diff options
| author | Profpatsch <mail@profpatsch.de> | 2020-06-19 02:59:03 +0200 |
|---|---|---|
| committer | Profpatsch <mail@profpatsch.de> | 2020-06-19 02:59:26 +0200 |
| commit | 1ce91198e8692f98425205c3e1d2d4e8ceb41539 (patch) | |
| tree | b01152e21c4a35f61547d6829260ef8d3637a47a | |
| parent | b8a5df7611623e8cec098db41c5ff3b221e0d4f3 (diff) | |
modules/user/profpatsch/services: add bitlbee
Also add the service to legosi so I can use it from the weechat user.
| -rw-r--r-- | machines/profpatsch/legosi.nix | 14 | ||||
| -rw-r--r-- | modules/module-list.nix | 1 | ||||
| -rw-r--r-- | modules/user/profpatsch/services/bitlbee.nix | 89 |
3 files changed, 93 insertions, 11 deletions
diff --git a/machines/profpatsch/legosi.nix b/machines/profpatsch/legosi.nix index 42415029..fd579adb 100644 --- a/machines/profpatsch/legosi.nix +++ b/machines/profpatsch/legosi.nix @@ -49,18 +49,10 @@ in { enable = true; authorizedKeys = [ myKey ]; }; + users.users.weechat.extraGroups = [ "bitlbee" ]; - services.bitlbee = { - enable = true; - authBackend = "storage"; - # TODO: use a unix socket shared between the weechat and bitlbee - # So that I can leave this open and only the weechat can connect. - authMode = "Open"; - hostName = hostname; - interface = "127.0.0.1"; - libpurple_plugins = []; - # documented example file: https://github.com/bitlbee/bitlbee/blob/master/bitlbee.conf - protocols = "jabber"; + vuizvui.services.profpatsch.bitlbee = { + enable = true; }; }; } diff --git a/modules/module-list.nix b/modules/module-list.nix index fa6daf46..c343e3a1 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -35,4 +35,5 @@ ./user/openlab/stackenblocken.nix ./user/profpatsch/programs/scanning.nix ./user/profpatsch/programs/weechat.nix + ./user/profpatsch/services/bitlbee.nix ] diff --git a/modules/user/profpatsch/services/bitlbee.nix b/modules/user/profpatsch/services/bitlbee.nix new file mode 100644 index 00000000..76812ede --- /dev/null +++ b/modules/user/profpatsch/services/bitlbee.nix @@ -0,0 +1,89 @@ +# starts bitlbee and creates a socket in /run/bitlbee.socket +# which accepts one client. +{ config, lib, pkgs, ... }: + +let + cfg = config.vuizvui.services.profpatsch.bitlbee; + bitlbeeUsername = "bitlebee"; + stateDir = "bitlbee"; + + # based on the example config https://github.com/bitlbee/bitlbee/blob/master/bitlbee.conf + bitlbeeConfig = pkgs.writeText "bitlbee.conf" (lib.generators.toINI {} { + settings = { + RunMode = "Inetd"; + User = bitlbeeUsername; + AuthMode = "Open"; + AuthBackend = "storage"; + ConfigDir = "/var/lib" + stateDir; + Protocols = "jabber"; + # is this okay? + CAFile = "/etc/ssl/certs/ca-certificates.crt"; + }; + }); + +in + +{ + + ###### interface + + options = { + + vuizvui.services.profpatsch.bitlbee = { + + enable = lib.mkEnableOption "bitlbee"; + + socketFile = lib.mkOption { + description = '' + Where to put the unix socket. + It will be accessible by users in the `bitlbee` group. + ''; + type = lib.types.str; + default = "/run/bitlbee.socket"; + }; + }; + }; + + ###### implementation + + config = (lib.mkIf cfg.enable { + users.users.bitlbee = { + description = "BitlBee user"; + home = "/var/lib/bitlbee"; + createHome = true; + }; + + users.groups.bitlbee.name = "bitlbee"; + + systemd.services."bitlbee@" = { + description = "BitlBee"; + after = [ "network.target" ]; + serviceConfig = { + User = "bitlbee"; + ExecStart = + "${pkgs.bitlbee}/bin/bitlbee -v -c ${bitlbeeConfig}"; + StateDirectory = "bitlbee"; + # To get the inetd input + StandardInput = "socket"; + }; + }; + + # bitlbee + systemd.sockets.bitlbee = { + description = "bitlbee socket"; + wantedBy = [ "sockets.target" ]; + socketConfig = { + # Run in inetd mode + Accept = true; + # Only one client at a time + MaxConnections = 1; + ListenStream = cfg.socketFile; + SocketUser = "bitlbee"; + SocketGroup = "bitlbee"; + SocketMode = "0660"; + }; + }; + + }); + +} |