blob: 82de6e38e1af00ee5b0859168f0a7652a99f639f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
{ config, lib, pkgs, depot, ... }:
let
cfg = config.services.xanthous-server;
in
{
options = with lib; {
services.xanthous-server = {
enable = mkEnableOption "xanthous server";
port = mkOption {
type = types.int;
default = 2222;
description = "Port to listen to for SSH connections";
};
metricsPort = mkOption {
type = types.int;
default = 9000;
description = "Port to listen to for prometheus metrics";
};
image = mkOption {
type = types.package;
default = depot.users.grfn.xanthous.server.docker;
description = "OCI image file to run";
};
ed25519SecretKeyFile = mkOption {
type = with types; uniq string;
description = "Path to the ed25519 secret key for the server";
};
};
};
config = lib.mkIf cfg.enable {
virtualisation.oci-containers.containers."xanthous-server" = {
autoStart = true;
image = "${cfg.image.imageName}:${cfg.image.imageTag}";
imageFile = cfg.image;
ports = [
"${toString cfg.port}:22"
"${toString cfg.metricsPort}:9000"
];
environment.SECRET_KEY_FILE = "/secret-key";
volumes = [ "/etc/secrets/xanthous-server-secret-key:/secret-key" ];
};
};
}
|
