diff options
| author | Doron Behar <doron.behar@gmail.com> | 2020-09-11 09:11:13 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-11 09:11:13 +0300 |
| commit | 35521e4ea7a5bb471ce6b7286f5ce951b13a1027 (patch) | |
| tree | 38a7108584971f5abad38e50e00947f41d676fce /nixos/modules | |
| parent | 98a3c772969e1432bb4caeb6d40a9e0cce8b57bd (diff) | |
| parent | b4756fe0c473f40f337c2c7d1059a5de5d47e181 (diff) | |
| download | nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar.gz nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar.bz2 nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar.lz nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar.xz nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.tar.zst nixpkgs-35521e4ea7a5bb471ce6b7286f5ce951b13a1027.zip | |
Merge pull request #95599 from doronbehar/module/mpd/passwordFile
nixos/mpd: Allow to configure a credentialsFile
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/audio/mpd.nix | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/nixos/modules/services/audio/mpd.nix b/nixos/modules/services/audio/mpd.nix index 1d2a982ac53..ba20b1b98d9 100644 --- a/nixos/modules/services/audio/mpd.nix +++ b/nixos/modules/services/audio/mpd.nix @@ -11,6 +11,10 @@ let cfg = config.services.mpd; mpdConf = pkgs.writeText "mpd.conf" '' + # This file was automatically generated by NixOS. Edit mpd's configuration + # via NixOS' configuration.nix, as this file will be rewritten upon mpd's + # restart. + music_directory "${cfg.musicDirectory}" playlist_directory "${cfg.playlistDirectory}" ${lib.optionalString (cfg.dbFile != null) '' @@ -140,6 +144,18 @@ in { ''; }; + credentialsFile = mkOption { + type = types.path; + description = '' + Path to a file to be merged with the settings during the service startup. + Useful to merge a file which is better kept out of the Nix store + because it contains sensible data like MPD's password. Example may look like this: + <literal>password "myMpdPassword@read,add,control,admin"</literal> + ''; + default = "/dev/null"; + example = "/var/lib/secrets/mpd.conf"; + }; + fluidsynth = mkOption { type = types.bool; default = false; @@ -181,7 +197,12 @@ in { serviceConfig = { User = "${cfg.user}"; - ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon ${mpdConf}"; + ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon /etc/mpd.conf"; + ExecStartPre = pkgs.writeScript "mpd-start-pre" '' + #!${pkgs.runtimeShell} + set -euo pipefail + cat ${mpdConf} ${cfg.credentialsFile} > /etc/mpd.conf + ''; Type = "notify"; LimitRTPRIO = 50; LimitRTTIME = "infinity"; @@ -195,6 +216,14 @@ in { Restart = "always"; }; }; + environment.etc."mpd.conf" = { + mode = "0640"; + group = cfg.group; + user = cfg.user; + # To be modified by the service' ExecStartPre + text = '' + ''; + }; users.users = optionalAttrs (cfg.user == name) { ${name} = { |