diff options
author | Pascal Wittmann <mail@pascal-wittmann.de> | 2024-04-17 11:17:23 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-17 11:17:23 +0200 |
commit | 6ae4216336db2ac4682b2110a6a98584023d7278 (patch) | |
tree | 0b15351ef7373081d73e8f5d51ae65bf56f25168 | |
parent | 7bb0d5b6bbd7add06c6ebef74a3a8f206ea25a0e (diff) | |
parent | c2c632ff310bc090e5763fc4508edd0012ddc80a (diff) |
Merge pull request #303890 from oluceps/ss-module
nixos/shadowsocks: ensure password be set
-rw-r--r-- | nixos/modules/services/networking/shadowsocks.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/nixos/modules/services/networking/shadowsocks.nix b/nixos/modules/services/networking/shadowsocks.nix index 84d7ece075fef..2f6f40f2b0f60 100644 --- a/nixos/modules/services/networking/shadowsocks.nix +++ b/nixos/modules/services/networking/shadowsocks.nix @@ -136,10 +136,16 @@ in ###### implementation config = mkIf cfg.enable { - assertions = singleton - { assertion = cfg.password == null || cfg.passwordFile == null; - message = "Cannot use both password and passwordFile for shadowsocks-libev"; - }; + assertions = [ + { + # xor, make sure either password or passwordFile be set. + # shadowsocks-libev not support plain/none encryption method + # which indicated that password must set. + assertion = let noPasswd = cfg.password == null; noPasswdFile = cfg.passwordFile == null; + in (noPasswd && !noPasswdFile) || (!noPasswd && noPasswdFile); + message = "Option `password` or `passwordFile` must be set and cannot be set simultaneously"; + } + ]; systemd.services.shadowsocks-libev = { description = "shadowsocks-libev Daemon"; |