diff options
| author | Karel Kočí <cynerd@email.cz> | 2022-04-09 10:17:34 +0200 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2022-04-09 10:17:34 +0200 |
| commit | bd9812fab0daea5f0911047a70494dc25089ac79 (patch) | |
| tree | a96d9955b6aee8c5dcc435c551a5c2c724dd945e /nixos/modules/sentinel-minipot.nix | |
| download | nixsentinel-master.tar.gz nixsentinel-master.tar.bz2 nixsentinel-master.zip | |
This was taken from nixturris.
Diffstat (limited to 'nixos/modules/sentinel-minipot.nix')
| -rw-r--r-- | nixos/modules/sentinel-minipot.nix | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/nixos/modules/sentinel-minipot.nix b/nixos/modules/sentinel-minipot.nix new file mode 100644 index 0000000..8dcf370 --- /dev/null +++ b/nixos/modules/sentinel-minipot.nix @@ -0,0 +1,72 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cnf = config.sentinel.minipot; + inherit (pkgs) sentinel-minipot; + + minipotOpts = { name, port }: { + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable the Turris Sentinel ${name} Minipot. + The services.sentinel.enable and service.sentinel.minipot.enable have to be enabled as well. + ''; + }; + port = mkOption { + type = types.port; + default = port; + description = "The port ${name} minipot should bind to."; + }; + }; + +in { + + imports = [ ./sentinel.nix ]; + + options = { + services.sentinel.minipot = { + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable the Turris Sentinel Minipot system. + The services.sentinel.enable has to be enabled as well. + ''; + }; + + http = minipotOpts { name = "HTTP"; port = 8033; }; + ftp = minipotOpts { name = "FTP"; port = 2133; }; + smtp = minipotOpts { name = "SMTP"; port = 5873; }; + telnet = minipotOpts { name = "Telnet"; port = 2333; }; + }; + }; + + + config = mkIf (config.services.sentinel.enable && cnf.enable) { + assertions = [ + { + assertion = cnf.http.enable || cnf.ftp.enable || cnf.smtp.enable || cnf.telnet.enable; + message = "Sentinel minipot requires at least one of the protocols to be enabled"; + } + ]; + + environment.systemPackages = [ sentinel-minipot ]; + + systemd.services.sentinel-minipot = { + description = "Turris Sentinel Minipot"; + wantedBy = [ "multi-user.target" ]; + path = [ sentinel-minipot ]; + serviceConfig.ExecStart = "${sentinel-minipot}/bin/sentinel-minipot" + + optionalString cnf.http.enable " --http=${cnf.http.port}" + + optionalString cnf.ftp.enable " --ftp=${cnf.ftp.port}" + + optionalString cnf.smtp.enable " --smtp=${cnf.smtp.port}" + + optionalString cnf.telnet.enable " --telnet=${cnf.telnet.port}"; + }; + + }; + +} |