Loading nixos/modules/services/networking/syncplay.nix +39 −5 Original line number Diff line number Diff line Loading @@ -8,7 +8,8 @@ let cmdArgs = [ "--port" cfg.port ] ++ optionals (cfg.salt != null) [ "--salt" cfg.salt ] ++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ]; ++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ] ++ cfg.extraArgs; in { Loading @@ -33,7 +34,22 @@ in default = null; description = lib.mdDoc '' Salt to allow room operator passwords generated by this server instance to still work when the server is restarted. instance to still work when the server is restarted. The salt will be readable in the nix store and the processlist. If this is not intended use `saltFile` instead. Mutually exclusive with <option>services.syncplay.saltFile</option>. ''; }; saltFile = mkOption { type = types.nullOr types.path; default = null; description = lib.mdDoc '' Path to the file that contains the server salt. This allows room operator passwords generated by this server instance to still work when the server is restarted. `null`, the server doesn't load the salt from a file. Mutually exclusive with <option>services.syncplay.salt</option>. ''; }; Loading @@ -46,6 +62,14 @@ in ''; }; extraArgs = mkOption { type = types.listOf types.str; default = [ ]; description = lib.mdDoc '' Additional arguments to be passed to the service. ''; }; user = mkOption { type = types.str; default = "nobody"; Loading Loading @@ -74,6 +98,12 @@ in }; config = mkIf cfg.enable { assertions = [ { assertion = cfg.salt == null || cfg.saltFile == null; message = "services.syncplay.salt and services.syncplay.saltFile are mutually exclusive."; } ]; systemd.services.syncplay = { description = "Syncplay Service"; wantedBy = [ "multi-user.target" ]; Loading @@ -82,13 +112,17 @@ in serviceConfig = { User = cfg.user; Group = cfg.group; LoadCredential = lib.mkIf (cfg.passwordFile != null) "password:${cfg.passwordFile}"; LoadCredential = lib.optional (cfg.passwordFile != null) "password:${cfg.passwordFile}" ++ lib.optional (cfg.saltFile != null) "salt:${cfg.saltFile}"; }; script = '' ${lib.optionalString (cfg.passwordFile != null) '' export SYNCPLAY_PASSWORD=$(cat "''${CREDENTIALS_DIRECTORY}/password") ''} ${lib.optionalString (cfg.saltFile != null) '' export SYNCPLAY_SALT=$(cat "''${CREDENTIALS_DIRECTORY}/salt") ''} exec ${pkgs.syncplay-nogui}/bin/syncplay-server ${escapeShellArgs cmdArgs} ''; }; Loading Loading
nixos/modules/services/networking/syncplay.nix +39 −5 Original line number Diff line number Diff line Loading @@ -8,7 +8,8 @@ let cmdArgs = [ "--port" cfg.port ] ++ optionals (cfg.salt != null) [ "--salt" cfg.salt ] ++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ]; ++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ] ++ cfg.extraArgs; in { Loading @@ -33,7 +34,22 @@ in default = null; description = lib.mdDoc '' Salt to allow room operator passwords generated by this server instance to still work when the server is restarted. instance to still work when the server is restarted. The salt will be readable in the nix store and the processlist. If this is not intended use `saltFile` instead. Mutually exclusive with <option>services.syncplay.saltFile</option>. ''; }; saltFile = mkOption { type = types.nullOr types.path; default = null; description = lib.mdDoc '' Path to the file that contains the server salt. This allows room operator passwords generated by this server instance to still work when the server is restarted. `null`, the server doesn't load the salt from a file. Mutually exclusive with <option>services.syncplay.salt</option>. ''; }; Loading @@ -46,6 +62,14 @@ in ''; }; extraArgs = mkOption { type = types.listOf types.str; default = [ ]; description = lib.mdDoc '' Additional arguments to be passed to the service. ''; }; user = mkOption { type = types.str; default = "nobody"; Loading Loading @@ -74,6 +98,12 @@ in }; config = mkIf cfg.enable { assertions = [ { assertion = cfg.salt == null || cfg.saltFile == null; message = "services.syncplay.salt and services.syncplay.saltFile are mutually exclusive."; } ]; systemd.services.syncplay = { description = "Syncplay Service"; wantedBy = [ "multi-user.target" ]; Loading @@ -82,13 +112,17 @@ in serviceConfig = { User = cfg.user; Group = cfg.group; LoadCredential = lib.mkIf (cfg.passwordFile != null) "password:${cfg.passwordFile}"; LoadCredential = lib.optional (cfg.passwordFile != null) "password:${cfg.passwordFile}" ++ lib.optional (cfg.saltFile != null) "salt:${cfg.saltFile}"; }; script = '' ${lib.optionalString (cfg.passwordFile != null) '' export SYNCPLAY_PASSWORD=$(cat "''${CREDENTIALS_DIRECTORY}/password") ''} ${lib.optionalString (cfg.saltFile != null) '' export SYNCPLAY_SALT=$(cat "''${CREDENTIALS_DIRECTORY}/salt") ''} exec ${pkgs.syncplay-nogui}/bin/syncplay-server ${escapeShellArgs cmdArgs} ''; }; Loading
Sandro <sandro.jaeckel@gmail.com>Sandro <sandro.jaeckel@gmail.com>