homu: do not put configuration file in nix

* issue with multiline string values
* slight security problem
This commit is contained in:
Sebastien Bourdeauducq 2019-05-02 13:53:34 +08:00
parent 9d29f4fccc
commit ad2fe47688

View File

@ -2,40 +2,7 @@
with lib;
let
homu = pkgs.callPackage ./pkg.nix {};
toToml = key: value:
let valueString =
if builtins.isString value
then "\"" + (builtins.replaceStrings ["\"" "\\"] ["\\\"" "\\\\"] value) + "\""
else toString value;
in "${key} = ${valueString}\n";
defaultConfig = {
db = {
file = "/var/db/homu/main.db";
};
};
cfg = config.services.homu;
homuConfig = defaultConfig // cfg.config;
configFilter = f:
filterAttrs (key: value: f value) homuConfig;
topLevelConfig =
configFilter (value: ! builtins.isAttrs value);
configSections =
configFilter (value: builtins.isAttrs value);
configFile = builtins.toFile "config.toml" (
builtins.concatStringsSep "" (
(attrsets.mapAttrsToList toToml topLevelConfig) ++
(builtins.concatLists (attrsets.mapAttrsToList
(sectionName: sectionConfig:
[ "[${sectionName}]\n" ] ++
(attrsets.mapAttrsToList toToml sectionConfig)
) configSections)
))
);
dbDir = dirOf homuConfig.db.file;
in
{
@ -45,16 +12,21 @@ in
default = false;
description = "Enable the bot";
};
dbDir = mkOption {
type = types.str;
default = "/var/db/homu";
description = "Path to the database file (use the same path in config.toml)";
};
config = mkOption {
description = "Structured data for config.toml";
type = with types; attrsOf unspecified;
description = "Location of config.toml";
type = types.str;
};
};
config = mkIf cfg.enable {
users.users.homu = {
group = "homu";
home = dbDir;
home = cfg.dbDir;
createHome = true;
};
users.groups.homu = {};
@ -65,7 +37,7 @@ in
after = [ "network.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${homu}/bin/homu -c ${configFile}";
ExecStart = "${homu}/bin/homu -c ${cfg.config}";
Restart = "always";
RestartSec = "5sec";