xin/modules/veilid-server.nix

{ config
, lib
, pkgs
, ...
}:
with pkgs; let
  cfg = config.services.veilid-server;
in
{
  options = with lib; {
    services.veilid-server = {
      enable = mkEnableOption "Enable velid-server";
      user = mkOption {
        type = with types; oneOf [ str int ];
        default = "veilid";
        description = "The user veilid-server will run as.";
      };

      group = mkOption {
        type = with types; oneOf [ str int ];
        default = "veilid";
        description = "The group veilid-server will run with.";
      };

      dataDir = mkOption {
        type = types.path;
        default = "/var/lib/veilid";
        description = "Path for veilid-server state directory.";
      };

      package = mkOption {
        type = types.package;
        default = pkgs.veilid;
      };

      openFirewall = mkOption {
        type = types.bool;
        default = false;
        description = "enable veilid-server in the firewall";
      };
    };
  };

  config = lib.mkIf cfg.enable {
    users.groups.${cfg.group} = { };
    users.users.${cfg.user} = {
      inherit (cfg) group;
      description = "veilid-server user";
      isSystemUser = true;
      home = cfg.dataDir;
      createHome = true;
    };

    networking.firewall = lib.mkIf cfg.openFirewall {
      allowedTCPPorts = [ 5150 ];
      allowedUDPPorts = [ 5150 ];
    };

    systemd.services.veilid-server = {
      enable = true;
      description = "veilid-server";
      wants = [ "network-online.target" ];

      environment = {
        HOME = cfg.dataDir;
      };

      serviceConfig = {
        User = cfg.user;
        Group = cfg.group;

        RuntimeDirectory = "veilid";
        StateDirectory = "veilid";
        StateDirectoryMode = "0700";
        CacheDirectory = "veilid";

        ExecStart = "${cfg.package}/bin/veilid-server";
      };
    };
  };
}
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`{ config`
			`, lib`
			`, pkgs`
			`, ...`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`}:`
			`with pkgs; let`
			`cfg = config.services.veilid-server;`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`in`
			`{`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`options = with lib; {`
			`services.veilid-server = {`
			`enable = mkEnableOption "Enable velid-server";`
			`user = mkOption {`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`type = with types; oneOf [ str int ];`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`default = "veilid";`
			`description = "The user veilid-server will run as.";`
			`};`

			`group = mkOption {`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`type = with types; oneOf [ str int ];`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`default = "veilid";`
			`description = "The group veilid-server will run with.";`
			`};`

			`dataDir = mkOption {`
			`type = types.path;`
			`default = "/var/lib/veilid";`
			`description = "Path for veilid-server state directory.";`
			`};`

			`package = mkOption {`
			`type = types.package;`
			`default = pkgs.veilid;`
			`};`

			`openFirewall = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = "enable veilid-server in the firewall";`
			`};`
			`};`
			`};`

			`config = lib.mkIf cfg.enable {`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`users.groups.${cfg.group} = { };`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`users.users.${cfg.user} = {`
fmt 2023-09-03 19:58:14 -06:00			`inherit (cfg) group;`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`description = "veilid-server user";`
			`isSystemUser = true;`
			`home = cfg.dataDir;`
			`createHome = true;`
			`};`

			`networking.firewall = lib.mkIf cfg.openFirewall {`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`allowedTCPPorts = [ 5150 ];`
			`allowedUDPPorts = [ 5150 ];`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00			`};`

			`systemd.services.veilid-server = {`
			`enable = true;`
			`description = "veilid-server";`
many services: wantedBy -> wants 2024-06-14 09:04:26 -06:00			`wants = [ "network-online.target" ];`
modules/veilid-server: init 2023-09-03 19:49:32 -06:00
			`environment = {`
			`HOME = cfg.dataDir;`
			`};`

			`serviceConfig = {`
			`User = cfg.user;`
			`Group = cfg.group;`

			`RuntimeDirectory = "veilid";`
			`StateDirectory = "veilid";`
			`StateDirectoryMode = "0700";`
			`CacheDirectory = "veilid";`

			`ExecStart = "${cfg.package}/bin/veilid-server";`
			`};`
			`};`
			`};`
			`}`