nixpkgs/nixos/modules/services/networking/websockify.nix

55 lines
1.6 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
2013-02-15 02:50:41 +00:00
with lib;
2013-02-15 02:50:41 +00:00
let cfg = config.services.networking.websockify; in {
options = {
services.networking.websockify = {
enable = mkOption {
description = "Whether to enable websockify to forward websocket connections to TCP connections.";
2013-02-15 02:50:41 +00:00
default = false;
2013-02-15 02:50:41 +00:00
type = types.bool;
2013-02-15 02:50:41 +00:00
};
sslCert = mkOption {
description = "Path to the SSL certificate.";
2013-02-15 02:50:41 +00:00
type = types.path;
};
sslKey = mkOption {
description = "Path to the SSL key.";
2013-02-15 02:50:41 +00:00
default = cfg.sslCert;
defaultText = literalExpression "config.services.networking.websockify.sslCert";
2013-02-15 02:50:41 +00:00
type = types.path;
};
portMap = mkOption {
description = "Ports to map by default.";
2013-02-15 02:50:41 +00:00
default = {};
type = types.attrsOf types.int;
};
};
};
config = mkIf cfg.enable {
systemd.services."websockify@" = {
2013-02-18 16:55:10 +00:00
description = "Service to forward websocket connections to TCP connections (from port:to port %I)";
2013-02-15 02:50:41 +00:00
script = ''
IFS=':' read -a array <<< "$1"
${pkgs.pythonPackages.websockify}/bin/websockify --ssl-only \
--cert=${cfg.sslCert} --key=${cfg.sslKey} 0.0.0.0:''${array[0]} 0.0.0.0:''${array[1]}
'';
scriptArgs = "%i";
};
2019-08-13 22:52:01 +01:00
systemd.targets.default-websockify = {
2013-02-18 16:55:10 +00:00
description = "Target to start all default websockify@ services";
2019-08-13 22:52:01 +01:00
unitConfig.X-StopOnReconfiguration = true;
2013-02-15 02:50:41 +00:00
wants = mapAttrsToList (name: value: "websockify@${name}:${toString value}.service") cfg.portMap;
wantedBy = [ "multi-user.target" ];
};
};
}