48 lines
1.2 KiB
Nix
48 lines
1.2 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
|
|
||
|
|
with lib;
|
||
|
|
|
||
|
|
let
|
||
|
|
cfg = config.services.robustirc-bridge;
|
||
|
|
in
|
||
|
|
{
|
||
|
|
options = {
|
||
|
|
services.robustirc-bridge = {
|
||
|
|
enable = mkEnableOption "RobustIRC bridge";
|
||
|
|
|
||
|
|
extraFlags = mkOption {
|
||
|
|
type = types.listOf types.str;
|
||
|
|
default = [];
|
||
|
|
description = ''Extra flags passed to the <command>robustirc-bridge</command> command. See <link xlink:href="https://robustirc.net/docs/adminguide.html#_bridge">RobustIRC Documentation</link> or robustirc-bridge(1) for details.'';
|
||
|
|
example = [
|
||
|
|
"-network robustirc.net"
|
||
|
|
];
|
||
|
|
};
|
||
|
|
};
|
||
|
|
};
|
||
|
|
|
||
|
|
config = mkIf cfg.enable {
|
||
|
|
systemd.services.robustirc-bridge = {
|
||
|
|
description = "RobustIRC bridge";
|
||
|
|
documentation = [
|
||
|
|
"man:robustirc-bridge(1)"
|
||
|
|
"https://robustirc.net/"
|
||
|
|
];
|
||
|
|
wantedBy = [ "multi-user.target" ];
|
||
|
|
after = [ "network.target" ];
|
||
|
|
|
||
|
|
serviceConfig = {
|
||
|
|
DynamicUser = true;
|
||
|
|
ExecStart = "${pkgs.robustirc-bridge}/bin/robustirc-bridge ${concatStringsSep " " cfg.extraFlags}";
|
||
|
|
Restart = "on-failure";
|
||
|
|
|
||
|
|
# Hardening
|
||
|
|
PrivateDevices = true;
|
||
|
|
ProtectSystem = true;
|
||
|
|
ProtectHome = true;
|
||
|
|
PrivateTmp = true;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
};
|
||
|
|
}
|