018573b757
Previously you either had to set the setuid bit yourself or workaround `isSystemUser = true` (for a loginable shell) to access the weechat screen. `programs.screen` shouldn't do this by default to avoid taking too much assumptions about the setup, however `services.weechat` explicitly requires tihs. See #45728
59 lines
1.4 KiB
Nix
59 lines
1.4 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.weechat;
|
|
in
|
|
|
|
{
|
|
options.services.weechat = {
|
|
enable = mkEnableOption "weechat";
|
|
root = mkOption {
|
|
description = "Weechat state directory.";
|
|
type = types.str;
|
|
default = "/var/lib/weechat";
|
|
};
|
|
sessionName = mkOption {
|
|
description = "Name of the `screen' session for weechat.";
|
|
default = "weechat-screen";
|
|
type = types.str;
|
|
};
|
|
binary = mkOption {
|
|
description = "Binary to execute (by default \${weechat}/bin/weechat).";
|
|
example = literalExample ''
|
|
''${pkgs.weechat}/bin/weechat-headless
|
|
'';
|
|
default = "${pkgs.weechat}/bin/weechat";
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
users = {
|
|
groups.weechat = {};
|
|
users.weechat = {
|
|
createHome = true;
|
|
group = "weechat";
|
|
home = cfg.root;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
systemd.services.weechat = {
|
|
environment.WEECHAT_HOME = cfg.root;
|
|
serviceConfig = {
|
|
User = "weechat";
|
|
Group = "weechat";
|
|
RemainAfterExit = "yes";
|
|
};
|
|
script = "exec ${config.security.wrapperDir}/screen -Dm -S ${cfg.sessionName} ${cfg.binary}";
|
|
wantedBy = [ "multi-user.target" ];
|
|
wants = [ "network.target" ];
|
|
};
|
|
|
|
security.wrappers.screen.source = "${pkgs.screen}/bin/screen";
|
|
};
|
|
|
|
meta.doc = ./weechat.xml;
|
|
}
|