summary refs log tree commit diff
path: root/nixos/modules/services/networking/shellhub-agent.nix
diff options
Diffstat (limited to 'nixos/modules/services/networking/shellhub-agent.nix')
1 files changed, 91 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/shellhub-agent.nix b/nixos/modules/services/networking/shellhub-agent.nix
new file mode 100644
index 00000000000..4ce4b8250bc
--- /dev/null
+++ b/nixos/modules/services/networking/shellhub-agent.nix
@@ -0,0 +1,91 @@
+{ config, lib, pkgs, ... }:
+with lib;
+  cfg =;
+in {
+  ###### interface
+  options = {
+    services.shellhub-agent = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          Whether to enable the ShellHub Agent daemon, which allows
+          secure remote logins.
+        '';
+      };
+      package = mkOption {
+        type = types.package;
+        default = pkgs.shellhub-agent;
+        defaultText = "pkgs.shellhub-agent";
+        description = ''
+          Which ShellHub Agent package to use.
+        '';
+      };
+      tenantId = mkOption {
+        type = types.str;
+        example = "ba0a880c-2ada-11eb-a35e-17266ef329d6";
+        description = ''
+          The tenant ID to use when connecting to the ShellHub
+          Gateway.
+        '';
+      };
+      server = mkOption {
+        type = types.str;
+        default = "";
+        description = ''
+          Server address of ShellHub Gateway to connect.
+        '';
+      };
+      privateKey = mkOption {
+        type = types.path;
+        default = "/var/lib/shellhub-agent/private.key";
+        description = ''
+          Location where to store the ShellHub Agent private
+          key.
+        '';
+      };
+    };
+  };
+  ###### implementation
+  config = mkIf cfg.enable {
+ = {
+      description = "ShellHub Agent";
+      wantedBy = [ "" ];
+      requires = [ "" ];
+      wants = [ "" ];
+      after = [
+        ""
+        ""
+        ""
+        ""
+      ];
+      environment.SERVER_ADDRESS = cfg.server;
+      environment.PRIVATE_KEY = cfg.privateKey;
+      environment.TENANT_ID = cfg.tenantId;
+      serviceConfig = {
+        # The service starts sessions for different users.
+        User = "root";
+        Restart = "on-failure";
+        ExecStart = "${cfg.package}/bin/agent";
+      };
+    };
+    environment.systemPackages = [ cfg.package ];
+  };