Merge pull request #95599 from doronbehar/module/mpd/passwordFile

nixos/mpd: Allow to configure a credentialsFile
2020-09-11 09:11:13 +03:00 · 2020-09-11 09:11:13 +03:00 · 35521e4ea7
commit 35521e4ea7
parent 98a3c77296 b4756fe0c4
1 changed files with 30 additions and 1 deletions
--- a/nixos/modules/services/audio/mpd.nix
+++ b/nixos/modules/services/audio/mpd.nix
@ -11,6 +11,10 @@ let
  cfg = config.services.mpd;

  mpdConf = pkgs.writeText "mpd.conf" ''
+    # This file was automatically generated by NixOS. Edit mpd's configuration
+    # via NixOS' configuration.nix, as this file will be rewritten upon mpd's
+    # restart.
+
    music_directory     "${cfg.musicDirectory}"
    playlist_directory  "${cfg.playlistDirectory}"
    ${lib.optionalString (cfg.dbFile != null) ''
@ -140,6 +144,18 @@ in {
        '';
      };

+      credentialsFile = mkOption {
+        type = types.path;
+        description = ''
+          Path to a file to be merged with the settings during the service startup.
+          Useful to merge a file which is better kept out of the Nix store
+          because it contains sensible data like MPD's password. Example may look like this:
+          <literal>password "myMpdPassword@read,add,control,admin"</literal>
+        '';
+        default = "/dev/null";
+        example = "/var/lib/secrets/mpd.conf";
+      };
+
      fluidsynth = mkOption {
        type = types.bool;
        default = false;
@ -181,7 +197,12 @@ in {

      serviceConfig = {
        User = "${cfg.user}";
-        ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon ${mpdConf}";
+        ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon /etc/mpd.conf";
+        ExecStartPre = pkgs.writeScript "mpd-start-pre" ''
+          #!${pkgs.runtimeShell}
+          set -euo pipefail
+          cat ${mpdConf} ${cfg.credentialsFile} > /etc/mpd.conf
+        '';
        Type = "notify";
        LimitRTPRIO = 50;
        LimitRTTIME = "infinity";
@ -195,6 +216,14 @@ in {
        Restart = "always";
      };
    };
+    environment.etc."mpd.conf" = {
+      mode = "0640";
+      group = cfg.group;
+      user = cfg.user;
+      # To be modified by the service' ExecStartPre
+      text = ''
+      '';
+    };

    users.users = optionalAttrs (cfg.user == name) {
      ${name} = {