]>
Commit | Line | Data |
---|---|---|
1 | { lib, pkgs, config, ... }: | |
2 | let | |
3 | cfg = config.services.fiche; | |
4 | in | |
5 | { | |
6 | options.services.fiche = { | |
7 | enable = lib.mkEnableOption "Enable fiche’s service"; | |
8 | port = lib.mkOption { | |
9 | type = lib.types.port; | |
10 | description = "Port to listen to"; | |
11 | }; | |
12 | domain = lib.mkOption { | |
13 | type = lib.types.str; | |
14 | description = "Domain"; | |
15 | }; | |
16 | dataDir = lib.mkOption { | |
17 | type = lib.types.path; | |
18 | default = "/var/lib/fiche"; | |
19 | description = "Directory where to place the pastes"; | |
20 | }; | |
21 | https = lib.mkEnableOption "Use https"; | |
22 | }; | |
23 | ||
24 | config = lib.mkIf cfg.enable { | |
25 | networking.firewall.allowedTCPPorts = [ cfg.port ]; | |
26 | ||
27 | ||
28 | system.activationScripts.fiche = '' | |
29 | mkdir -p /var/lib/fiche | |
30 | ''; | |
31 | systemd.services.fiche = { | |
32 | description = "Fiche server"; | |
33 | wantedBy = [ "multi-user.target" ]; | |
34 | after = [ "network.target" ]; | |
35 | ||
36 | script = '' | |
37 | exec ${pkgs.fiche}/bin/fiche -o ${cfg.dataDir} -d ${cfg.domain} ${lib.optionalString cfg.https "-S "} -p ${builtins.toString cfg.port} | |
38 | ''; | |
39 | ||
40 | serviceConfig = { | |
41 | ExecStartPre = [ | |
42 | "+${pkgs.coreutils}/bin/install -m 0755 -o fiche -d /var/lib/fiche" | |
43 | ]; | |
44 | DynamicUser = true; | |
45 | User = "fiche"; | |
46 | PrivateTmp = true; | |
47 | Restart = "always"; | |
48 | WorkingDirectory = cfg.dataDir; | |
49 | ReadWritePaths = cfg.dataDir; | |
50 | }; | |
51 | }; | |
52 | }; | |
53 | } |