diff options
author | Jörg Thalheim <Mic92@users.noreply.github.com> | 2019-10-04 10:23:13 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-10-04 10:23:13 +0100 |
commit | bf3360cdcfee144ce349457b248de3b93aee3c3d (patch) | |
tree | 7876e6d85493758a2b28df7ef4d8cb19a1189a83 | |
parent | 161c9dc15d212e8d2bb7bbdc404a5fdcc4e30d56 (diff) | |
parent | 5c18c08da9fd13d583b56d3b8cc698621ce8cd16 (diff) | |
download | nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar.gz nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar.bz2 nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar.lz nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar.xz nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.tar.zst nixpkgs-bf3360cdcfee144ce349457b248de3b93aee3c3d.zip |
nixos/zeronet: Improved config, dynamic user, remove static UI… (#70305)
nixos/zeronet: Improved config, dynamic user, remove static UID and GID
-rw-r--r-- | nixos/modules/misc/ids.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/networking/zeronet.nix | 92 |
2 files changed, 35 insertions, 61 deletions
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index ac6af1ce8b7..3e8a5b07a5e 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -328,7 +328,7 @@ qemu-libvirtd = 301; # kvm = 302; # unused # render = 303; # unused - zeronet = 304; + # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; @@ -629,7 +629,7 @@ qemu-libvirtd = 301; kvm = 302; # default udev rules from systemd requires these render = 303; # default udev rules from systemd requires these - zeronet = 304; + # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; diff --git a/nixos/modules/services/networking/zeronet.nix b/nixos/modules/services/networking/zeronet.nix index f4988a90268..f354a9d42c7 100644 --- a/nixos/modules/services/networking/zeronet.nix +++ b/nixos/modules/services/networking/zeronet.nix @@ -1,44 +1,39 @@ { config, lib, pkgs, ... }: let + inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types; cfg = config.services.zeronet; - - zConfFile = pkgs.writeTextFile { - name = "zeronet.conf"; - - text = '' - [global] - data_dir = ${cfg.dataDir} - log_dir = ${cfg.logDir} - '' + lib.optionalString (cfg.port != null) '' - ui_port = ${toString cfg.port} - '' + lib.optionalString (cfg.fileserverPort != null) '' - fileserver_port = ${toString cfg.fileserverPort} - '' + lib.optionalString (cfg.torAlways) '' - tor = always - '' + cfg.extraConfig; + dataDir = "/var/lib/zeronet"; + configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings)); + + defaultSettings = { + global = { + data_dir = dataDir; + log_dir = dataDir; + ui_port = cfg.port; + fileserver_port = cfg.fileserverPort; + tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable"; + }; }; in with lib; { options.services.zeronet = { enable = mkEnableOption "zeronet"; - dataDir = mkOption { - type = types.path; - default = "/var/lib/zeronet"; - example = "/home/okina/zeronet"; - description = "Path to the zeronet data directory."; - }; + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); + default = {}; + example = literalExample "global.tor = enable;"; - logDir = mkOption { - type = types.path; - default = "/var/log/zeronet"; - example = "/home/okina/zeronet/log"; - description = "Path to the zeronet log directory."; + description = '' + <filename>zeronet.conf</filename> configuration. Refer to + <link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/> + for details on supported values; + ''; }; port = mkOption { - type = types.nullOr types.int; - default = null; + type = types.int; + default = 43110; example = 43110; description = "Optional zeronet web UI port."; }; @@ -63,22 +58,13 @@ in with lib; { default = false; description = "Use TOR for all zeronet traffic."; }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - - description = '' - Extra configuration. Contents will be added verbatim to the - configuration file at the end. - ''; - }; }; config = mkIf cfg.enable { services.tor = mkIf cfg.tor { enable = true; controlPort = 9051; + extraConfig = '' CacheDirectoryGroupReadable 1 CookieAuthentication 1 @@ -86,37 +72,25 @@ in with lib; { ''; }; - systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}' 750 zeronet zeronet - -" - "d '${cfg.logDir}' 750 zeronet zeronet - -" - ]; - systemd.services.zeronet = { description = "zeronet"; after = [ "network.target" (optionalString cfg.tor "tor.service") ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - PrivateTmp = "yes"; User = "zeronet"; - Group = "zeronet"; - ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}"; - }; - }; - - users = { - groups.zeronet.gid = config.ids.gids.zeronet; - - users.zeronet = { - description = "zeronet service user"; - home = cfg.dataDir; - createHome = true; - group = "zeronet"; - extraGroups = mkIf cfg.tor [ "tor" ]; - uid = config.ids.uids.zeronet; + DynamicUser = true; + StateDirectory = "zeronet"; + SupplementaryGroups = mkIf cfg.tor [ "tor" ]; + ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}"; }; }; }; + imports = [ + (mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet") + (mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet") + ]; + meta.maintainers = with maintainers; [ chiiruno ]; } |