b35e358eb5
Previously the depot argument was provided as config.depot, but the "new way" of doing things (which is more like the args list provided in the rest of the depot) is to provide this as the "depot" NixOS module argument instead. Change-Id: Ib48b1c7c1bdff9c1eb0618c6cbacc22b651f5f98 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2763 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: glittershark <grfn@gws.fyi>
49 lines
1.4 KiB
Nix
49 lines
1.4 KiB
Nix
{ depot, config, lib, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.services.depot.irccat;
|
|
description = "irccat - forward messages to IRC";
|
|
|
|
# irccat expects to read its configuration from the *current
|
|
# directory*, and its configuration contains secrets.
|
|
#
|
|
# To make this work we construct the JSON configuration file and
|
|
# then recursively merge it with an on-disk secret using jq on
|
|
# service launch.
|
|
configJson = pkgs.writeText "irccat.json" (builtins.toJSON cfg.config);
|
|
configMerge = pkgs.writeShellScript "merge-irccat-config" ''
|
|
if [ ! -f "/etc/secrets/irccat.json" ]; then
|
|
echo "irccat secrets file is missing"
|
|
exit 1
|
|
fi
|
|
|
|
# jq's * is the recursive merge operator
|
|
${pkgs.jq}/bin/jq -s '.[0] * .[1]' ${configJson} /etc/secrets/irccat.json \
|
|
> /var/lib/irccat/irccat.json
|
|
'';
|
|
in {
|
|
options.services.depot.irccat = {
|
|
enable = lib.mkEnableOption description;
|
|
|
|
config = lib.mkOption {
|
|
type = lib.types.attrs; # varying value types
|
|
description = "Configuration structure (unchecked!)";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
systemd.services.irccat = {
|
|
inherit description;
|
|
preStart = "${configMerge}";
|
|
script = "${depot.third_party.irccat}/bin/irccat";
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = {
|
|
DynamicUser = true;
|
|
StateDirectory = "irccat";
|
|
WorkingDirectory = "/var/lib/irccat";
|
|
Restart = "always";
|
|
};
|
|
};
|
|
};
|
|
}
|