nixos/modules/services/misc/pykms.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / misc / pykms.nix
at 25.11-pre 2.8 kB view raw
  1{
  2  config,
  3  lib,
  4  pkgs,
  5  ...
  6}:
  7let
  8  cfg = config.services.pykms;
  9  libDir = "/var/lib/pykms";
 10
 11in
 12{
 13  meta.maintainers = with lib.maintainers; [ peterhoeg ];
 14
 15  imports = [
 16    (lib.mkRemovedOptionModule [ "services" "pykms" "verbose" ] "Use services.pykms.logLevel instead")
 17  ];
 18
 19  options = {
 20    services.pykms = {
 21      enable = lib.mkOption {
 22        type = lib.types.bool;
 23        default = false;
 24        description = "Whether to enable the PyKMS service.";
 25      };
 26
 27      package = lib.mkPackageOption pkgs "pykms" { };
 28
 29      listenAddress = lib.mkOption {
 30        type = lib.types.str;
 31        default = "0.0.0.0";
 32        example = "::";
 33        description = "The IP address on which to listen.";
 34      };
 35
 36      port = lib.mkOption {
 37        type = lib.types.port;
 38        default = 1688;
 39        description = "The port on which to listen.";
 40      };
 41
 42      openFirewallPort = lib.mkOption {
 43        type = lib.types.bool;
 44        default = false;
 45        description = "Whether the listening port should be opened automatically.";
 46      };
 47
 48      memoryLimit = lib.mkOption {
 49        type = lib.types.str;
 50        default = "64M";
 51        description = "How much memory to use at most.";
 52      };
 53
 54      logLevel = lib.mkOption {
 55        type = lib.types.enum [
 56          "CRITICAL"
 57          "ERROR"
 58          "WARNING"
 59          "INFO"
 60          "DEBUG"
 61          "MININFO"
 62        ];
 63        default = "INFO";
 64        description = "How much to log";
 65      };
 66
 67      extraArgs = lib.mkOption {
 68        type = lib.types.listOf lib.types.str;
 69        default = [ ];
 70        description = "Additional arguments";
 71      };
 72    };
 73  };
 74
 75  config = lib.mkIf cfg.enable {
 76    networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewallPort [ cfg.port ];
 77
 78    systemd.services.pykms = {
 79      description = "Python KMS";
 80      after = [ "network.target" ];
 81      wantedBy = [ "multi-user.target" ];
 82      # python programs with DynamicUser = true require HOME to be set
 83      environment.HOME = libDir;
 84      serviceConfig = {
 85        DynamicUser = true;
 86        StateDirectory = baseNameOf libDir;
 87        ExecStartPre = "${lib.getBin cfg.package}/libexec/create_pykms_db.sh ${libDir}/clients.db";
 88        ExecStart = lib.concatStringsSep " " (
 89          [
 90            "${lib.getBin cfg.package}/bin/server"
 91            "--logfile=STDOUT"
 92            "--loglevel=${cfg.logLevel}"
 93            "--sqlite=${libDir}/clients.db"
 94          ]
 95          ++ cfg.extraArgs
 96          ++ [
 97            cfg.listenAddress
 98            (toString cfg.port)
 99          ]
100        );
101        ProtectHome = "tmpfs";
102        WorkingDirectory = libDir;
103        SyslogIdentifier = "pykms";
104        Restart = "on-failure";
105        MemoryMax = cfg.memoryLimit;
106      };
107    };
108  };
109}