From 8a7e4b95c23c45b9d341f38b7bb96c3acfecff8a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 06:05:49 +0100 Subject: tv.ejabberd: refactor --- tv/3modules/ejabberd/default.nix | 76 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 tv/3modules/ejabberd/default.nix (limited to 'tv/3modules/ejabberd/default.nix') diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix new file mode 100644 index 000000000..51a3060fd --- /dev/null +++ b/tv/3modules/ejabberd/default.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }@args: with config.krebs.lib; let + cfg = config.tv.ejabberd; +in { + options.tv.ejabberd = { + enable = mkEnableOption "tv.ejabberd"; + certfile = mkOption { + type = types.secret-file; + default = { + path = "${cfg.user.home}/ejabberd.pem"; + owner-name = "ejabberd"; + source-path = toString + "/ejabberd.pem"; + }; + }; + hosts = mkOption { + type = with types; listOf str; + }; + pkgs.ejabberdctl = mkOption { + type = types.package; + default = pkgs.writeDashBin "ejabberdctl" '' + set -efu + export SPOOLDIR=${shell.escape cfg.user.home} + export EJABBERD_CONFIG_PATH=${shell.escape (import ./config.nix args)} + exec ${pkgs.ejabberd}/bin/ejabberdctl \ + --logs ${shell.escape cfg.user.home} \ + "$@" + ''; + }; + s2s_certfile = mkOption { + type = types.secret-file; + default = cfg.certfile; + }; + user = mkOption { + type = types.submodule { + options = { + name = mkOption { + type = types.str; + default = "ejabberd"; + }; + home = mkOption { + type = types.str; + default = "/var/ejabberd"; + }; + }; + }; + default = {}; + }; + }; + config = lib.mkIf cfg.enable { + environment.systemPackages = [ cfg.pkgs.ejabberdctl ]; + + krebs.secret.files = { + ejabberd-certfile = cfg.certfile; + ejabberd-s2s_certfile = cfg.s2s_certfile; + }; + + systemd.services.ejabberd = { + wantedBy = [ "multi-user.target" ]; + requires = [ "secret.service" ]; + after = [ "network.target" "secret.service" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = "yes"; + PermissionsStartOnly = "true"; + SyslogIdentifier = "ejabberd"; + User = cfg.user.name; + ExecStart = "${cfg.pkgs.ejabberdctl}/bin/ejabberdctl start"; + }; + }; + + users.users.${cfg.user.name} = { + inherit (cfg.user) home name; + createHome = true; + uid = genid cfg.user.name; + }; + }; +} -- cgit v1.2.3 From c5f18dfdfe9874ba48834447c8d3259b115c1357 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 06:39:12 +0100 Subject: tv.{charybdis,ejabberd}.user :: user --- tv/3modules/ejabberd/default.nix | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'tv/3modules/ejabberd/default.nix') diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index 51a3060fd..4077da286 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -30,19 +30,11 @@ in { default = cfg.certfile; }; user = mkOption { - type = types.submodule { - options = { - name = mkOption { - type = types.str; - default = "ejabberd"; - }; - home = mkOption { - type = types.str; - default = "/var/ejabberd"; - }; - }; + type = types.user; + default = { + name = "ejabberd"; + home = "/var/ejabberd"; }; - default = {}; }; }; config = lib.mkIf cfg.enable { -- cgit v1.2.3 From 05be525be6d0896b155da7305b2cee950fb3530e Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 06:56:57 +0100 Subject: krebs.types.user: add uid :: int --- tv/3modules/ejabberd/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'tv/3modules/ejabberd/default.nix') diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index 4077da286..da108eb52 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -60,9 +60,8 @@ in { }; users.users.${cfg.user.name} = { - inherit (cfg.user) home name; + inherit (cfg.user) home name uid; createHome = true; - uid = genid cfg.user.name; }; }; } -- cgit v1.2.3 From e3ddf995e92985ee14dab5735ac55045c166aaaf Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 07:18:13 +0100 Subject: krebs types.secret-file: owner-name -> owner :: user --- tv/3modules/ejabberd/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv/3modules/ejabberd/default.nix') diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index da108eb52..95ea24be1 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -7,7 +7,7 @@ in { type = types.secret-file; default = { path = "${cfg.user.home}/ejabberd.pem"; - owner-name = "ejabberd"; + owner = cfg.user; source-path = toString + "/ejabberd.pem"; }; }; -- cgit v1.2.3