nixos/bitlbee: option to use pam
This commit is contained in:
parent
14cc9a2f0f
commit
d334c1c1d0
|
@ -7,9 +7,10 @@ let
|
|||
cfg = config.services.bitlbee;
|
||||
bitlbeeUid = config.ids.uids.bitlbee;
|
||||
|
||||
bitlbeePkg = if cfg.libpurple_plugins == []
|
||||
then pkgs.bitlbee
|
||||
else pkgs.bitlbee.override { enableLibPurple = true; };
|
||||
bitlbeePkg = pkgs.bitlbee.override {
|
||||
enableLibPurple = cfg.libpurple_plugins != [];
|
||||
enablePam = cfg.authBackend == "pam";
|
||||
};
|
||||
|
||||
bitlbeeConfig = pkgs.writeText "bitlbee.conf"
|
||||
''
|
||||
|
@ -20,6 +21,7 @@ let
|
|||
DaemonInterface = ${cfg.interface}
|
||||
DaemonPort = ${toString cfg.portNumber}
|
||||
AuthMode = ${cfg.authMode}
|
||||
AuthBackend = ${cfg.authBackend}
|
||||
Plugindir = ${pkgs.bitlbee-plugins cfg.plugins}/lib/bitlbee
|
||||
${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
|
||||
${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
|
||||
|
@ -70,6 +72,16 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
authBackend = mkOption {
|
||||
default = "storage";
|
||||
type = types.enum [ "storage" "pam" ];
|
||||
description = ''
|
||||
How users are authenticated
|
||||
storage -- save passwords internally
|
||||
pam -- Linux PAM authentication
|
||||
'';
|
||||
};
|
||||
|
||||
authMode = mkOption {
|
||||
default = "Open";
|
||||
type = types.enum [ "Open" "Closed" "Registered" ];
|
||||
|
@ -147,23 +159,22 @@ in
|
|||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.bitlbee.enable {
|
||||
|
||||
users.users = singleton
|
||||
{ name = "bitlbee";
|
||||
config = mkMerge [
|
||||
(mkIf config.services.bitlbee.enable {
|
||||
users.users = singleton {
|
||||
name = "bitlbee";
|
||||
uid = bitlbeeUid;
|
||||
description = "BitlBee user";
|
||||
home = "/var/lib/bitlbee";
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.groups = singleton
|
||||
{ name = "bitlbee";
|
||||
users.groups = singleton {
|
||||
name = "bitlbee";
|
||||
gid = config.ids.gids.bitlbee;
|
||||
};
|
||||
|
||||
systemd.services.bitlbee =
|
||||
{
|
||||
systemd.services.bitlbee = {
|
||||
environment.PURPLE_PLUGIN_PATH = purple_plugin_path;
|
||||
description = "BitlBee IRC to other chat networks gateway";
|
||||
after = [ "network.target" ];
|
||||
|
@ -172,8 +183,12 @@ in
|
|||
serviceConfig.ExecStart = "${bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}";
|
||||
};
|
||||
|
||||
environment.systemPackages = [ bitlbeePkg ];
|
||||
environment.systemPackages = [ bitlbeePkg ];
|
||||
|
||||
};
|
||||
})
|
||||
(mkIf (config.services.bitlbee.authBackend == "pam") {
|
||||
security.pam.services.bitlbee = {};
|
||||
})
|
||||
];
|
||||
|
||||
}
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python,
|
||||
enableLibPurple ? false, pidgin ? null }:
|
||||
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
|
||||
, enableLibPurple ? false, pidgin ? null
|
||||
, enablePam ? false, pam ? null
|
||||
}:
|
||||
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -13,18 +15,23 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [ pkgconfig ] ++ optional doCheck check;
|
||||
|
||||
buildInputs = [ gnutls glib libotr python ]
|
||||
++ optional enableLibPurple pidgin;
|
||||
++ optional enableLibPurple pidgin
|
||||
++ optional enablePam pam;
|
||||
|
||||
configureFlags = [
|
||||
"--otr=1"
|
||||
"--ssl=gnutls"
|
||||
"--pidfile=/var/lib/bitlbee/bitlbee.pid"
|
||||
]
|
||||
++ optional enableLibPurple "--purple=1";
|
||||
] ++ optional enableLibPurple "--purple=1"
|
||||
++ optional enablePam "--pam=1";
|
||||
|
||||
installTargets = [ "install" "install-dev" ];
|
||||
|
||||
doCheck = !enableLibPurple; # Checks fail with libpurple for some reason
|
||||
checkPhase = ''
|
||||
# check flags set VERBOSE=y which breaks the build due overriding a command
|
||||
make check
|
||||
'';
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
|
Loading…
Reference in New Issue