nixos/modules/services/networking/syncplay.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / networking / syncplay.nix
at 23.05-pre 2.5 kB view raw
 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.syncplay;
 7
 8  cmdArgs =
 9    [ "--port" cfg.port ]
10    ++ optionals (cfg.salt != null) [ "--salt" cfg.salt ]
11    ++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ];
12
13in
14{
15  options = {
16    services.syncplay = {
17      enable = mkOption {
18        type = types.bool;
19        default = false;
20        description = lib.mdDoc "If enabled, start the Syncplay server.";
21      };
22
23      port = mkOption {
24        type = types.port;
25        default = 8999;
26        description = lib.mdDoc ''
27          TCP port to bind to.
28        '';
29      };
30
31      salt = mkOption {
32        type = types.nullOr types.str;
33        default = null;
34        description = lib.mdDoc ''
35          Salt to allow room operator passwords generated by this server
36          instance to still work when the server is restarted.
37        '';
38      };
39
40      certDir = mkOption {
41        type = types.nullOr types.path;
42        default = null;
43        description = lib.mdDoc ''
44          TLS certificates directory to use for encryption. See
45          <https://github.com/Syncplay/syncplay/wiki/TLS-support>.
46        '';
47      };
48
49      user = mkOption {
50        type = types.str;
51        default = "nobody";
52        description = lib.mdDoc ''
53          User to use when running Syncplay.
54        '';
55      };
56
57      group = mkOption {
58        type = types.str;
59        default = "nogroup";
60        description = lib.mdDoc ''
61          Group to use when running Syncplay.
62        '';
63      };
64
65      passwordFile = mkOption {
66        type = types.nullOr types.path;
67        default = null;
68        description = lib.mdDoc ''
69          Path to the file that contains the server password. If
70          `null`, the server doesn't require a password.
71        '';
72      };
73    };
74  };
75
76  config = mkIf cfg.enable {
77    systemd.services.syncplay = {
78      description = "Syncplay Service";
79      wantedBy    = [ "multi-user.target" ];
80      after       = [ "network-online.target" ];
81
82      serviceConfig = {
83        User = cfg.user;
84        Group = cfg.group;
85        LoadCredential = lib.mkIf (cfg.passwordFile != null) "password:${cfg.passwordFile}";
86      };
87
88      script = ''
89        ${lib.optionalString (cfg.passwordFile != null) ''
90          export SYNCPLAY_PASSWORD=$(cat "''${CREDENTIALS_DIRECTORY}/password")
91        ''}
92        exec ${pkgs.syncplay-nogui}/bin/syncplay-server ${escapeShellArgs cmdArgs}
93      '';
94    };
95  };
96}