82 lines
1.8 KiB
Nix
82 lines
1.8 KiB
Nix
{ config, pkgs, ... }:
|
|
let
|
|
user = "tang";
|
|
group = "tang";
|
|
in {
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
jose
|
|
tang
|
|
];
|
|
|
|
systemd.paths.tangd-update = {
|
|
pathConfig = {
|
|
PathChanged = "/var/db/tang";
|
|
MakeDirectory = true;
|
|
DirectoryMode = "0700";
|
|
};
|
|
};
|
|
|
|
systemd.services.tangd-update = {
|
|
description = "Tang update";
|
|
path = [ pkgs.jose ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
StandardError = "journal";
|
|
ExecStart = "${pkgs.tang}/libexec/tangd-update /var/db/tang /var/cache/tang";
|
|
};
|
|
};
|
|
|
|
systemd.services.tangd-keygen = {
|
|
description = "Tang keygen";
|
|
documentation = [ "man:tang(8)" ];
|
|
path = [ pkgs.jose ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
StandardError = "journal";
|
|
ExecStart = "${pkgs.tang}/libexec/tangd-keygen /var/db/tang";
|
|
};
|
|
};
|
|
|
|
systemd.services."tangd@" = {
|
|
description = "Tang Server";
|
|
documentation = [ "man:tang(8)" ];
|
|
path = [ pkgs.jose ];
|
|
serviceConfig = {
|
|
|
|
StandardInput = "socket";
|
|
StandardOutput = "socket";
|
|
StandardError = "journal";
|
|
ExecStart = "${pkgs.tang}/libexec/tangd /var/cache/tang";
|
|
};
|
|
};
|
|
|
|
systemd.sockets.tangd = {
|
|
description = "Tang Server socket";
|
|
documentation = [ "man:tang(8)" ];
|
|
requires = [
|
|
"tangd-keygen.service"
|
|
"tangd-update.service"
|
|
"tangd-update.path"
|
|
];
|
|
after = [
|
|
"tangd-keygen.service"
|
|
"tangd-update.service"
|
|
];
|
|
wantedBy = [ "multi-user.target" ];
|
|
socketConfig = {
|
|
ListenStream = 8000;
|
|
Accept = true;
|
|
};
|
|
};
|
|
|
|
# users.groups.tang = {};
|
|
# users.users.tang = {
|
|
# isSystemUser = true;
|
|
# group = "tang";
|
|
# home = "/var/db/tang";
|
|
# createHome = true;
|
|
# description = "Tang system user";
|
|
# };
|
|
}
|