nixos/modules/services/networking/robustirc-bridge.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / services / networking / robustirc-bridge.nix

at 25.11-pre 1.2 kB view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7
 8with lib;
 9
10let
11  cfg = config.services.robustirc-bridge;
12in
13{
14  options = {
15    services.robustirc-bridge = {
16      enable = mkEnableOption "RobustIRC bridge";
17
18      extraFlags = mkOption {
19        type = types.listOf types.str;
20        default = [ ];
21        description = ''Extra flags passed to the {command}`robustirc-bridge` command. See [RobustIRC Documentation](https://robustirc.net/docs/adminguide.html#_bridge) or {manpage}`robustirc-bridge(1)` for details.'';
22        example = [
23          "-network robustirc.net"
24        ];
25      };
26    };
27  };
28
29  config = mkIf cfg.enable {
30    systemd.services.robustirc-bridge = {
31      description = "RobustIRC bridge";
32      documentation = [
33        "man:robustirc-bridge(1)"
34        "https://robustirc.net/"
35      ];
36      wantedBy = [ "multi-user.target" ];
37      after = [ "network.target" ];
38
39      serviceConfig = {
40        DynamicUser = true;
41        ExecStart = "${pkgs.robustirc-bridge}/bin/robustirc-bridge ${concatStringsSep " " cfg.extraFlags}";
42        Restart = "on-failure";
43
44        # Hardening
45        PrivateDevices = true;
46        ProtectSystem = true;
47        ProtectHome = true;
48        PrivateTmp = true;
49      };
50    };
51  };
52}