From 1cf495d6eb113541dfa1667f03f7edd10c2217b1 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 23 Dec 2021 20:09:06 +0100 Subject: krebs.systemd: support credentials of any service --- krebs/3modules/systemd.nix | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) (limited to 'krebs/3modules/systemd.nix') diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix index c30b2264a..00538d5f3 100644 --- a/krebs/3modules/systemd.nix +++ b/krebs/3modules/systemd.nix @@ -1,36 +1,39 @@ -{ config, options, pkgs, ... }: let { +{ config, pkgs, ... }: let { lib = import ../../lib; body.options.krebs.systemd.services = lib.mkOption { default = {}; - type = lib.types.attrs; - description = '' - Definition of systemd service units with bonus features. - - Services defined using this option will be restarted whenever any file - (described by an absolute path) used in LoadCredential changes. - ''; + type = lib.types.attrsOf (lib.types.submodule { + options = { + serviceConfig.LoadCredential = lib.mkOption { + apply = lib.toList; + type = + lib.types.either lib.types.str (lib.types.listOf lib.types.str); + }; + }; + }); }; body.config.systemd = lib.mkMerge (lib.flatten (lib.mapAttrsToList (serviceName: cfg: let - prefix = [ "krebs" "systemd" "services" serviceName ]; - opts = options.systemd.services.type.getSubOptions prefix; - paths = lib.filter lib.types.absolute-pathname.check (map (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ]) - (cfg.serviceConfig.LoadCredential or [])); + cfg.serviceConfig.LoadCredential); in lib.singleton { - services.${serviceName} = cfg; + services.${serviceName} = { + serviceConfig = { + LoadCredential = cfg.serviceConfig.LoadCredential; + }; + }; } ++ - lib.optionals (cfg.enable or opts.enable.default) (map (path: let + map (path: let triggerName = "trigger-${lib.systemd.encodeName path}"; in { paths.${triggerName} = { @@ -46,6 +49,6 @@ ]); }; }; - }) paths) + }) paths ) config.krebs.systemd.services)); } -- cgit v1.2.3