yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

mumble: migrate to vars

Browse Source
This commit is contained in:
Jörg Thalheim
2025-04-16 17:48:06 +02:00
parent 1f50ee51df
commit 45ae0920e2
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
clanModules/mumble/default.nix
View File

@@ -6,11 +6,11 @@
}: }:
let let
dir = config.clan.core.settings.directory; dir = config.clan.core.settings.directory;
machineDir = dir + "/machines/"; machineDir = dir + "/vars/per-machine";
machinesFileSet = builtins.readDir machineDir; machinesFileSet = builtins.readDir machineDir;
machines = lib.mapAttrsToList (name: _: name) machinesFileSet; machines = lib.mapAttrsToList (name: _: name) machinesFileSet;
machineJson = builtins.toJSON machines; machineJson = builtins.toJSON machines;
certificateMachinePath = machines: machineDir + "/${machines}" + "/facts/mumble-cert"; certificateMachinePath = machines: machineDir + "/${machines}" + "/mumble/mumble-cert/value";
certificatesUnchecked = builtins.map ( certificatesUnchecked = builtins.map (
machine: machine:
let let
@@ -57,14 +57,14 @@ in
systemd.tmpfiles.settings."murmur" = { systemd.tmpfiles.settings."murmur" = {
"/var/lib/murmur/sslKey" = { "/var/lib/murmur/sslKey" = {
C.argument = config.clan.core.facts.services.mumble.secret.mumble-key.path; C.argument = config.clan.core.vars.generators.mumble.files.mumble-key.path;
Z = { Z = {
mode = "0400"; mode = "0400";
user = "murmur"; user = "murmur";
}; };
}; };
"/var/lib/murmur/sslCert" = { "/var/lib/murmur/sslCert" = {
C.argument = config.clan.core.facts.services.mumble.public.mumble-cert.path; C.argument = config.clan.core.vars.generators.mumble.files.mumble-cert.path;
Z = { Z = {
mode = "0400"; mode = "0400";
user = "murmur"; user = "murmur";
@@ -96,7 +96,6 @@ in
XDG_DATA_HOME=${mumbleCfgDir} XDG_DATA_HOME=${mumbleCfgDir}
XDG_DATA_DIR=${mumbleCfgDir} XDG_DATA_DIR=${mumbleCfgDir}
${populate-channels} --ensure-config '${mumbleCfgPath}' --db-location ${mumbleDatabasePath} ${populate-channels} --ensure-config '${mumbleCfgPath}' --db-location ${mumbleDatabasePath}
echo ${machineCertJson}
${populate-channels} --machines '${machineJson}' --username ${config.clan.core.settings.machine.name} --db-location ${mumbleDatabasePath} ${populate-channels} --machines '${machineJson}' --username ${config.clan.core.settings.machine.name} --db-location ${mumbleDatabasePath}
${populate-channels} --servers '${machineCertJson}' --username ${config.clan.core.settings.machine.name} --db-location ${mumbleDatabasePath} --cert True ${populate-channels} --servers '${machineCertJson}' --username ${config.clan.core.settings.machine.name} --db-location ${mumbleDatabasePath} --cert True
${pkgs.mumble}/bin/mumble --config ${mumbleCfgPath} "$@" ${pkgs.mumble}/bin/mumble --config ${mumbleCfgPath} "$@"
@@ -105,16 +104,17 @@ in
in in
[ mumble ]; [ mumble ];
clan.core.facts.services.mumble = { clan.core.vars.generators.mumble = {
secret.mumble-key = { }; migrateFact = "mumble";
public.mumble-cert = { }; files.mumble-key = { };
generator.path = [ files.mumble-cert.secret = false;
runtimeInputs = [
pkgs.coreutils pkgs.coreutils
pkgs.openssl pkgs.openssl
]; ];
generator.script = '' script = ''
openssl genrsa -out $secrets/mumble-key 2048 openssl genrsa -out "$out/mumble-key" 2048
openssl req -new -x509 -key $secrets/mumble-key -out $facts/mumble-cert openssl req -new -x509 -key "$out/mumble-key" -out "$out/mumble-cert"
''; '';
}; };
}; };