JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #55766 from Lucus16/bump-quassel

Browse Source 
nixos/quassel: Add support for certificate file
This commit is contained in:
Silvan Mosberger 2019-02-18 03:04:56 +01:00 committed by GitHub
commit ac953a4a6b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
nixos/modules/services/networking/quassel.nix
View File

@ -23,6 +23,22 @@ in
'';
};
certificateFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Path to the certificate used for SSL connections with clients.
'';
};
requireSSL = mkOption {
type = types.bool;
default = false;
description = ''
Require SSL for connections from clients.
'';
};
package = mkOption {
type = types.package;
default = pkgs.quasselDaemon;
@ -71,6 +87,10 @@ in
###### implementation
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.requireSSL -> cfg.certificateFile != null;
message = "Quassel needs a certificate file in order to require SSL";
}];
users.users = mkIf (cfg.user == null) [
{ name = "quassel";
@ -98,7 +118,13 @@ in
serviceConfig =
{
ExecStart = "${quassel}/bin/quasselcore --listen=${concatStringsSep '','' cfg.interfaces} --port=${toString cfg.portNumber} --configdir=${cfg.dataDir}";
ExecStart = concatStringsSep " " ([
"${quassel}/bin/quasselcore"
"--listen=${concatStringsSep "," cfg.interfaces}"
"--port=${toString cfg.portNumber}"
"--configdir=${cfg.dataDir}"
] ++ optional cfg.requireSSL "--require-ssl"
++ optional (cfg.certificateFile != null) "--ssl-cert=${cfg.certificateFile}");
User = user;
PermissionsStartOnly = true;
};