Move irc services to modules

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 01:53:31 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 01:53:31 +0200
commit: ffb14c1c25280777f5db3d2129c48dd319381f65 (patch)
tree: e17bbe7701a38ff5afbd6ebbe7a597c72d1539f3 /modules/private
parent: 9ade8f6eb774dc7d19d82a070199b5024786b819 (diff)
download: Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.tar.gz
Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.tar.zst
Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.zip
2 files changed, 56 insertions, 0 deletions
diff --git a/modules/private/default.nix b/modules/private/default.nix
index a7a23c2..2030315 100644
--- a/modules/private/default.nix
+++ b/modules/private/default.nix
@@ -9,4 +9,6 @@
  openldap   = ./databases/openldap;
  postgresql = ./databases/postgresql.nix;
  redis      = ./databases/redis.nix;
+  irc = ./irc.nix;
 }
diff --git a/modules/private/irc.nix b/modules/private/irc.nix
new file mode 100644
index 0000000..b3fe91f
--- /dev/null
+++ b/modules/private/irc.nix
@@ -0,0 +1,54 @@
+{ lib, pkgs, config, ... }:
+let
+  cfg = config.myServices.irc;
+in
+{
+  options.myServices = {
+    ircCerts = lib.mkOption {
+      description = "Default ircconfigurations for certificates as accepted by acme";
+    };
+    irc.enable = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to enable irc stuff.
+      '';
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    security.acme.certs."irc" = config.myServices.ircCerts // {
+      domain = "irc.immae.eu";
+      postRun = ''
+        systemctl restart stunnel.service
+      '';
+    };
+    networking.firewall.allowedTCPPorts = [ 6697 ];
+    services.bitlbee = with pkgs; {
+      enable = true;
+      authMode = "Registered";
+      libpurple_plugins = [
+        purple-hangouts
+        purple-matrix
+      ];
+      plugins = [
+        bitlbee-mastodon
+        bitlbee-facebook
+        bitlbee-discord
+        bitlbee-steam
+      ];
+    };
+    services.stunnel = {
+      enable = true;
+      servers = {
+        bitlbee = {
+          accept = 6697;
+          connect = 6667;
+          cert = "${config.security.acme.directory}/irc/full.pem";
+        };
+      };
+    };
+  };
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 01:53:31 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 01:53:31 +0200
commit	ffb14c1c25280777f5db3d2129c48dd319381f65 (patch)
tree	e17bbe7701a38ff5afbd6ebbe7a597c72d1539f3 /modules/private
parent	9ade8f6eb774dc7d19d82a070199b5024786b819 (diff)
download	Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.tar.gz Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.tar.zst Nix-ffb14c1c25280777f5db3d2129c48dd319381f65.zip

diff --git a/modules/private/default.nix b/modules/private/default.nix index a7a23c2..2030315 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix
@@ -9,4 +9,6 @@
9	openldap = ./databases/openldap;	9	openldap = ./databases/openldap;
10	postgresql = ./databases/postgresql.nix;	10	postgresql = ./databases/postgresql.nix;
11	redis = ./databases/redis.nix;	11	redis = ./databases/redis.nix;
		12
		13	irc = ./irc.nix;
12	}	14	}


diff --git a/modules/private/irc.nix b/modules/private/irc.nix new file mode 100644 index 0000000..b3fe91f --- /dev/null +++ b/modules/private/irc.nix
@@ -0,0 +1,54 @@
		1	{ lib, pkgs, config, ... }:
		2	let
		3	cfg = config.myServices.irc;
		4	in
		5	{
		6	options.myServices = {
		7	ircCerts = lib.mkOption {
		8	description = "Default ircconfigurations for certificates as accepted by acme";
		9	};
		10	irc.enable = lib.mkOption {
		11	type = lib.types.bool;
		12	default = false;
		13	description = ''
		14	Whether to enable irc stuff.
		15	'';
		16	};
		17	};
		18
		19	config = lib.mkIf cfg.enable {
		20	security.acme.certs."irc" = config.myServices.ircCerts // {
		21	domain = "irc.immae.eu";
		22	postRun = ''
		23	systemctl restart stunnel.service
		24	'';
		25	};
		26
		27	networking.firewall.allowedTCPPorts = [ 6697 ];
		28	services.bitlbee = with pkgs; {
		29	enable = true;
		30	authMode = "Registered";
		31	libpurple_plugins = [
		32	purple-hangouts
		33	purple-matrix
		34	];
		35	plugins = [
		36	bitlbee-mastodon
		37	bitlbee-facebook
		38	bitlbee-discord
		39	bitlbee-steam
		40	];
		41	};
		42
		43	services.stunnel = {
		44	enable = true;
		45	servers = {
		46	bitlbee = {
		47	accept = 6697;
		48	connect = 6667;
		49	cert = "${config.security.acme.directory}/irc/full.pem";
		50	};
		51	};
		52	};
		53	};
		54	}