pyrox.dev
1{ config, stdenv, pkgs, lib, ... }:
2
3with lib;
4
5{
6 options = {
7 services.toxvpn = {
8 enable = mkEnableOption "enable toxvpn running on startup";
9
10 localip = mkOption {
11 type = types.string;
12 default = "10.123.123.1";
13 description = "your ip on the vpn";
14 };
15
16 port = mkOption {
17 type = types.int;
18 default = 33445;
19 description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
20 };
21
22 auto_add_peers = mkOption {
23 type = types.listOf types.string;
24 default = [];
25 example = ''[ "toxid1" "toxid2" ]'';
26 description = "peers to automacally connect to on startup";
27 };
28 };
29 };
30
31 config = mkIf config.services.toxvpn.enable {
32 systemd.services.toxvpn = {
33 description = "toxvpn daemon";
34
35 wantedBy = [ "multi-user.target" ];
36 after = [ "network.target" ];
37
38 preStart = ''
39 mkdir -p /run/toxvpn || true
40 chown toxvpn /run/toxvpn
41 '';
42
43 path = [ pkgs.toxvpn ];
44
45 script = ''
46 exec toxvpn -i ${config.services.toxvpn.localip} -l /run/toxvpn/control -u toxvpn -p ${toString config.services.toxvpn.port} ${lib.concatMapStringsSep " " (x: "-a ${x}") config.services.toxvpn.auto_add_peers}
47 '';
48
49 serviceConfig = {
50 KillMode = "process";
51 Restart = "on-success";
52 Type = "notify";
53 };
54
55 restartIfChanged = false; # Likely to be used for remote admin
56 };
57
58 environment.systemPackages = [ pkgs.toxvpn ];
59
60 users.extraUsers = {
61 toxvpn = {
62 uid = config.ids.uids.toxvpn;
63 home = "/var/lib/toxvpn";
64 createHome = true;
65 };
66 };
67 };
68}