BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/ttyd: remove with lib;

Browse source
This commit is contained in:
Peder Bergebakken Sundt 2024-01-31 17:58:59 +01:00
parent 4c70703931
commit 0d13d2a90f
1 changed files with 30 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
nixos/modules/services/web-servers/ttyd.nix
View file

@ -1,11 +1,17 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
cfg = config.services.ttyd; cfg = config.services.ttyd;
inherit (lib)
optionals
types
concatLists
mapAttrsToList
mkOption
;
# Command line arguments for the ttyd daemon # Command line arguments for the ttyd daemon
args = [ "--port" (toString cfg.port) ] args = [ "--port" (toString cfg.port) ]
++ optionals (cfg.socket != null) [ "--interface" cfg.socket ] ++ optionals (cfg.socket != null) [ "--interface" cfg.socket ]
@ -31,39 +37,39 @@ in
options = { options = {
services.ttyd = { services.ttyd = {
enable = mkEnableOption (lib.mdDoc "ttyd daemon"); enable = lib.mkEnableOption ("ttyd daemon");
port = mkOption { port = mkOption {
type = types.port; type = types.port;
default = 7681; default = 7681;
description = lib.mdDoc "Port to listen on (use 0 for random port)"; description = "Port to listen on (use 0 for random port)";
}; };
socket = mkOption { socket = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
example = "/var/run/ttyd.sock"; example = "/var/run/ttyd.sock";
description = lib.mdDoc "UNIX domain socket path to bind."; description = "UNIX domain socket path to bind.";
}; };
interface = mkOption { interface = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
example = "eth0"; example = "eth0";
description = lib.mdDoc "Network interface to bind."; description = "Network interface to bind.";
}; };
username = mkOption { username = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;
description = lib.mdDoc "Username for basic authentication."; description = "Username for basic authentication.";
}; };
passwordFile = mkOption { passwordFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
apply = value: if value == null then null else toString value; apply = value: if value == null then null else toString value;
description = lib.mdDoc '' description = ''
File containing the password to use for basic authentication. File containing the password to use for basic authentication.
For insecurely putting the password in the globally readable store use For insecurely putting the password in the globally readable store use
`pkgs.writeText "ttydpw" "MyPassword"`. `pkgs.writeText "ttydpw" "MyPassword"`.
@ -73,26 +79,26 @@ in
signal = mkOption { signal = mkOption {
type = types.ints.u8; type = types.ints.u8;
default = 1; default = 1;
description = lib.mdDoc "Signal to send to the command on session close."; description = "Signal to send to the command on session close.";
}; };
writeable = mkOption { writeable = mkOption {
type = types.nullOr types.bool; type = types.nullOr types.bool;
default = null; # null causes an eval error, forcing the user to consider attack surface default = null; # null causes an eval error, forcing the user to consider attack surface
example = true; example = true;
description = lib.mdDoc "Allow clients to write to the TTY."; description = "Allow clients to write to the TTY.";
}; };
clientOptions = mkOption { clientOptions = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = {}; default = {};
example = literalExpression '' example = lib.literalExpression ''
{ {
fontSize = "16"; fontSize = "16";
fontFamily = "Fira Code"; fontFamily = "Fira Code";
} }
''; '';
description = lib.mdDoc '' description = ''
Attribute set of client options for xtermjs. Attribute set of client options for xtermjs.
<https://xtermjs.org/docs/api/terminal/interfaces/iterminaloptions/> <https://xtermjs.org/docs/api/terminal/interfaces/iterminaloptions/>
''; '';
@ -101,50 +107,50 @@ in
terminalType = mkOption { terminalType = mkOption {
type = types.str; type = types.str;
default = "xterm-256color"; default = "xterm-256color";
description = lib.mdDoc "Terminal type to report."; description = "Terminal type to report.";
}; };
checkOrigin = mkOption { checkOrigin = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc "Whether to allow a websocket connection from a different origin."; description = "Whether to allow a websocket connection from a different origin.";
}; };
maxClients = mkOption { maxClients = mkOption {
type = types.int; type = types.int;
default = 0; default = 0;
description = lib.mdDoc "Maximum clients to support (0, no limit)"; description = "Maximum clients to support (0, no limit)";
}; };
indexFile = mkOption { indexFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc "Custom index.html path"; description = "Custom index.html path";
}; };
enableIPv6 = mkOption { enableIPv6 = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc "Whether or not to enable IPv6 support."; description = "Whether or not to enable IPv6 support.";
}; };
enableSSL = mkOption { enableSSL = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = lib.mdDoc "Whether or not to enable SSL (https) support."; description = "Whether or not to enable SSL (https) support.";
}; };
certFile = mkOption { certFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc "SSL certificate file path."; description = "SSL certificate file path.";
}; };
keyFile = mkOption { keyFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
apply = value: if value == null then null else toString value; apply = value: if value == null then null else toString value;
description = lib.mdDoc '' description = ''
SSL key file path. SSL key file path.
For insecurely putting the keyFile in the globally readable store use For insecurely putting the keyFile in the globally readable store use
`pkgs.writeText "ttydKeyFile" "SSLKEY"`. `pkgs.writeText "ttydKeyFile" "SSLKEY"`.
@ -154,20 +160,20 @@ in
caFile = mkOption { caFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
description = lib.mdDoc "SSL CA file path for client certificate verification."; description = "SSL CA file path for client certificate verification.";
}; };
logLevel = mkOption { logLevel = mkOption {
type = types.int; type = types.int;
default = 7; default = 7;
description = lib.mdDoc "Set log level."; description = "Set log level.";
}; };
}; };
}; };
###### implementation ###### implementation
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = assertions =
[ { assertion = cfg.enableSSL [ { assertion = cfg.enableSSL
@ -196,7 +202,7 @@ in
script = if cfg.passwordFile != null then '' script = if cfg.passwordFile != null then ''
PASSWORD=$(cat "$CREDENTIALS_DIRECTORY/TTYD_PASSWORD_FILE") PASSWORD=$(cat "$CREDENTIALS_DIRECTORY/TTYD_PASSWORD_FILE")
${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \ ${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \
--credential ${escapeShellArg cfg.username}:"$PASSWORD" \ --credential ${lib.escapeShellArg cfg.username}:"$PASSWORD" \
${pkgs.shadow}/bin/login ${pkgs.shadow}/bin/login
'' ''
else '' else ''