nixos/soju: add adminSocket.enable option

This commit is contained in:
Benjamin Lee 2023-10-01 17:35:27 -07:00
parent 4959d7bcd8
commit 5207bb723a
No known key found for this signature in database
GPG Key ID: FB9624E2885D55A4
2 changed files with 15 additions and 1 deletions

View File

@ -485,6 +485,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
- `services.soju` now has the option `adminSocket.enable`. This option defaults to `true`, and creates a unix admin socket at `/run/soju/admin`.
- Gitea 1.21 upgrade has several breaking changes, including:
- Custom themes and other assets that were previously stored in `custom/public/*` now belong in `custom/public/assets/*`
- New instances of Gitea using MySQL now ignore the `[database].CHARSET` config option and always use the `utf8mb4` charset, existing instances should migrate via the `gitea doctor convert` CLI command.

View File

@ -5,7 +5,10 @@ with lib;
let
cfg = config.services.soju;
stateDir = "/var/lib/soju";
listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") cfg.listen;
runtimeDir = "/run/soju";
listen = cfg.listen
++ optional cfg.adminSocket.enable "unix+admin://${runtimeDir}/admin";
listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") listen;
tlsCfg = optionalString (cfg.tlsCertificate != null)
"tls ${cfg.tlsCertificate} ${cfg.tlsCertificateKey}";
logCfg = optionalString cfg.enableMessageLogging
@ -68,6 +71,14 @@ in
description = lib.mdDoc "Whether to enable message logging.";
};
adminSocket.enable = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc ''
Listen for admin connections from sojuctl at /run/soju/admin.
'';
};
httpOrigins = mkOption {
type = types.listOf types.str;
default = [];
@ -119,6 +130,7 @@ in
Restart = "always";
ExecStart = "${cfg.package}/bin/soju -config ${configFile}";
StateDirectory = "soju";
RuntimeDirectory = "soju";
};
};
};