···
++ optionals (cfg.salt != null) [ "--salt" cfg.salt ]
+
++ optionals (cfg.certDir != null) [ "--tls" cfg.certDir ]
···
description = lib.mdDoc ''
Salt to allow room operator passwords generated by this server
+
instance to still work when the server is restarted. The salt will be
+
readable in the nix store and the processlist. If this is not
+
intended use `saltFile` instead. Mutually exclusive with
+
<option>services.syncplay.saltFile</option>.
+
type = types.nullOr types.path;
+
description = lib.mdDoc ''
+
Path to the file that contains the server salt. This allows room
+
operator passwords generated by this server instance to still work
+
when the server is restarted. `null`, the server doesn't load the
+
salt from a file. Mutually exclusive with
+
<option>services.syncplay.salt</option>.
···
+
type = types.listOf types.str;
+
description = lib.mdDoc ''
+
Additional arguments to be passed to the service.
···
config = mkIf cfg.enable {
+
assertion = cfg.salt == null || cfg.saltFile == null;
+
message = "services.syncplay.salt and services.syncplay.saltFile are mutually exclusive.";
systemd.services.syncplay = {
description = "Syncplay Service";
+
wantedBy = [ "multi-user.target" ];
+
after = [ "network-online.target" ];
+
LoadCredential = lib.optional (cfg.passwordFile != null) "password:${cfg.passwordFile}"
+
++ lib.optional (cfg.saltFile != null) "salt:${cfg.saltFile}";
${lib.optionalString (cfg.passwordFile != null) ''
export SYNCPLAY_PASSWORD=$(cat "''${CREDENTIALS_DIRECTORY}/password")
+
${lib.optionalString (cfg.saltFile != null) ''
+
export SYNCPLAY_SALT=$(cat "''${CREDENTIALS_DIRECTORY}/salt")
exec ${pkgs.syncplay-nogui}/bin/syncplay-server ${escapeShellArgs cmdArgs}
pyrox.dev