lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions
depot/ops/nixos/lib/erbium.nix

56 lines
1.4 KiB
Nix
Raw Blame History

# SPDX-FileCopyrightText: 2023 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
# TODO: support erbium-conftest, which is in erbium-core.
{ lib, pkgs, rebuilder, config, ... }:
let
cfg = config.services.erbium;
settingsFormat = pkgs.formats.json {};
configFile = settingsFormat.generate "erbium.conf.json" cfg.settings;
in
{
options.services.erbium = {
enable = lib.mkEnableOption "erbium";
package = lib.mkOption {
type = lib.types.package;
};
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = settingsFormat.type;
};
default = {};
description = "Configuration for Erbium";
};
};
config = lib.mkIf cfg.enable {
environment.etc."erbium.conf".source = configFile;
systemd.services.erbium = {
description = "Erbium Network Services";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
restartTriggers = [ configFile ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/erbium /etc/erbium.conf";
Type = "simple";
Restart = "always";
DynamicUser = true;
User = "erbium";
Group = "erbium";
AmbientCapabilities = [
"CAP_NET_RAW"
"CAP_NET_BIND_SERVICE"
];
StateDirectory = "erbium";
RuntimeDirectory = "erbium";
};
};
};
}
Reference in a new issue View git blame Copy permalink