Merge pull request #125687 from malte-v/soju-module-new

nixos/soju: add module
This commit is contained in:
Aaron Andersen 2021-09-01 22:09:44 -04:00 committed by GitHub
commit abfdb24af0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 123 additions and 0 deletions

View File

@ -207,6 +207,13 @@
<link linkend="opt-services.postfixadmin.enable">postfixadmin</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://sr.ht/~emersion/soju">soju</link>, a
user-friendly IRC bouncer. Available as
<link xlink:href="options.html#opt-services.soju.enable">services.soju</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-incompatibilities">

View File

@ -63,6 +63,8 @@ subsonic-compatible api. Available as [navidrome](#opt-services.navidrome.enable
- [postfixadmin](https://postfixadmin.sourceforge.io/), a web based virtual user administration interface for Postfix mail servers. Available as [postfixadmin](#opt-services.postfixadmin.enable).
- [soju](https://sr.ht/~emersion/soju), a user-friendly IRC bouncer. Available as [services.soju](options.html#opt-services.soju.enable).
## Backward Incompatibilities {#sec-release-21.11-incompatibilities}

View File

@ -833,6 +833,7 @@
./services/networking/smokeping.nix
./services/networking/softether.nix
./services/networking/solanum.nix
./services/networking/soju.nix
./services/networking/spacecookie.nix
./services/networking/spiped.nix
./services/networking/squid.nix

View File

@ -0,0 +1,113 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.soju;
stateDir = "/var/lib/soju";
listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") cfg.listen;
tlsCfg = optionalString (cfg.tlsCertificate != null)
"tls ${cfg.tlsCertificate} ${cfg.tlsCertificateKey}";
logCfg = optionalString cfg.enableMessageLogging
"log fs ${stateDir}/logs";
configFile = pkgs.writeText "soju.conf" ''
${listenCfg}
hostname ${cfg.hostName}
${tlsCfg}
db sqlite3 ${stateDir}/soju.db
${logCfg}
http-origin ${concatStringsSep " " cfg.httpOrigins}
accept-proxy-ip ${concatStringsSep " " cfg.acceptProxyIP}
${cfg.extraConfig}
'';
in
{
###### interface
options.services.soju = {
enable = mkEnableOption "soju";
listen = mkOption {
type = types.listOf types.str;
default = [ ":6697" ];
description = ''
Where soju should listen for incoming connections. See the
<literal>listen</literal> directive in
<citerefentry><refentrytitle>soju</refentrytitle>
<manvolnum>1</manvolnum></citerefentry>.
'';
};
hostName = mkOption {
type = types.str;
default = config.networking.hostName;
description = "Server hostname.";
};
tlsCertificate = mkOption {
type = types.nullOr types.path;
example = "/var/host.cert";
description = "Path to server TLS certificate.";
};
tlsCertificateKey = mkOption {
type = types.nullOr types.path;
example = "/var/host.key";
description = "Path to server TLS certificate key.";
};
enableMessageLogging = mkOption {
type = types.bool;
default = true;
description = "Whether to enable message logging.";
};
httpOrigins = mkOption {
type = types.listOf types.str;
default = [];
description = ''
List of allowed HTTP origins for WebSocket listeners. The parameters are
interpreted as shell patterns, see
<citerefentry><refentrytitle>glob</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
'';
};
acceptProxyIP = mkOption {
type = types.listOf types.str;
default = [];
description = ''
Allow the specified IPs to act as a proxy. Proxys have the ability to
overwrite the remote and local connection addresses (via the X-Forwarded-\*
HTTP header fields). The special name "localhost" accepts the loopback
addresses 127.0.0.0/8 and ::1/128. By default, all IPs are rejected.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = "Lines added verbatim to the configuration file.";
};
};
###### implementation
config = mkIf cfg.enable {
systemd.services.soju = {
description = "soju IRC bouncer";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
serviceConfig = {
DynamicUser = true;
Restart = "always";
ExecStart = "${pkgs.soju}/bin/soju -config ${configFile}";
StateDirectory = "soju";
};
};
};
meta.maintainers = with maintainers; [ malvo ];
}