From ccee8dc09f791f363c1e4d2053983434aec54bc6 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Sun, 16 Aug 2020 17:56:49 +0300 Subject: nixos/mpd: Allow to configure a credentialsFile Allow to specify a password file to be located outside the store, and be read in `ExecStartPre`. --- nixos/modules/services/audio/mpd.nix | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/audio/mpd.nix b/nixos/modules/services/audio/mpd.nix index 1d2a982ac53..9e77ee85b89 100644 --- a/nixos/modules/services/audio/mpd.nix +++ b/nixos/modules/services/audio/mpd.nix @@ -140,6 +140,18 @@ in { ''; }; + credentialsFile = mkOption { + type = types.path; + description = '' + Path to a file to be merged with the settings during the service startup. + Useful to merge a file which is better kept out of the Nix store + because it contains sensible data like MPD's password. Example may look like this: + password "myMpdPassword@read,add,control,admin" + ''; + default = "/dev/null"; + example = "/var/lib/secrets/mpd.conf"; + }; + fluidsynth = mkOption { type = types.bool; default = false; @@ -181,7 +193,12 @@ in { serviceConfig = { User = "${cfg.user}"; - ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon ${mpdConf}"; + ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon /etc/mpd.conf"; + ExecStartPre = pkgs.writeScript "mpd-start-pre" '' + #!${pkgs.runtimeShell} + set -euo pipefail + cat ${mpdConf} ${cfg.credentialsFile} > /etc/mpd.conf + ''; Type = "notify"; LimitRTPRIO = 50; LimitRTTIME = "infinity"; @@ -195,6 +212,14 @@ in { Restart = "always"; }; }; + environment.etc."mpd.conf" = { + mode = "0640"; + group = cfg.group; + user = cfg.user; + # To be modified by the service' ExecStartPre + text = '' + ''; + }; users.users = optionalAttrs (cfg.user == name) { ${name} = { -- cgit 1.4.1 From b4756fe0c473f40f337c2c7d1059a5de5d47e181 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Thu, 10 Sep 2020 16:51:28 +0300 Subject: nixos/mpd: Mention in /etc/mpd.conf it was autogenerated --- nixos/modules/services/audio/mpd.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/modules/services/audio/mpd.nix b/nixos/modules/services/audio/mpd.nix index 9e77ee85b89..ba20b1b98d9 100644 --- a/nixos/modules/services/audio/mpd.nix +++ b/nixos/modules/services/audio/mpd.nix @@ -11,6 +11,10 @@ let cfg = config.services.mpd; mpdConf = pkgs.writeText "mpd.conf" '' + # This file was automatically generated by NixOS. Edit mpd's configuration + # via NixOS' configuration.nix, as this file will be rewritten upon mpd's + # restart. + music_directory "${cfg.musicDirectory}" playlist_directory "${cfg.playlistDirectory}" ${lib.optionalString (cfg.dbFile != null) '' -- cgit 1.4.1