matterbridge module: add configPath option as a workaround, waiting for nix encryption
This commit is contained in:
parent
6c064e6b1f
commit
e199143f11
@ -1,4 +1,4 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ options, config, pkgs, lib, ... }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
@ -6,7 +6,11 @@ let
|
|||||||
|
|
||||||
cfg = config.services.matterbridge;
|
cfg = config.services.matterbridge;
|
||||||
|
|
||||||
matterbridgeConfToml = pkgs.writeText "matterbridge.toml" (cfg.configFile);
|
matterbridgeConfToml =
|
||||||
|
if cfg.configPath == null then
|
||||||
|
pkgs.writeText "matterbridge.toml" (cfg.configFile)
|
||||||
|
else
|
||||||
|
cfg.configPath;
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
@ -15,17 +19,32 @@ in
|
|||||||
services.matterbridge = {
|
services.matterbridge = {
|
||||||
enable = mkEnableOption "Matterbridge chat platform bridge";
|
enable = mkEnableOption "Matterbridge chat platform bridge";
|
||||||
|
|
||||||
|
configPath = mkOption {
|
||||||
|
type = with types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
example = "/etc/nixos/matterbridge.toml";
|
||||||
|
description = ''
|
||||||
|
The path to the matterbridge configuration file.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
configFile = mkOption {
|
configFile = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
example = ''
|
example = ''
|
||||||
#WARNING: as this file contains credentials, be sure to set correct file permissions [irc]
|
# WARNING: as this file contains credentials, do not use this option!
|
||||||
|
# It is kept only for backwards compatibility, and would cause your
|
||||||
|
# credentials to be in the nix-store, thus with the world-readable
|
||||||
|
# permission bits.
|
||||||
|
# Use services.matterbridge.configPath instead.
|
||||||
|
|
||||||
|
[irc]
|
||||||
[irc.freenode]
|
[irc.freenode]
|
||||||
Server="irc.freenode.net:6667"
|
Server="irc.freenode.net:6667"
|
||||||
Nick="matterbot"
|
Nick="matterbot"
|
||||||
|
|
||||||
[mattermost]
|
[mattermost]
|
||||||
[mattermost.work]
|
[mattermost.work]
|
||||||
#do not prefix it wit http:// or https://
|
# Do not prefix it with http:// or https://
|
||||||
Server="yourmattermostserver.domain"
|
Server="yourmattermostserver.domain"
|
||||||
Team="yourteam"
|
Team="yourteam"
|
||||||
Login="yourlogin"
|
Login="yourlogin"
|
||||||
@ -44,6 +63,10 @@ in
|
|||||||
channel="off-topic"
|
channel="off-topic"
|
||||||
'';
|
'';
|
||||||
description = ''
|
description = ''
|
||||||
|
WARNING: THIS IS INSECURE, as your password will end up in
|
||||||
|
<filename>/nix/store</filename>, thus publicly readable. Use
|
||||||
|
<literal>services.matterbridge.configPath</literal> instead.
|
||||||
|
|
||||||
The matterbridge configuration file in the TOML file format.
|
The matterbridge configuration file in the TOML file format.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
@ -65,17 +88,18 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkMerge [
|
config = mkIf cfg.enable {
|
||||||
(mkIf cfg.enable {
|
warnings = optional options.services.matterbridge.configFile.isDefined
|
||||||
|
"The option services.matterbridge.configFile is insecure and should be replaced with services.matterbridge.configPath";
|
||||||
|
|
||||||
users.extraUsers = mkIf (cfg.user == "matterbridge") [
|
users.extraUsers = optional (cfg.user == "matterbridge")
|
||||||
{ name = "matterbridge";
|
{ name = "matterbridge";
|
||||||
group = "matterbridge";
|
group = "matterbridge";
|
||||||
} ];
|
};
|
||||||
|
|
||||||
users.extraGroups = mkIf (cfg.group == "matterbridge") [
|
users.extraGroups = optional (cfg.group == "matterbridge")
|
||||||
{ name = "matterbridge";
|
{ name = "matterbridge";
|
||||||
} ];
|
};
|
||||||
|
|
||||||
systemd.services.matterbridge = {
|
systemd.services.matterbridge = {
|
||||||
description = "Matterbridge chat platform bridge";
|
description = "Matterbridge chat platform bridge";
|
||||||
@ -90,7 +114,5 @@ in
|
|||||||
RestartSec = "10";
|
RestartSec = "10";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
};
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user