2022-02-07 14:31:37 +08:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
afws = pkgs.callPackage ./afws { inherit pkgs; };
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options.services.afws = {
|
|
|
|
enable = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
|
|
|
description = "Enable AFWS server";
|
|
|
|
};
|
2024-11-22 15:34:23 +08:00
|
|
|
logFile = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "/var/lib/afws/logs/afws.log";
|
|
|
|
description = "Path to the log file";
|
|
|
|
};
|
|
|
|
logBackupCount = mkOption {
|
|
|
|
type = types.int;
|
|
|
|
default = 30;
|
|
|
|
description = "Number of daily log files to keep";
|
|
|
|
};
|
2022-02-07 14:31:37 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf config.services.afws.enable {
|
|
|
|
systemd.services.afws = {
|
|
|
|
description = "AFWS server";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
2024-11-22 15:34:23 +08:00
|
|
|
preStart = ''
|
|
|
|
mkdir -p "$(dirname ${config.services.afws.logFile})"
|
|
|
|
chown afws:afws "$(dirname ${config.services.afws.logFile})"
|
|
|
|
'';
|
2022-02-07 14:31:37 +08:00
|
|
|
serviceConfig = {
|
|
|
|
User = "afws";
|
|
|
|
Group = "afws";
|
2024-11-22 15:34:23 +08:00
|
|
|
ExecStart = ''
|
|
|
|
${afws}/bin/afws_server \
|
|
|
|
--log-file ${config.services.afws.logFile} \
|
|
|
|
--log-backup-count ${toString config.services.afws.logBackupCount}
|
|
|
|
'';
|
2023-04-08 17:49:03 +08:00
|
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
|
2022-02-07 14:31:37 +08:00
|
|
|
};
|
2022-05-26 13:05:34 +08:00
|
|
|
path = [ pkgs.nix pkgs.git ];
|
2022-02-07 14:31:37 +08:00
|
|
|
};
|
|
|
|
|
2023-04-08 17:49:03 +08:00
|
|
|
security.acme.certs."afws.m-labs.hk".postRun =
|
|
|
|
''
|
|
|
|
mkdir -p /var/lib/afws/cert
|
|
|
|
cp cert.pem /var/lib/afws/cert
|
|
|
|
cp key.pem /var/lib/afws/cert
|
|
|
|
chown -R afws:afws /var/lib/afws/cert
|
|
|
|
'';
|
|
|
|
security.acme.certs."afws.m-labs.hk".reloadServices = [ "afws.service" ];
|
|
|
|
|
2022-02-07 14:31:37 +08:00
|
|
|
users.users.afws = {
|
|
|
|
name = "afws";
|
|
|
|
group = "afws";
|
|
|
|
description = "AFWS server user";
|
|
|
|
isSystemUser = true;
|
|
|
|
createHome = false;
|
|
|
|
home = "/var/lib/afws";
|
|
|
|
useDefaultShell = true;
|
|
|
|
};
|
|
|
|
users.extraGroups.afws = {};
|
|
|
|
};
|
|
|
|
}
|