nixos: only enable spipe when user specifies

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-19 19:34:18 -05:00 · 2014-04-19 19:34:18 -05:00 · b470c93c1e
commit b470c93c1e
parent 33eced411f
1 changed files with 145 additions and 137 deletions
--- a/nixos/modules/services/networking/spiped.nix
+++ b/nixos/modules/services/networking/spiped.nix
@ -7,7 +7,14 @@ let
 in
 {
  options = {
-    services.spiped = mkOption {
+    services.spiped = {
      enable = mkOption {
        type        = types.bool;
        default     = false;
        description = "Enable the spiped service module.";
      };
      config = mkOption {
        type = types.attrsOf (types.submodule (
          {
            options = {
@ -156,12 +163,13 @@ in
        '';
      };
    };
  };
-  config = {
+  config = mkIf cfg.enable {
    assertions = mapAttrsToList (name: c: {
      assertion = (c.encrypt -> !c.decrypt) || (c.decrypt -> c.encrypt);
      message   = "A pipe must either encrypt or decrypt";
-    }) cfg;
+    }) cfg.config;
    users.extraGroups.spiped.gid = config.ids.gids.spiped;
    users.extraUsers.spiped = {
@ -189,7 +197,7 @@ in
      script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/$1.spec`";
    };
-    system.activationScripts.spiped = optionalString (cfg != {})
+    system.activationScripts.spiped = optionalString (cfg.config != {})
      "mkdir -p /var/lib/spiped";
    # Setup spiped config files
@ -207,6 +215,6 @@ in
            (if cfg.disableReresolution then "-R"
              else "-r ${toString cfg.resolveRefresh}")
          ];
-      }) cfg;
+      }) cfg.config;
  };
 }