syndicate-flake/nixos/syndicate-server.nix

{ config, lib, pkgs, ... }:
with lib;

{
  options.services.syndicate-server = {
    enable = mkEnableOption "the Syndicate dataspace server";

    group = mkOption {
      type = types.str;
      default = "wheel";
      example = "users";
      description = "Group account under which the Syndicate server runs.";
    };

    package = mkOption {
      default = pkgs.syndicate-server;
      defaultText = "pkgs.syndicate-server";
      type = types.package;
      description = "The package to use for the Syndicate dataspace server.";
    };

    tcpListeners = mkOption {
      default = [ ];
      example = [{
        address = "0.0.0.0";
        port = 8001;
      }];
      type = with types;
        listOf (submodule {
          options = {
            address = mkOption { type = str; };
            port = mkOption { type = port; };
          };
        });
      description = "TCP ports to listen for connections on.";
    };

    unixListeners = mkOption {
      default = [ "/run/syndicate/ds" ];
      type = types.listOf types.path;
      description = "Sockets to listen for connections on.";
    };

  };

  config = let cfg = config.services.syndicate-server;
  in mkIf cfg.enable {

    assertions = [{
      assertion = cfg.tcpListeners == [ ];
      message =
        "tcpListeners configuration not implemented for Syndicate server";
    }];

    systemd.services.syndicate-server = {
      description = "Syndicate dataspace server";
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        ExecStart = "${cfg.package}/bin/syndicate-server --no-banner ${
            lib.strings.concatMapStrings (l: " --socket ${l}") cfg.unixListeners
          }";
        Group = cfg.group;
        AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
        DynamicUser = true;
        Restart = "always";
        RuntimeDirectory = "syndicate";
      };
    };

  };
}
Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`{ config, lib, pkgs, ... }:`
			`with lib;`

			`{`
			`options.services.syndicate-server = {`
			`enable = mkEnableOption "the Syndicate dataspace server";`

nixos/syndicate-server: pick a reasonable group for the server 2021-11-12 13:29:37 +00:00			`group = mkOption {`
			`type = types.str;`
			`default = "wheel";`
			`example = "users";`
			`description = "Group account under which the Syndicate server runs.";`
			`};`

Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`package = mkOption {`
syndicate-rs-0.15.1 -> syndicate-server-0.24.0 2021-12-05 10:55:52 +00:00			`default = pkgs.syndicate-server;`
			`defaultText = "pkgs.syndicate-server";`
Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`type = types.package;`
			`description = "The package to use for the Syndicate dataspace server.";`
			`};`

			`tcpListeners = mkOption {`
			`default = [ ];`
			`example = [{`
			`address = "0.0.0.0";`
			`port = 8001;`
			`}];`
			`type = with types;`
			`listOf (submodule {`
			`options = {`
			`address = mkOption { type = str; };`
			`port = mkOption { type = port; };`
			`};`
			`});`
			`description = "TCP ports to listen for connections on.";`
			`};`

			`unixListeners = mkOption {`
			`default = [ "/run/syndicate/ds" ];`
			`type = types.listOf types.path;`
			`description = "Sockets to listen for connections on.";`
			`};`

			`};`

Refactor NixOS configuration of Syndicate server 2021-12-05 11:11:24 +00:00			`config = let cfg = config.services.syndicate-server;`
Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`in mkIf cfg.enable {`

Refactor NixOS configuration of Syndicate server 2021-12-05 11:11:24 +00:00			`assertions = [{`
			`assertion = cfg.tcpListeners == [ ];`
			`message =`
			`"tcpListeners configuration not implemented for Syndicate server";`
			`}];`

Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`systemd.services.syndicate-server = {`
			`description = "Syndicate dataspace server";`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
syndicate-rs-0.15.1 -> syndicate-server-0.24.0 2021-12-05 10:55:52 +00:00			`ExecStart = "${cfg.package}/bin/syndicate-server --no-banner ${`
Refactor NixOS configuration of Syndicate server 2021-12-05 11:11:24 +00:00			`lib.strings.concatMapStrings (l: " --socket ${l}") cfg.unixListeners`
			`}";`
nixos/syndicate-server: pick a reasonable group for the server 2021-11-12 13:29:37 +00:00			`Group = cfg.group;`
Add a NixOS module for the Syndicate server 2021-09-03 08:57:05 +00:00			`AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];`
			`DynamicUser = true;`
			`Restart = "always";`
			`RuntimeDirectory = "syndicate";`
			`};`
			`};`

			`};`
			`}`