commit 4a6ca4ce7500fd35da90ad5532019d2f1cb30943
parent 7304c23e6aa58a9e243d79fd1a01f759b6b5ba88
Author: Leah (ctucx) <git@ctu.cx>
Date: Tue, 13 Jun 2023 22:02:12 +0200
parent 7304c23e6aa58a9e243d79fd1a01f759b6b5ba88
Author: Leah (ctucx) <git@ctu.cx>
Date: Tue, 13 Jun 2023 22:02:12 +0200
nixosModule: generate configFile from attrset :)
1 file changed, 32 insertions(+), 5 deletions(-)
diff --git a/nixosModule.nix b/nixosModule.nix @@ -4,7 +4,8 @@ with lib; let cfg = config.services.travelynx2fedi; - settingsFormat = pkgs.formats.json {}; + settingsFormat = pkgs.formats.ini {}; + configFile = settingsFormat.generate "config.ini" cfg.config; in { @@ -36,9 +37,21 @@ in { default = 8321; }; - configFile = mkOption { - type = types.str; - default = "/var/lib/travelynx2fedi/config.ini"; + config = mkOption { + type = settingsFormat.type; + default = {}; + example = {}; + }; + + environmentFiles = mkOption { + type = types.listOf types.path; + default = []; + example = [ "/run/keys/travelynx2fedi.env" ]; + description = lib.mdDoc '' + File to load as environment file. Environment variables from this file + will be interpolated into the config file using envsubst. + This is useful to avoid putting secrets into the nix store. + ''; }; }; @@ -61,19 +74,33 @@ in { environment = { TRAVELYNX2FEDI_PORT = builtins.toString cfg.port; - TRAVELYNX2FEDI_CONFIG_PATH = cfg.configFile; + TRAVELYNX2FEDI_CONFIG_PATH = ( + if cfg.environmentFiles == [] + then configFile + else "/var/run/travelynx2fedi/config.ini" + ); }; serviceConfig = { DynamicUser = true; Type = "exec"; + + RuntimeDirectory = "travelynx2fedi"; StateDirectory = "travelynx2fedi"; StateDirectoryMode = "750"; + EnvironmentFile = cfg.environmentFiles; + + Restart = "always"; RestartSec = 3; + ExecStartPre = lib.optional (cfg.environmentFiles != []) (pkgs.writeShellScript "travelynx2fedi-preStart" '' + umask 077 + ${pkgs.envsubst}/bin/envsubst -i "${configFile}" > /var/run/travelynx2fedi/config.ini + ''); + ExecStart = "${cfg.package}/bin/travelynx2fedi"; NoNewPrivileges = true;