···
{ config, lib, pkgs, ... }:
cfg = config.services.ttyd;
# Command line arguments for the ttyd daemon
args = [ "--port" (toString cfg.port) ]
···
34
-
enable = mkEnableOption (lib.mdDoc "ttyd daemon");
40
+
enable = lib.mkEnableOption ("ttyd daemon");
39
-
description = lib.mdDoc "Port to listen on (use 0 for random port)";
45
+
description = "Port to listen on (use 0 for random port)";
type = types.nullOr types.path;
example = "/var/run/ttyd.sock";
46
-
description = lib.mdDoc "UNIX domain socket path to bind.";
52
+
description = "UNIX domain socket path to bind.";
type = types.nullOr types.str;
53
-
description = lib.mdDoc "Network interface to bind.";
59
+
description = "Network interface to bind.";
type = types.nullOr types.str;
59
-
description = lib.mdDoc "Username for basic authentication.";
65
+
description = "Username for basic authentication.";
passwordFile = mkOption {
type = types.nullOr types.path;
apply = value: if value == null then null else toString value;
66
-
description = lib.mdDoc ''
File containing the password to use for basic authentication.
For insecurely putting the password in the globally readable store use
`pkgs.writeText "ttydpw" "MyPassword"`.
···
76
-
description = lib.mdDoc "Signal to send to the command on session close.";
82
+
description = "Signal to send to the command on session close.";
type = types.nullOr types.bool;
default = null; # null causes an eval error, forcing the user to consider attack surface
83
-
description = lib.mdDoc "Allow clients to write to the TTY.";
89
+
description = "Allow clients to write to the TTY.";
clientOptions = mkOption {
type = types.attrsOf types.str;
89
-
example = literalExpression ''
95
+
example = lib.literalExpression ''
fontFamily = "Fira Code";
95
-
description = lib.mdDoc ''
Attribute set of client options for xtermjs.
<https://xtermjs.org/docs/api/terminal/interfaces/iterminaloptions/>
···
terminalType = mkOption {
default = "xterm-256color";
104
-
description = lib.mdDoc "Terminal type to report.";
110
+
description = "Terminal type to report.";
110
-
description = lib.mdDoc "Whether to allow a websocket connection from a different origin.";
116
+
description = "Whether to allow a websocket connection from a different origin.";
116
-
description = lib.mdDoc "Maximum clients to support (0, no limit)";
122
+
description = "Maximum clients to support (0, no limit)";
type = types.nullOr types.path;
122
-
description = lib.mdDoc "Custom index.html path";
128
+
description = "Custom index.html path";
128
-
description = lib.mdDoc "Whether or not to enable IPv6 support.";
134
+
description = "Whether or not to enable IPv6 support.";
134
-
description = lib.mdDoc "Whether or not to enable SSL (https) support.";
140
+
description = "Whether or not to enable SSL (https) support.";
type = types.nullOr types.path;
140
-
description = lib.mdDoc "SSL certificate file path.";
146
+
description = "SSL certificate file path.";
type = types.nullOr types.path;
apply = value: if value == null then null else toString value;
147
-
description = lib.mdDoc ''
For insecurely putting the keyFile in the globally readable store use
`pkgs.writeText "ttydKeyFile" "SSLKEY"`.
···
type = types.nullOr types.path;
157
-
description = lib.mdDoc "SSL CA file path for client certificate verification.";
163
+
description = "SSL CA file path for client certificate verification.";
163
-
description = lib.mdDoc "Set log level.";
169
+
description = "Set log level.";
170
-
config = mkIf cfg.enable {
176
+
config = lib.mkIf cfg.enable {
[ { assertion = cfg.enableSSL
···
script = if cfg.passwordFile != null then ''
PASSWORD=$(cat "$CREDENTIALS_DIRECTORY/TTYD_PASSWORD_FILE")
${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \
199
-
--credential ${escapeShellArg cfg.username}:"$PASSWORD" \
205
+
--credential ${lib.escapeShellArg cfg.username}:"$PASSWORD" \
pyrox.dev