diff options
author | Doron Behar <doron.behar@gmail.com> | 2020-08-16 17:56:49 +0300 |
---|---|---|
committer | Doron Behar <doron.behar@gmail.com> | 2020-08-16 18:03:47 +0300 |
commit | ccee8dc09f791f363c1e4d2053983434aec54bc6 (patch) | |
tree | 6902595ab68dca2bb143f3ddbcbe29ce52ad074c /nixos/modules | |
parent | a5985162e31587ae04ddc65c4e06146c2aff104c (diff) | |
download | nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar.gz nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar.bz2 nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar.lz nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar.xz nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.tar.zst nixpkgs-ccee8dc09f791f363c1e4d2053983434aec54bc6.zip |
nixos/mpd: Allow to configure a credentialsFile
Allow to specify a password file to be located outside the store, and be read in `ExecStartPre`.
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/audio/mpd.nix | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/nixos/modules/services/audio/mpd.nix b/nixos/modules/services/audio/mpd.nix index 1d2a982ac53..9e77ee85b89 100644 --- a/nixos/modules/services/audio/mpd.nix +++ b/nixos/modules/services/audio/mpd.nix @@ -140,6 +140,18 @@ in { ''; }; + credentialsFile = mkOption { + type = types.path; + description = '' + Path to a file to be merged with the settings during the service startup. + Useful to merge a file which is better kept out of the Nix store + because it contains sensible data like MPD's password. Example may look like this: + <literal>password "myMpdPassword@read,add,control,admin"</literal> + ''; + default = "/dev/null"; + example = "/var/lib/secrets/mpd.conf"; + }; + fluidsynth = mkOption { type = types.bool; default = false; @@ -181,7 +193,12 @@ in { serviceConfig = { User = "${cfg.user}"; - ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon ${mpdConf}"; + ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon /etc/mpd.conf"; + ExecStartPre = pkgs.writeScript "mpd-start-pre" '' + #!${pkgs.runtimeShell} + set -euo pipefail + cat ${mpdConf} ${cfg.credentialsFile} > /etc/mpd.conf + ''; Type = "notify"; LimitRTPRIO = 50; LimitRTTIME = "infinity"; @@ -195,6 +212,14 @@ in { Restart = "always"; }; }; + environment.etc."mpd.conf" = { + mode = "0640"; + group = cfg.group; + user = cfg.user; + # To be modified by the service' ExecStartPre + text = '' + ''; + }; users.users = optionalAttrs (cfg.user == name) { ${name} = { |