vuls: init at 0.27.0
[NixPkgs.git] / nixos / modules / services / monitoring / todesk.nix
blob807d924abfcfb893f5bad164e64ee12caef42782
2   config,
3   lib,
4   pkgs,
5   ...
6 }:
8 let
9   cfg = config.services.todesk;
12   options = {
13     services.todesk.enable = lib.mkEnableOption "ToDesk daemon";
14     services.todesk.package = lib.mkPackageOption pkgs "todesk" { };
15   };
17   config = lib.mkIf cfg.enable {
19     environment.systemPackages = [ cfg.package ];
21     systemd.services.todeskd = {
22       description = "ToDesk Daemon Service";
24       wantedBy = [ "multi-user.target" ];
25       wants = [
26         "network-online.target"
27         "display-manager.service"
28         "nss-lookup.target"
29       ];
30       serviceConfig = {
31         Type = "simple";
32         ExecStart = "${cfg.package}/bin/todesk service";
33         ExecReload = "${pkgs.coreutils}/bin/kill -SIGINT $MAINPID";
34         Restart = "on-failure";
35         WorkingDirectory = "/var/lib/todesk";
36         PrivateTmp = true;
37         StateDirectory = "todesk";
38         StateDirectoryMode = "0777"; # Desktop application read and write /opt/todesk/config/config.ini. Such a pain!
39         ProtectSystem = "strict";
40         ProtectHome = "read-only";
41         RemoveIPC = "yes";
42       };
43     };
44   };