mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-14 09:43:14 +00:00
fedd7cd690
This is slightly more verbose and inconvenient, but it forces you to think about what the wrapper ownership and permissions will be.
65 lines
1.5 KiB
Nix
65 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.weechat;
|
|
in
|
|
|
|
{
|
|
options.services.weechat = {
|
|
enable = mkEnableOption "weechat";
|
|
root = mkOption {
|
|
description = "Weechat state directory.";
|
|
type = types.str;
|
|
default = "/var/lib/weechat";
|
|
};
|
|
sessionName = mkOption {
|
|
description = "Name of the `screen' session for weechat.";
|
|
default = "weechat-screen";
|
|
type = types.str;
|
|
};
|
|
binary = mkOption {
|
|
type = types.path;
|
|
description = "Binary to execute (by default \${weechat}/bin/weechat).";
|
|
example = literalExample ''
|
|
''${pkgs.weechat}/bin/weechat-headless
|
|
'';
|
|
default = "${pkgs.weechat}/bin/weechat";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
users = {
|
|
groups.weechat = {};
|
|
users.weechat = {
|
|
createHome = true;
|
|
group = "weechat";
|
|
home = cfg.root;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
systemd.services.weechat = {
|
|
environment.WEECHAT_HOME = cfg.root;
|
|
serviceConfig = {
|
|
User = "weechat";
|
|
Group = "weechat";
|
|
RemainAfterExit = "yes";
|
|
};
|
|
script = "exec ${config.security.wrapperDir}/screen -Dm -S ${cfg.sessionName} ${cfg.binary}";
|
|
wantedBy = [ "multi-user.target" ];
|
|
wants = [ "network.target" ];
|
|
};
|
|
|
|
security.wrappers.screen =
|
|
{ setuid = true;
|
|
owner = "root";
|
|
group = "root";
|
|
source = "${pkgs.screen}/bin/screen";
|
|
};
|
|
};
|
|
|
|
meta.doc = ./weechat.xml;
|
|
}
|