From ffb14c1c25280777f5db3d2129c48dd319381f65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 17 May 2019 01:53:31 +0200 Subject: Move irc services to modules --- modules/private/default.nix | 2 ++ modules/private/irc.nix | 54 +++++++++++++++++++++++++++++++++++++++++ nixops/eldiron.nix | 3 +-- nixops/modules/certificates.nix | 1 + nixops/modules/irc.nix | 48 ------------------------------------ 5 files changed, 58 insertions(+), 50 deletions(-) create mode 100644 modules/private/irc.nix delete mode 100644 nixops/modules/irc.nix diff --git a/modules/private/default.nix b/modules/private/default.nix index a7a23c2..2030315 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix @@ -9,4 +9,6 @@ openldap = ./databases/openldap; postgresql = ./databases/postgresql.nix; redis = ./databases/redis.nix; + + irc = ./irc.nix; } diff --git a/modules/private/irc.nix b/modules/private/irc.nix new file mode 100644 index 0000000..b3fe91f --- /dev/null +++ b/modules/private/irc.nix @@ -0,0 +1,54 @@ +{ lib, pkgs, config, ... }: +let + cfg = config.myServices.irc; +in +{ + options.myServices = { + ircCerts = lib.mkOption { + description = "Default ircconfigurations for certificates as accepted by acme"; + }; + irc.enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Whether to enable irc stuff. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + security.acme.certs."irc" = config.myServices.ircCerts // { + domain = "irc.immae.eu"; + postRun = '' + systemctl restart stunnel.service + ''; + }; + + networking.firewall.allowedTCPPorts = [ 6697 ]; + services.bitlbee = with pkgs; { + enable = true; + authMode = "Registered"; + libpurple_plugins = [ + purple-hangouts + purple-matrix + ]; + plugins = [ + bitlbee-mastodon + bitlbee-facebook + bitlbee-discord + bitlbee-steam + ]; + }; + + services.stunnel = { + enable = true; + servers = { + bitlbee = { + accept = 6697; + connect = 6667; + cert = "${config.security.acme.directory}/irc/full.pem"; + }; + }; + }; + }; +} diff --git a/nixops/eldiron.nix b/nixops/eldiron.nix index 37f901e..a0c5c7c 100644 --- a/nixops/eldiron.nix +++ b/nixops/eldiron.nix @@ -41,14 +41,13 @@ ./modules/ftp.nix ./modules/pub ./modules/task - ./modules/irc.nix ./modules/buildbot ./modules/dns.nix ] ++ (builtins.attrValues (import ../modules)); myServices.databases.enable = true; + myServices.irc.enable = true; services.myGitolite.enable = true; services.pure-ftpd.enable = true; - services.irc.enable = true; services.pub.enable = true; services.myTasks.enable = true; services.buildbot.enable = true; diff --git a/nixops/modules/certificates.nix b/nixops/modules/certificates.nix index 72896fd..43f6a23 100644 --- a/nixops/modules/certificates.nix +++ b/nixops/modules/certificates.nix @@ -17,6 +17,7 @@ config = { services.websitesCerts = config.services.myCertificates.certConfig; myServices.databasesCerts = config.services.myCertificates.certConfig; + myServices.ircCerts = config.services.myCertificates.certConfig; security.acme.preliminarySelfsigned = true; diff --git a/nixops/modules/irc.nix b/nixops/modules/irc.nix deleted file mode 100644 index 363bfef..0000000 --- a/nixops/modules/irc.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ lib, pkgs, config, myconfig, ... }: -{ - options = { - services.irc.enable = lib.mkOption { - type = lib.types.bool; - default = false; - description = '' - Whether to enable irc stuff. - ''; - }; - }; - - config = lib.mkIf config.services.irc.enable { - security.acme.certs."irc" = config.services.myCertificates.certConfig // { - domain = "irc.immae.eu"; - postRun = '' - systemctl restart stunnel.service - ''; - }; - - networking.firewall.allowedTCPPorts = [ 6697 ]; - services.bitlbee = { - enable = true; - authMode = "Registered"; - libpurple_plugins = [ - pkgs.purple-hangouts - pkgs.purple-matrix - ]; - plugins = [ - pkgs.bitlbee-mastodon - pkgs.bitlbee-facebook - pkgs.bitlbee-discord - pkgs.bitlbee-steam - ]; - }; - - services.stunnel = { - enable = true; - servers = { - bitlbee = { - accept = 6697; - connect = 6667; - cert = "${config.security.acme.directory}/irc/full.pem"; - }; - }; - }; - }; -} -- cgit v1.2.3