Merge pull request #275281 from eliandoran/feature/mympd-service
nixos/mympd: init
This commit is contained in:
commit
067338523e
5 changed files with 159 additions and 0 deletions
|
@ -344,6 +344,7 @@
|
||||||
./services/audio/mopidy.nix
|
./services/audio/mopidy.nix
|
||||||
./services/audio/mpd.nix
|
./services/audio/mpd.nix
|
||||||
./services/audio/mpdscribble.nix
|
./services/audio/mpdscribble.nix
|
||||||
|
./services/audio/mympd.nix
|
||||||
./services/audio/navidrome.nix
|
./services/audio/navidrome.nix
|
||||||
./services/audio/networkaudiod.nix
|
./services/audio/networkaudiod.nix
|
||||||
./services/audio/roon-bridge.nix
|
./services/audio/roon-bridge.nix
|
||||||
|
|
129
nixos/modules/services/audio/mympd.nix
Normal file
129
nixos/modules/services/audio/mympd.nix
Normal file
|
@ -0,0 +1,129 @@
|
||||||
|
{ pkgs, config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.mympd;
|
||||||
|
in {
|
||||||
|
options = {
|
||||||
|
|
||||||
|
services.mympd = {
|
||||||
|
|
||||||
|
enable = lib.mkEnableOption (lib.mdDoc "MyMPD server");
|
||||||
|
|
||||||
|
package = lib.mkPackageOption pkgs "mympd" {};
|
||||||
|
|
||||||
|
openFirewall = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = false;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Open ports needed for the functionality of the program.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
extraGroups = lib.mkOption {
|
||||||
|
type = lib.types.listOf lib.types.str;
|
||||||
|
default = [ ];
|
||||||
|
example = [ "music" ];
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Additional groups for the systemd service.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = lib.mkOption {
|
||||||
|
type = lib.types.submodule {
|
||||||
|
freeformType = with lib.types; attrsOf (nullOr (oneOf [ str bool int ]));
|
||||||
|
options = {
|
||||||
|
http_port = lib.mkOption {
|
||||||
|
type = lib.types.port;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
The HTTP port where mympd's web interface will be available.
|
||||||
|
|
||||||
|
The HTTPS/SSL port can be configured via {option}`config`.
|
||||||
|
'';
|
||||||
|
example = "8080";
|
||||||
|
};
|
||||||
|
|
||||||
|
ssl = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Whether to enable listening on the SSL port.
|
||||||
|
|
||||||
|
Refer to <https://jcorporation.github.io/myMPD/configuration/configuration-files#ssl-options>
|
||||||
|
for more information.
|
||||||
|
'';
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Manages the configuration files declaratively. For all the configuration
|
||||||
|
options, see <https://jcorporation.github.io/myMPD/configuration/configuration-files>.
|
||||||
|
|
||||||
|
Each key represents the "File" column from the upstream configuration table, and the
|
||||||
|
value is the content of that file.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
systemd.services.mympd = {
|
||||||
|
# upstream service config: https://github.com/jcorporation/myMPD/blob/master/contrib/initscripts/mympd.service.in
|
||||||
|
after = [ "mpd.service" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
preStart = with lib; ''
|
||||||
|
config_dir="/var/lib/mympd/config"
|
||||||
|
mkdir -p "$config_dir"
|
||||||
|
|
||||||
|
${pipe cfg.settings [
|
||||||
|
(mapAttrsToList (name: value: ''
|
||||||
|
echo -n "${if isBool value then boolToString value else toString value}" > "$config_dir/${name}"
|
||||||
|
''))
|
||||||
|
(concatStringsSep "\n")
|
||||||
|
]}
|
||||||
|
'';
|
||||||
|
unitConfig = {
|
||||||
|
Description = "myMPD server daemon";
|
||||||
|
Documentation = "man:mympd(1)";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||||
|
CapabilityBoundingSet = "CAP_NET_BIND_SERVICE";
|
||||||
|
DynamicUser = true;
|
||||||
|
ExecStart = lib.getExe cfg.package;
|
||||||
|
LockPersonality = true;
|
||||||
|
MemoryDenyWriteExecute = true;
|
||||||
|
PrivateDevices = true;
|
||||||
|
ProtectClock = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectHome = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
ProtectKernelLogs = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
RestrictRealtime = true;
|
||||||
|
StateDirectory = "mympd";
|
||||||
|
CacheDirectory = "mympd";
|
||||||
|
RestrictAddressFamilies = "AF_INET AF_INET6 AF_NETLINK AF_UNIX";
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallFilter = "@system-service";
|
||||||
|
SupplementaryGroups = cfg.extraGroups;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall = lib.mkMerge [
|
||||||
|
(lib.mkIf cfg.openFirewall {
|
||||||
|
allowedTCPPorts = [ cfg.settings.http_port ];
|
||||||
|
})
|
||||||
|
(lib.mkIf (cfg.openFirewall && cfg.settings.ssl && cfg.settings.ssl_port != null) {
|
||||||
|
allowedTCPPorts = [ cfg.settings.ssl_port ];
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
meta.maintainers = [ lib.maintainers.eliandoran ];
|
||||||
|
|
||||||
|
}
|
|
@ -544,6 +544,7 @@ in {
|
||||||
munin = handleTest ./munin.nix {};
|
munin = handleTest ./munin.nix {};
|
||||||
mutableUsers = handleTest ./mutable-users.nix {};
|
mutableUsers = handleTest ./mutable-users.nix {};
|
||||||
mxisd = handleTest ./mxisd.nix {};
|
mxisd = handleTest ./mxisd.nix {};
|
||||||
|
mympd = handleTest ./mympd.nix {};
|
||||||
mysql = handleTest ./mysql/mysql.nix {};
|
mysql = handleTest ./mysql/mysql.nix {};
|
||||||
mysql-autobackup = handleTest ./mysql/mysql-autobackup.nix {};
|
mysql-autobackup = handleTest ./mysql/mysql-autobackup.nix {};
|
||||||
mysql-backup = handleTest ./mysql/mysql-backup.nix {};
|
mysql-backup = handleTest ./mysql/mysql-backup.nix {};
|
||||||
|
|
27
nixos/tests/mympd.nix
Normal file
27
nixos/tests/mympd.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
import ./make-test-python.nix ({pkgs, lib, ... }: {
|
||||||
|
name = "mympd";
|
||||||
|
|
||||||
|
nodes.mympd = {
|
||||||
|
services.mympd = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
http_port = 8081;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.mpd.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
start_all();
|
||||||
|
machine.wait_for_unit("mympd.service");
|
||||||
|
|
||||||
|
# Ensure that mympd can connect to mpd
|
||||||
|
machine.wait_until_succeeds(
|
||||||
|
"journalctl -eu mympd -o cat | grep 'Connected to MPD'"
|
||||||
|
)
|
||||||
|
|
||||||
|
# Ensure that the web server is working
|
||||||
|
machine.succeed("curl http://localhost:8081 --compressed | grep -o myMPD")
|
||||||
|
'';
|
||||||
|
})
|
|
@ -63,5 +63,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
maintainers = [ lib.maintainers.doronbehar ];
|
maintainers = [ lib.maintainers.doronbehar ];
|
||||||
platforms = lib.platforms.linux;
|
platforms = lib.platforms.linux;
|
||||||
license = lib.licenses.gpl2Plus;
|
license = lib.licenses.gpl2Plus;
|
||||||
|
mainProgram = "mympd";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue