| blob | e42ff3d8ea9b752c07e65a01eba7c2c097c17e39 |
1 { config, pkgs, lib, ... }:
3 with lib;
5 {
6 options = {
7 services.toxvpn = {
8 enable = mkEnableOption "toxvpn running on startup";
10 localip = mkOption {
11 type = types.str;
12 default = "10.123.123.1";
13 description = "your ip on the vpn";
14 };
16 port = mkOption {
17 type = types.port;
18 default = 33445;
19 description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
20 };
22 auto_add_peers = mkOption {
23 type = types.listOf types.str;
24 default = [];
25 example = [ "toxid1" "toxid2" ];
26 description = "peers to automatically connect to on startup";
27 };
28 };
29 };
31 config = mkIf config.services.toxvpn.enable {
32 systemd.services.toxvpn = {
33 description = "toxvpn daemon";
35 wantedBy = [ "multi-user.target" ];
36 after = [ "network.target" ];
38 preStart = ''
39 mkdir -p /run/toxvpn || true
40 chown toxvpn /run/toxvpn
41 '';
43 path = [ pkgs.toxvpn ];
45 script = ''
46 exec toxvpn -i ${config.services.toxvpn.localip} -l /run/toxvpn/control -u toxvpn -p ${toString config.services.toxvpn.port} ${lib.concatMapStringsSep " " (x: "-a ${x}") config.services.toxvpn.auto_add_peers}
47 '';
49 serviceConfig = {
50 KillMode = "process";
51 Restart = "on-success";
52 Type = "notify";
53 };
55 restartIfChanged = false; # Likely to be used for remote admin
56 };
58 environment.systemPackages = [ pkgs.toxvpn ];
60 users.users = {
61 toxvpn = {
62 isSystemUser = true;
63 group = "toxvpn";
64 home = "/var/lib/toxvpn";
65 createHome = true;
66 };
67 };
68 users.groups.toxvpn = {};
69 };
70 }