nixos/modules/services/networking/websockify.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / websockify.nix

at 17.09-beta 1.6 kB view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let cfg = config.services.networking.websockify; in {
 6  options = {
 7    services.networking.websockify = {
 8      enable = mkOption {  
 9        description = "Whether to enable websockify to forward websocket connections to TCP connections.";
10
11        default = false;   
12
13        type = types.bool; 
14      };
15
16      sslCert = mkOption {
17        description = "Path to the SSL certificate.";
18        type = types.path;
19      };
20
21      sslKey = mkOption {
22        description = "Path to the SSL key.";
23        default = cfg.sslCert;
24        defaultText = "config.services.networking.websockify.sslCert";
25        type = types.path;
26      };
27
28      portMap = mkOption {
29        description = "Ports to map by default.";
30        default = {};
31        type = types.attrsOf types.int;
32      };
33    };
34  };
35
36  config = mkIf cfg.enable {
37    systemd.services."websockify@" = {
38      description = "Service to forward websocket connections to TCP connections (from port:to port %I)";
39      script = ''
40        IFS=':' read -a array <<< "$1"
41        ${pkgs.pythonPackages.websockify}/bin/websockify --ssl-only \
42          --cert=${cfg.sslCert} --key=${cfg.sslKey} 0.0.0.0:''${array[0]} 0.0.0.0:''${array[1]}
43      '';
44      scriptArgs = "%i";
45    };
46
47    systemd.targets."default-websockify" = {
48      description = "Target to start all default websockify@ services";
49      unitConfig."X-StopOnReconfiguration" = true;
50      wants = mapAttrsToList (name: value: "websockify@${name}:${toString value}.service") cfg.portMap;
51      wantedBy = [ "multi-user.target" ];
52    };
53  };
54}