nixos/modules/services/networking/robustirc-bridge.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / robustirc-bridge.nix

at 23.11-pre 1.2 kB view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.services.robustirc-bridge;
 7in
 8{
 9  options = {
10    services.robustirc-bridge = {
11      enable = mkEnableOption (lib.mdDoc "RobustIRC bridge");
12
13      extraFlags = mkOption {
14        type = types.listOf types.str;
15        default = [];
16        description = lib.mdDoc ''Extra flags passed to the {command}`robustirc-bridge` command. See [RobustIRC Documentation](https://robustirc.net/docs/adminguide.html#_bridge) or robustirc-bridge(1) for details.'';
17        example = [
18          "-network robustirc.net"
19        ];
20      };
21    };
22  };
23
24  config = mkIf cfg.enable {
25    systemd.services.robustirc-bridge = {
26      description = "RobustIRC bridge";
27      documentation = [
28        "man:robustirc-bridge(1)"
29        "https://robustirc.net/"
30      ];
31      wantedBy = [ "multi-user.target" ];
32      after = [ "network.target" ];
33
34      serviceConfig = {
35        DynamicUser = true;
36        ExecStart = "${pkgs.robustirc-bridge}/bin/robustirc-bridge ${concatStringsSep " " cfg.extraFlags}";
37        Restart = "on-failure";
38
39        # Hardening
40        PrivateDevices = true;
41        ProtectSystem = true;
42        ProtectHome = true;
43        PrivateTmp = true;
44      };
45    };
46  };
47}