···
1
+
{ config, lib, pkgs, ... }:
5
+
cfg = config.services.galene;
6
+
defaultstateDir = "/var/lib/galene";
7
+
defaultrecordingsDir = "${cfg.stateDir}/recordings";
8
+
defaultgroupsDir = "${cfg.stateDir}/groups";
9
+
defaultdataDir = "${cfg.stateDir}/data";
14
+
enable = mkEnableOption "Galene Service.";
16
+
stateDir = mkOption {
17
+
default = defaultstateDir;
20
+
The directory where Galene stores its internal state. If left as the default
21
+
value this directory will automatically be created before the Galene server
22
+
starts, otherwise the sysadmin is responsible for ensuring the directory
23
+
exists with appropriate ownership and permissions.
30
+
description = "User account under which galene runs.";
36
+
description = "Group under which galene runs.";
39
+
insecure = mkOption {
43
+
Whether Galene should listen in http or in https. If left as the default
44
+
value (false), Galene needs to be fed a private key and a certificate.
48
+
certFile = mkOption {
49
+
type = types.nullOr types.str;
51
+
example = "/path/to/your/cert.pem";
53
+
Path to the server's certificate. The file is copied at runtime to
54
+
Galene's data directory where it needs to reside.
58
+
keyFile = mkOption {
59
+
type = types.nullOr types.str;
61
+
example = "/path/to/your/key.pem";
63
+
Path to the server's private key. The file is copied at runtime to
64
+
Galene's data directory where it needs to reside.
68
+
httpAddress = mkOption {
71
+
description = "HTTP listen address for galene.";
74
+
httpPort = mkOption {
77
+
description = "HTTP listen port.";
80
+
staticDir = mkOption {
82
+
default = "${cfg.package.static}/static";
83
+
example = "/var/lib/galene/static";
84
+
description = "Web server directory.";
87
+
recordingsDir = mkOption {
89
+
default = defaultrecordingsDir;
90
+
example = "/var/lib/galene/recordings";
91
+
description = "Recordings directory.";
94
+
dataDir = mkOption {
96
+
default = defaultdataDir;
97
+
example = "/var/lib/galene/data";
98
+
description = "Data directory.";
101
+
groupsDir = mkOption {
103
+
default = defaultgroupsDir;
104
+
example = "/var/lib/galene/groups";
105
+
description = "Web server directory.";
108
+
package = mkOption {
109
+
default = pkgs.galene;
110
+
defaultText = "pkgs.galene";
111
+
type = types.package;
113
+
Package for running Galene.
119
+
config = mkIf cfg.enable {
122
+
assertion = cfg.insecure || (cfg.certFile != null && cfg.keyFile != null);
124
+
Galene needs both certFile and keyFile defined for encryption, or
130
+
systemd.services.galene = {
131
+
description = "galene";
132
+
after = [ "network.target" ];
133
+
wantedBy = [ "multi-user.target" ];
136
+
install -m 700 -o '${cfg.user}' -g '${cfg.group}' ${cfg.certFile} ${cfg.dataDir}/cert.pem
137
+
install -m 700 -o '${cfg.user}' -g '${cfg.group}' ${cfg.keyFile} ${cfg.dataDir}/key.pem
140
+
serviceConfig = mkMerge [
145
+
WorkingDirectory = cfg.stateDir;
146
+
ExecStart = ''${cfg.package}/bin/galene \
147
+
${optionalString (cfg.insecure) "-insecure"} \
148
+
-data ${cfg.dataDir} \
149
+
-groups ${cfg.groupsDir} \
150
+
-recordings ${cfg.recordingsDir} \
151
+
-static ${cfg.staticDir}'';
152
+
Restart = "always";
153
+
# Upstream Requirements
154
+
LimitNOFILE = 65536;
155
+
StateDirectory = [ ] ++
156
+
optional (cfg.stateDir == defaultstateDir) "galene" ++
157
+
optional (cfg.dataDir == defaultdataDir) "galene/data" ++
158
+
optional (cfg.groupsDir == defaultgroupsDir) "galene/groups" ++
159
+
optional (cfg.recordingsDir == defaultrecordingsDir) "galene/recordings";
164
+
users.users = mkIf (cfg.user == "galene")
167
+
description = "galene Service";
169
+
isSystemUser = true;
173
+
users.groups = mkIf (cfg.group == "galene") {
177
+
meta.maintainers = with lib.maintainers; [ rgrunbla ];
pyrox.dev