nixpkgs/nixos/modules/services/networking/websockify.nix

{ config, lib, pkgs, ... }:

with lib;

let cfg = config.services.networking.websockify; in {
  options = {
    services.networking.websockify = {
      enable = mkOption {
        description = "Whether to enable websockify to forward websocket connections to TCP connections.";

        default = false;

        type = types.bool;
      };

      sslCert = mkOption {
        description = "Path to the SSL certificate.";
        type = types.path;
      };

      sslKey = mkOption {
        description = "Path to the SSL key.";
        default = cfg.sslCert;
        defaultText = "config.services.networking.websockify.sslCert";
        type = types.path;
      };

      portMap = mkOption {
        description = "Ports to map by default.";
        default = {};
        type = types.attrsOf types.int;
      };
    };
  };

  config = mkIf cfg.enable {
    systemd.services."websockify@" = {
      description = "Service to forward websocket connections to TCP connections (from port:to port %I)";
      script = ''
        IFS=':' read -a array <<< "$1"
        ${pkgs.pythonPackages.websockify}/bin/websockify --ssl-only \
          --cert=${cfg.sslCert} --key=${cfg.sslKey} 0.0.0.0:''${array[0]} 0.0.0.0:''${array[1]}
      '';
      scriptArgs = "%i";
    };

    systemd.targets.default-websockify = {
      description = "Target to start all default websockify@ services";
      unitConfig.X-StopOnReconfiguration = true;
      wants = mapAttrsToList (name: value: "websockify@${name}:${toString value}.service") cfg.portMap;
      wantedBy = [ "multi-user.target" ];
    };
  };
}
Rewrite ‘with pkgs.lib’ -> ‘with lib’ Using pkgs.lib on the spine of module evaluation is problematic because the pkgs argument depends on the result of module evaluation. To prevent an infinite recursion, pkgs and some of the modules are evaluated twice, which is inefficient. Using ‘with lib’ prevents this problem. 2014-04-14 16:26:48 +02:00			`{ config, lib, pkgs, ... }:`
Add websockify service 2013-02-14 21:50:41 -05:00
Rewrite ‘with pkgs.lib’ -> ‘with lib’ Using pkgs.lib on the spine of module evaluation is problematic because the pkgs argument depends on the result of module evaluation. To prevent an infinite recursion, pkgs and some of the modules are evaluated twice, which is inefficient. Using ‘with lib’ prevents this problem. 2014-04-14 16:26:48 +02:00			`with lib;`
Add websockify service 2013-02-14 21:50:41 -05:00
			`let cfg = config.services.networking.websockify; in {`
			`options = {`
			`services.networking.websockify = {`
nixos/modules: remove trailing whitespace This leads to ci failure otherwise if the file gets changed. git-blame can ignore whitespace changes. 2020-08-07 14:43:58 +01:00			`enable = mkOption {`
Websockify: End descriptions with a period. 2013-02-18 11:51:33 -05:00			`description = "Whether to enable websockify to forward websocket connections to TCP connections.";`
Add websockify service 2013-02-14 21:50:41 -05:00
nixos/modules: remove trailing whitespace This leads to ci failure otherwise if the file gets changed. git-blame can ignore whitespace changes. 2020-08-07 14:43:58 +01:00			`default = false;`
Add websockify service 2013-02-14 21:50:41 -05:00
nixos/modules: remove trailing whitespace This leads to ci failure otherwise if the file gets changed. git-blame can ignore whitespace changes. 2020-08-07 14:43:58 +01:00			`type = types.bool;`
Add websockify service 2013-02-14 21:50:41 -05:00			`};`

			`sslCert = mkOption {`
Websockify: End descriptions with a period. 2013-02-18 11:51:33 -05:00			`description = "Path to the SSL certificate.";`
Add websockify service 2013-02-14 21:50:41 -05:00			`type = types.path;`
			`};`

			`sslKey = mkOption {`
Websockify: End descriptions with a period. 2013-02-18 11:51:33 -05:00			`description = "Path to the SSL key.";`
Add websockify service 2013-02-14 21:50:41 -05:00			`default = cfg.sslCert;`
Fix manual build 2013-02-15 14:36:20 -05:00			`defaultText = "config.services.networking.websockify.sslCert";`
Add websockify service 2013-02-14 21:50:41 -05:00			`type = types.path;`
			`};`

			`portMap = mkOption {`
Websockify: End descriptions with a period. 2013-02-18 11:51:33 -05:00			`description = "Ports to map by default.";`
Add websockify service 2013-02-14 21:50:41 -05:00			`default = {};`
			`type = types.attrsOf types.int;`
			`};`
			`};`
			`};`

			`config = mkIf cfg.enable {`
			`systemd.services."websockify@" = {`
websockify: Add unit descriptions 2013-02-18 11:55:10 -05:00			`description = "Service to forward websocket connections to TCP connections (from port:to port %I)";`
Add websockify service 2013-02-14 21:50:41 -05:00			`script = ''`
			`IFS=':' read -a array <<< "$1"`
			`${pkgs.pythonPackages.websockify}/bin/websockify --ssl-only \`
			`--cert=${cfg.sslCert} --key=${cfg.sslKey} 0.0.0.0:''${array[0]} 0.0.0.0:''${array[1]}`
			`'';`
			`scriptArgs = "%i";`
			`};`

treewide: remove redundant quotes 2019-08-13 21:52:01 +00:00			`systemd.targets.default-websockify = {`
websockify: Add unit descriptions 2013-02-18 11:55:10 -05:00			`description = "Target to start all default websockify@ services";`
treewide: remove redundant quotes 2019-08-13 21:52:01 +00:00			`unitConfig.X-StopOnReconfiguration = true;`
Add websockify service 2013-02-14 21:50:41 -05:00			`wants = mapAttrsToList (name: value: "websockify@${name}:${toString value}.service") cfg.portMap;`
			`wantedBy = [ "multi-user.target" ];`
			`};`
			`};`
			`}`