diff options
| author | sefidel <contact@sefidel.net> | 2024-02-11 02:11:21 +0900 |
|---|---|---|
| committer | sefidel <contact@sefidel.net> | 2024-02-11 02:15:33 +0900 |
| commit | f4d8ab880a58e00af5a7fcda112baa7de2f8f0df (patch) | |
| tree | a93467f9cdae84f38e00c95a62464709fa222b82 /modules/services/soju.nix | |
| parent | 955671dc0751f320d22ca5cfd2b0a2eb60dd8a99 (diff) | |
| download | infra-f4d8ab880a58e00af5a7fcda112baa7de2f8f0df.tar.gz infra-f4d8ab880a58e00af5a7fcda112baa7de2f8f0df.zip | |
feat(project)!: support nixos-rebuild and hydra
Diffstat (limited to 'modules/services/soju.nix')
| -rw-r--r-- | modules/services/soju.nix | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/modules/services/soju.nix b/modules/services/soju.nix deleted file mode 100644 index b2f4faf..0000000 --- a/modules/services/soju.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ config, lib, ... }: - -with lib; -let - cfg = config.modules.services.soju; -in -{ - disabledModules = [ - "services/networking/soju.nix" - ]; - - imports = [ - ../../overlays/soju-module.nix - ]; - - options.modules.services.soju = { - enable = mkEnableOption "soju bouncer"; - - hostName = mkOption { type = types.str; default = config.networking.hostName; }; - port = mkOption { type = types.port; default = 6697; }; - tls = { - enable = mkEnableOption "enable TLS encryption"; - acmeHost = mkOption { type = types.str; }; - }; - }; - - config = mkIf cfg.enable { - services.soju = { - enable = true; - extraGroups = [ "acme" ]; - hostName = cfg.hostName; - listen = [ ":${toString cfg.port}" ]; - } // optionalAttrs cfg.tls.enable { - tlsCertificate = "${config.security.acme.certs.${cfg.tls.acmeHost}.directory}/cert.pem"; - tlsCertificateKey = "${config.security.acme.certs.${cfg.tls.acmeHost}.directory}/key.pem"; - }; - - systemd.services.soju = { - after = [ "acme-finished-${cfg.tls.acmeHost}.target" ]; - }; - - networking.firewall.allowedTCPPorts = [ cfg.port ]; - - modules.persistence.directories = [ - "/var/lib/private/soju" - ]; - }; -} |