56 lines
1.4 KiB
Nix
56 lines
1.4 KiB
Nix
# SPDX-FileCopyrightText: 2023 Luke Granger-Brown <depot@lukegb.com>
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
# TODO: support erbium-conftest, which is in erbium-core.
|
|
|
|
{ lib, pkgs, rebuilder, config, ... }:
|
|
let
|
|
cfg = config.services.erbium;
|
|
settingsFormat = pkgs.formats.json {};
|
|
|
|
configFile = settingsFormat.generate "erbium.conf.json" cfg.settings;
|
|
in
|
|
{
|
|
options.services.erbium = {
|
|
enable = lib.mkEnableOption "erbium";
|
|
|
|
package = lib.mkOption {
|
|
type = lib.types.package;
|
|
};
|
|
|
|
settings = lib.mkOption {
|
|
type = lib.types.submodule {
|
|
freeformType = settingsFormat.type;
|
|
};
|
|
default = {};
|
|
description = "Configuration for Erbium";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
environment.etc."erbium.conf".source = configFile;
|
|
|
|
systemd.services.erbium = {
|
|
description = "Erbium Network Services";
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
restartTriggers = [ configFile ];
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${cfg.package} /etc/erbium.conf";
|
|
Type = "simple";
|
|
Restart = "always";
|
|
DynamicUser = true;
|
|
User = "erbium";
|
|
Group = "erbium";
|
|
AmbientCapabilities = [
|
|
"CAP_NET_RAW"
|
|
"CAP_NET_BIND_SERVICE"
|
|
];
|
|
StateDirectory = "erbium";
|
|
RuntimeDirectory = "erbium";
|
|
};
|
|
};
|
|
};
|
|
}
|