nixos/iodine: passwordFile option #24288

2024-09-22 05:19:00 +02:00 · 2018-03-27 22:42:37 +03:00 · 2018-03-27 22:42:37 +03:00 · 276d10dae6
parent 16c5866cec
commit 276d10dae6
1 changed files with 33 additions and 5 deletions
--- a/nixos/modules/services/networking/iodine.nix
+++ b/nixos/modules/services/networking/iodine.nix
@ -32,7 +32,7 @@ in
          foo = {
            server = "tunnel.mdomain.com";
            relay = "8.8.8.8";
-            extraConfig = "-P mysecurepassword";
+            extraConfig = "-v";
          }
        }
        '';
@ -57,7 +57,13 @@ in
              type = types.str;
              default = "";
              description = "Additional command line parameters";
-              example = "-P mysecurepassword -l 192.168.1.10 -p 23";
+              example = "-l 192.168.1.10 -p 23";
+            };
+
+            passwordFile = mkOption {
+              type = types.str;
+              default = "";
+              description = "File that containts password";
            };
          };
        }));
@ -88,7 +94,13 @@ in
          type = types.str;
          default = "";
          description = "Additional command line parameters";
-          example = "-P mysecurepassword -l 192.168.1.10 -p 23";
+          example = "-l 192.168.1.10 -p 23";
+        };
+
+        passwordFile = mkOption {
+          type = types.str;
+          default = "";
+          description = "File that containts password";
        };
      };

@ -108,10 +120,18 @@ in
        description = "iodine client - ${name}";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
+        preStart = ''
+          cat > /run/iodine/${name}-script << EOF
+            #!/bin/sh
+            ${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${optionalString (cfg.passwordFile != "") "-P $(cat \"${cfg.passwordFile}\")"} ${cfg.relay} ${cfg.server}
+          EOF
+          chmod 700 /run/iodine/${name}-script
+        '';
+        script = "/run/iodine/${name}-script";
        serviceConfig = {
          RestartSec = "30s";
          Restart = "always";
-          ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}";
+          RuntimeDirectory = [ "iodine" ];
        };
      };
    in
@ -124,7 +144,15 @@ in
        description = "iodine, ip over dns server daemon";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
-        serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}";
+        preStart = ''
+          cat > /run/iodined/script << EOF
+            #!/bin/sh
+            ${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${optionalString (cfg.passwordFile != "") "-P $(cat \"${cfg.passwordFile}\")"} ${cfg.server.ip} ${cfg.server.domain}
+          EOF
+          chmod 700 /run/iodined/script
+        '';
+        script = "/run/iodined/script";
+        serviceConfig.RuntimeDirectory = [ "iodined" ];
      };
    };