-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
{
- config = {
- secrets.keys = [
- {
- dest = "mpd";
+ options.myServices.mpd.enable = lib.mkEnableOption "enable MPD";
+ config = lib.mkIf config.myServices.mpd.enable {
+ secrets.keys = {
+ "mpd" = {
permissions = "0400";
- text = myconfig.env.mpd.password;
- }
- {
- dest = "mpd-config";
+ text = config.myEnv.mpd.password;
+ };
+ "mpd-config" = {
permissions = "0400";
user = "mpd";
group = "mpd";
text = ''
- password "${myconfig.env.mpd.password}@read,add,control,admin"
+ password "${config.myEnv.mpd.password}@read,add,control,admin"
'';
- }
- ];
+ };
+ };
networking.firewall.allowedTCPPorts = [ 6600 ];
users.users.mpd.extraGroups = [ "wwwrun" "keys" ];
systemd.services.mpd.serviceConfig.RuntimeDirectory = "mpd";
services.filesWatcher.mpd = {
restart = true;
- paths = [ "/var/secrets/mpd-config" ];
+ paths = [ config.secrets.fullPaths."mpd-config" ];
};
services.mpd = {
enable = true;
network.listenAddress = "any";
- musicDirectory = myconfig.env.mpd.folder;
+ musicDirectory = config.myEnv.mpd.folder;
extraConfig = ''
- include "/var/secrets/mpd-config"
+ include "${config.secrets.fullPaths."mpd-config"}"
audio_output {
type "null"
name "No Output"