nixos/bitlbee: option to use pam

This commit is contained in:
Jörg Thalheim 2018-09-22 10:27:49 +01:00
parent 14cc9a2f0f
commit d334c1c1d0
2 changed files with 40 additions and 18 deletions

View File

@ -7,9 +7,10 @@ let
cfg = config.services.bitlbee;
bitlbeeUid = config.ids.uids.bitlbee;
bitlbeePkg = if cfg.libpurple_plugins == []
then pkgs.bitlbee
else pkgs.bitlbee.override { enableLibPurple = true; };
bitlbeePkg = pkgs.bitlbee.override {
enableLibPurple = cfg.libpurple_plugins != [];
enablePam = cfg.authBackend == "pam";
};
bitlbeeConfig = pkgs.writeText "bitlbee.conf"
''
@ -20,6 +21,7 @@ let
DaemonInterface = ${cfg.interface}
DaemonPort = ${toString cfg.portNumber}
AuthMode = ${cfg.authMode}
AuthBackend = ${cfg.authBackend}
Plugindir = ${pkgs.bitlbee-plugins cfg.plugins}/lib/bitlbee
${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
@ -70,6 +72,16 @@ in
'';
};
authBackend = mkOption {
default = "storage";
type = types.enum [ "storage" "pam" ];
description = ''
How users are authenticated
storage -- save passwords internally
pam -- Linux PAM authentication
'';
};
authMode = mkOption {
default = "Open";
type = types.enum [ "Open" "Closed" "Registered" ];
@ -147,23 +159,22 @@ in
###### implementation
config = mkIf config.services.bitlbee.enable {
users.users = singleton
{ name = "bitlbee";
config = mkMerge [
(mkIf config.services.bitlbee.enable {
users.users = singleton {
name = "bitlbee";
uid = bitlbeeUid;
description = "BitlBee user";
home = "/var/lib/bitlbee";
createHome = true;
};
users.groups = singleton
{ name = "bitlbee";
users.groups = singleton {
name = "bitlbee";
gid = config.ids.gids.bitlbee;
};
systemd.services.bitlbee =
{
systemd.services.bitlbee = {
environment.PURPLE_PLUGIN_PATH = purple_plugin_path;
description = "BitlBee IRC to other chat networks gateway";
after = [ "network.target" ];
@ -172,8 +183,12 @@ in
serviceConfig.ExecStart = "${bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}";
};
environment.systemPackages = [ bitlbeePkg ];
environment.systemPackages = [ bitlbeePkg ];
};
})
(mkIf (config.services.bitlbee.authBackend == "pam") {
security.pam.services.bitlbee = {};
})
];
}

View File

@ -1,5 +1,7 @@
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python,
enableLibPurple ? false, pidgin ? null }:
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
, enableLibPurple ? false, pidgin ? null
, enablePam ? false, pam ? null
}:
with stdenv.lib;
stdenv.mkDerivation rec {
@ -13,18 +15,23 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig ] ++ optional doCheck check;
buildInputs = [ gnutls glib libotr python ]
++ optional enableLibPurple pidgin;
++ optional enableLibPurple pidgin
++ optional enablePam pam;
configureFlags = [
"--otr=1"
"--ssl=gnutls"
"--pidfile=/var/lib/bitlbee/bitlbee.pid"
]
++ optional enableLibPurple "--purple=1";
] ++ optional enableLibPurple "--purple=1"
++ optional enablePam "--pam=1";
installTargets = [ "install" "install-dev" ];
doCheck = !enableLibPurple; # Checks fail with libpurple for some reason
checkPhase = ''
# check flags set VERBOSE=y which breaks the build due overriding a command
make check
'';
enableParallelBuilding = true;