nixos/libreddit: init module and test
This commit is contained in:
parent
ecae4bfe9d
commit
1c5bdf76e9
@ -496,6 +496,7 @@
|
||||
./services/misc/logkeys.nix
|
||||
./services/misc/leaps.nix
|
||||
./services/misc/lidarr.nix
|
||||
./services/misc/libreddit.nix
|
||||
./services/misc/lifecycled.nix
|
||||
./services/misc/mame.nix
|
||||
./services/misc/matrix-appservice-discord.nix
|
||||
|
66
nixos/modules/services/misc/libreddit.nix
Normal file
66
nixos/modules/services/misc/libreddit.nix
Normal file
@ -0,0 +1,66 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.libreddit;
|
||||
|
||||
args = concatStringsSep " " ([
|
||||
"--port ${toString cfg.port}"
|
||||
"--address ${cfg.address}"
|
||||
] ++ optional cfg.redirect "--redirect-https");
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.libreddit = {
|
||||
enable = mkEnableOption "Private front-end for Reddit";
|
||||
|
||||
address = mkOption {
|
||||
default = "0.0.0.0";
|
||||
example = "127.0.0.1";
|
||||
type = types.str;
|
||||
description = "The address to listen on";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = 8080;
|
||||
example = 8000;
|
||||
type = types.port;
|
||||
description = "The port to listen on";
|
||||
};
|
||||
|
||||
redirect = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Enable the redirecting to HTTPS";
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Open ports in the firewall for the libreddit web interface";
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.libreddit = {
|
||||
description = "Private front-end for Reddit";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
ExecStart = "${pkgs.libreddit}/bin/libreddit ${args}";
|
||||
AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
|
||||
Restart = "on-failure";
|
||||
RestartSec = "2s";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ cfg.port ];
|
||||
};
|
||||
};
|
||||
}
|
@ -209,6 +209,7 @@ in
|
||||
latestKernel.hardened = handleTest ./hardened.nix { latestKernel = true; };
|
||||
latestKernel.login = handleTest ./login.nix { latestKernel = true; };
|
||||
leaps = handleTest ./leaps.nix {};
|
||||
libreddit = handleTest ./libreddit.nix {};
|
||||
lidarr = handleTest ./lidarr.nix {};
|
||||
lightdm = handleTest ./lightdm.nix {};
|
||||
limesurvey = handleTest ./limesurvey.nix {};
|
||||
|
19
nixos/tests/libreddit.nix
Normal file
19
nixos/tests/libreddit.nix
Normal file
@ -0,0 +1,19 @@
|
||||
import ./make-test-python.nix ({ lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
name = "libreddit";
|
||||
meta.maintainers = with maintainers; [ fab ];
|
||||
|
||||
nodes.machine =
|
||||
{ pkgs, ... }:
|
||||
{ services.libreddit.enable = true; };
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("libreddit.service")
|
||||
machine.wait_for_open_port("8080")
|
||||
# The service wants to get data from https://www.reddit.com
|
||||
machine.succeed("curl http://localhost:8080/")
|
||||
'';
|
||||
})
|
Loading…
Reference in New Issue
Block a user