cfg.key != null) "--key=$CREDENTIALS_DIRECTORY/key" ++ optional (cfg.cacert != null) "--cacert=$CREDENTIALS_DIRECTORY/cacert" ) } '' ) ++ [ argv = [ (getExe cfg.package) "server" "--listen" Loading @@ -225,8 +203,23 @@ in ++ cfg.extraArguments; }; } // lib.optionalAttrs (options ? systemd) { # refine the service # Refine the service for systemd // lib.optionalAttrs (options ? systemd) ( let # Build credential flags with systemd variable substitution credentialFlags = concatStringsSep " " ( optional (cfg.keystore != null) "--keystore=\${CREDENTIALS_DIRECTORY}/keystore" ++ optional (cfg.cert != null) "--cert=\${CREDENTIALS_DIRECTORY}/cert" ++ optional (cfg.key != null) "--key=\${CREDENTIALS_DIRECTORY}/key" ++ optional (cfg.cacert != null) "--cacert=\${CREDENTIALS_DIRECTORY}/cacert" ); in { # Use mainExecStart to add credential flags with systemd variable substitution systemd.mainExecStart = config.systemd.lib.escapeSystemdExecArgs config.process.argv + lib.optionalString (credentialFlags != "") " ${credentialFlags}"; systemd.service = { after = [ "network.target" ]; wants = [ "network.target" ]; Loading @@ -242,5 +235,6 @@ in ++ optional (cfg.cacert != null) "cacert:${cfg.cacert}"; }; }; }; } ); }
