feat: package
This commit is contained in:
sinavir
parent
435a85732c
commit
63208ed6a6
4 changed files with 114 additions and 0 deletions
4
default.nix
Normal file
4
default.nix
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
pkgs ? import (import ./npins).nixpkgs { },
|
||||
}:
|
||||
pkgs.callPackage ./package.nix {}
|
||||
82
module.nix
Normal file
82
module.nix
Normal file
|
|
@ -0,0 +1,82 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
cfg = config.services.signal-irc-bridge;
|
||||
mkSystemdRunOptions = opts: lib.escapeShellArgs (lib.mapAttrsToList (k: v: "-p${k}=${builtins.toString v}") opts);
|
||||
commonServiceOptions = {
|
||||
DynamicUser = true;
|
||||
User = "signal-irc-client";
|
||||
StateDirectory = "signal-cli";
|
||||
RuntimeDirectory = "signal-cli";
|
||||
|
||||
PrivateDevices=true;
|
||||
PrivateTmp=true;
|
||||
ProtectControlGroups=true;
|
||||
ProtectKernelTunables=true;
|
||||
RestrictSUIDSGID=true;
|
||||
|
||||
ProtectSystem="strict";
|
||||
ProtectKernelLogs=true;
|
||||
ProtectProc="invisible";
|
||||
PrivateUsers=true;
|
||||
ProtectHome=true;
|
||||
UMask="0077";
|
||||
RuntimeDirectoryMode="0750";
|
||||
StateDirectoryMode="0750";
|
||||
};
|
||||
signal-cli-bridge-wrapper = pkgs.writeShellApplication {
|
||||
name = "signal-cli-bridge-wrapper";
|
||||
text = ''
|
||||
systemd-run ${mkSystemdRunOptions commonServiceOptions} --pty --pipe --unit="signal-cli-bridge" ${lib.getExe pkgs.signal-cli} --config "\''${STATE_DIRECTORY}"/signal-cli-config/ "$@"
|
||||
'';
|
||||
};
|
||||
in {
|
||||
options = {
|
||||
services.signal-irc-bridge = {
|
||||
enable = lib.mkEnableOption "signal-irc bridge";
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.signal-irc-bridge;
|
||||
};
|
||||
configFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = "Path to the toml config file";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
|
||||
nixpkgs.overlays = [
|
||||
(import ./overlay.nix)
|
||||
];
|
||||
|
||||
systemd.services = lib.mkIf cfg.enable {
|
||||
signal-irc-bridge = {
|
||||
environment = {
|
||||
CONFIG_PATH = cfg.configFile;
|
||||
};
|
||||
unitConfig = {
|
||||
BindsTo = [ "signal-irc-bridge-signal-cli.service" ];
|
||||
After = [ "signal-irc-bridge-signal-cli.service" ];
|
||||
};
|
||||
serviceConfig = commonServiceOptions // {
|
||||
ExecStart = "${lib.getExe cfg.package}";
|
||||
Restart = "always";
|
||||
RestartSec= "5s";
|
||||
StateDirectory = "signal-irc";
|
||||
RuntimeDirectory = "signal-irc";
|
||||
};
|
||||
};
|
||||
signal-irc-bridge-signal-cli = {
|
||||
serviceConfig = commonServiceOptions // {
|
||||
ExecStart = "${lib.getExe pkgs.signal-cli} --config \"\${STATE_DIRECTORY}\"/signal-cli-config/ daemon --socket \"\${RUNTIME_DIRECTORY}\"/socket --receive-mode=manual";
|
||||
Restart = "always";
|
||||
RestartSec= "5s";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = lib.mkIf cfg.enable [
|
||||
signal-cli-bridge-wrapper
|
||||
];
|
||||
};
|
||||
}
|
||||
3
overlay.nix
Normal file
3
overlay.nix
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
final: prev: {
|
||||
signal-irc-bridge = final.callPackage ./package.nix {};
|
||||
}
|
||||
25
package.nix
Normal file
25
package.nix
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
{ lib, openssl, pkg-config, rustPlatform }:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "signal-irc-bridge";
|
||||
version = "0.1";
|
||||
|
||||
src =
|
||||
with lib.fileset;
|
||||
toSource {
|
||||
root = ./.;
|
||||
fileset =
|
||||
intersection (gitTracked ./.) (fileFilter (file: !file.hasExt "nix") ./.);
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
openssl
|
||||
];
|
||||
|
||||
cargoHash = "sha256-J7+o6krHuK3CwwOIcDfm0s6F0cmviFQhSHpdKpXsa/g=";
|
||||
}
|
||||
Loading…
Reference in a new issue