nixos/bitlbee: option to use pam

nixos/modules/services/networking/bitlbee.nix

@@ -7,9 +7,10 @@ let
   cfg = config.services.bitlbee;
   bitlbeeUid = config.ids.uids.bitlbee;
 
-  bitlbeePkg = if cfg.libpurple_plugins == []
+  bitlbeePkg = pkgs.bitlbee.override {
-  then pkgs.bitlbee
+    enableLibPurple = cfg.libpurple_plugins != [];
-  else pkgs.bitlbee.override { enableLibPurple = true; };
+    enablePam = cfg.authBackend == "pam";
+  };
 
   bitlbeeConfig = pkgs.writeText "bitlbee.conf"
     ''
@@ -20,6 +21,7 @@ let
     DaemonInterface = ${cfg.interface}
     DaemonPort = ${toString cfg.portNumber}
     AuthMode = ${cfg.authMode}
+    AuthBackend = ${cfg.authBackend}
     Plugindir = ${pkgs.bitlbee-plugins cfg.plugins}/lib/bitlbee
     ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
     ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
@@ -70,6 +72,16 @@ in
         '';
       };
 
+      authBackend = mkOption {
+        default = "storage";
+        type = types.enum [ "storage" "pam" ];
+        description = ''
+          How users are authenticated
+            storage -- save passwords internally
+            pam -- Linux PAM authentication
+        '';
+      };
+
       authMode = mkOption {
         default = "Open";
         type = types.enum [ "Open" "Closed" "Registered" ];
@@ -147,23 +159,22 @@ in
 
   ###### implementation
 
-  config = mkIf config.services.bitlbee.enable {
+  config =  mkMerge [
-
+    (mkIf config.services.bitlbee.enable {
-    users.users = singleton
+      users.users = singleton {
-      { name = "bitlbee";
+        name = "bitlbee";
         uid = bitlbeeUid;
         description = "BitlBee user";
         home = "/var/lib/bitlbee";
         createHome = true;
       };
 
-    users.groups = singleton
+      users.groups = singleton {
-      { name = "bitlbee";
+        name = "bitlbee";
         gid = config.ids.gids.bitlbee;
       };
 
-    systemd.services.bitlbee =
+      systemd.services.bitlbee = {
-      {
         environment.PURPLE_PLUGIN_PATH = purple_plugin_path;
         description = "BitlBee IRC to other chat networks gateway";
         after = [ "network.target" ];
@@ -174,6 +185,10 @@ in
 
       environment.systemPackages = [ bitlbeePkg ];
 
-  };
+    })
+    (mkIf (config.services.bitlbee.authBackend == "pam") {
+      security.pam.services.bitlbee = {};
+    })
+  ];
 
 }

pkgs/applications/networking/instant-messengers/bitlbee/default.nix

@@ -1,5 +1,7 @@
-{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python,
+{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
-enableLibPurple ? false, pidgin ? null }:
+, enableLibPurple ? false, pidgin ? null
+, enablePam ? false, pam ? null
+}:
 
 with stdenv.lib;
 stdenv.mkDerivation rec {
@@ -13,18 +15,23 @@ stdenv.mkDerivation rec {
   nativeBuildInputs = [ pkgconfig ] ++ optional doCheck check;
 
   buildInputs = [ gnutls glib libotr python ]
-    ++ optional enableLibPurple pidgin;
+    ++ optional enableLibPurple pidgin
+    ++ optional enablePam pam;
 
   configureFlags = [
     "--otr=1"
     "--ssl=gnutls"
     "--pidfile=/var/lib/bitlbee/bitlbee.pid"
-  ]
+  ] ++ optional enableLibPurple "--purple=1"
-  ++ optional enableLibPurple "--purple=1";
+    ++ optional enablePam "--pam=1";
 
   installTargets = [ "install" "install-dev" ];
 
   doCheck = !enableLibPurple; # Checks fail with libpurple for some reason
+  checkPhase = ''
+    # check flags set VERBOSE=y which breaks the build due overriding a command
+    make check
+  '';
 
   enableParallelBuilding = true;