pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / hardware / bitbox-bridge.nix
at 25.11-pre 2.0 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7let 8 cfg = config.services.bitbox-bridge; 9in 10{ 11 options = { 12 services.bitbox-bridge = { 13 enable = lib.mkEnableOption "Bitbox bridge daemon, for use with Bitbox hardware wallets."; 14 15 package = lib.mkPackageOption pkgs "bitbox-bridge" { }; 16 17 port = lib.mkOption { 18 type = lib.types.port; 19 default = 8178; 20 description = '' 21 Listening port for the bitbox-bridge. 22 ''; 23 }; 24 25 runOnMount = lib.mkEnableOption null // { 26 default = true; 27 description = '' 28 Run bitbox-bridge.service only when hardware wallet is plugged, also registers the systemd device unit. 29 This option is enabled by default to save power, when false, bitbox-bridge service runs all the time instead. 30 ''; 31 }; 32 }; 33 }; 34 35 config = lib.mkIf cfg.enable { 36 environment.systemPackages = [ cfg.package ]; 37 services.udev.packages = 38 [ cfg.package ] 39 ++ lib.optionals (cfg.runOnMount) [ 40 (pkgs.writeTextFile { 41 name = "bitbox-bridge-run-on-mount-udev-rules"; 42 destination = "/etc/udev/rules.d/99-bitbox-bridge-run-on-mount.rules"; 43 text = '' 44 SUBSYSTEM=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2403", MODE="0660", GROUP="bitbox", TAG+="systemd", SYMLINK+="bitbox02", ENV{SYSTEMD_WANTS}="bitbox-bridge.service" 45 ''; 46 }) 47 ]; 48 49 systemd.services.bitbox-bridge = { 50 description = "BitBox Bridge"; 51 wantedBy = [ "multi-user.target" ]; 52 53 bindsTo = lib.optionals (cfg.runOnMount) [ "dev-bitbox02.device" ]; 54 after = [ "network.target" ]; 55 56 serviceConfig = { 57 Type = "simple"; 58 ExecStart = "${cfg.package}/bin/bitbox-bridge -p ${builtins.toString cfg.port}"; 59 User = "bitbox"; 60 }; 61 }; 62 63 users.groups.bitbox = { }; 64 users.users.bitbox = { 65 group = "bitbox"; 66 description = "bitbox-bridge daemon user"; 67 isSystemUser = true; 68 extraGroups = [ "bitbox" ]; 69 }; 70 }; 71}