mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-09-29 23:52:55 +00:00
nixos/netbird: fix defaults (#314656)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
This commit is contained in:
parent
4f06a00fa9
commit
0fdf6e2917
@ -60,6 +60,7 @@ in
|
||||
default = null;
|
||||
description = ''
|
||||
The password of the user used by netbird to connect to the coturn server.
|
||||
Be advised this will be world readable in the nix store.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -142,7 +143,11 @@ in
|
||||
];
|
||||
});
|
||||
|
||||
security.acme.certs.${cfg.domain}.postRun = optionalString cfg.useAcmeCertificates "systemctl restart coturn.service";
|
||||
security.acme.certs = mkIf cfg.useAcmeCertificates {
|
||||
${cfg.domain}.postRun = ''
|
||||
systemctl restart coturn.service
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
allowedUDPPorts = cfg.openPorts;
|
||||
|
@ -2,6 +2,7 @@
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
mkDefault
|
||||
mkEnableOption
|
||||
mkIf
|
||||
mkOption
|
||||
@ -15,7 +16,7 @@ in
|
||||
|
||||
{
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ thubrecht ];
|
||||
maintainers = with lib.maintainers; [thubrecht patrickdag];
|
||||
doc = ./server.md;
|
||||
};
|
||||
|
||||
@ -41,26 +42,46 @@ in
|
||||
config = mkIf cfg.enable {
|
||||
services.netbird.server = {
|
||||
dashboard = {
|
||||
inherit (cfg) enable domain enableNginx;
|
||||
domain = mkDefault cfg.domain;
|
||||
enable = mkDefault cfg.enable;
|
||||
enableNginx = mkDefault cfg.enableNginx;
|
||||
|
||||
managementServer = "https://${cfg.domain}";
|
||||
};
|
||||
|
||||
management =
|
||||
{
|
||||
inherit (cfg) enable domain enableNginx;
|
||||
domain = mkDefault cfg.domain;
|
||||
enable = mkDefault cfg.enable;
|
||||
enableNginx = mkDefault cfg.enableNginx;
|
||||
}
|
||||
// (optionalAttrs cfg.coturn.enable {
|
||||
// (optionalAttrs cfg.coturn.enable rec {
|
||||
turnDomain = cfg.domain;
|
||||
turnPort = config.services.coturn.tls-listening-port;
|
||||
# We cannot merge a list of attrsets so we have to redefine the whole list
|
||||
settings = {
|
||||
TURNConfig.Turns = mkDefault [
|
||||
{
|
||||
Proto = "udp";
|
||||
URI = "turn:${turnDomain}:${builtins.toString turnPort}";
|
||||
Username = "netbird";
|
||||
Password =
|
||||
if (cfg.coturn.password != null)
|
||||
then cfg.coturn.password
|
||||
else {_secret = cfg.coturn.passwordFile;};
|
||||
}
|
||||
];
|
||||
};
|
||||
});
|
||||
|
||||
signal = {
|
||||
inherit (cfg) enable domain enableNginx;
|
||||
domain = mkDefault cfg.domain;
|
||||
enable = mkDefault cfg.enable;
|
||||
enableNginx = mkDefault cfg.enableNginx;
|
||||
};
|
||||
|
||||
coturn = {
|
||||
inherit (cfg) domain;
|
||||
domain = mkDefault cfg.domain;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user