1 { config, lib, pkgs, ... }:
6 cfg = config.services.node-red;
7 defaultUser = "node-red";
10 options.services.node-red = {
11 enable = mkEnableOption "the Node-RED service";
13 package = mkPackageOption pkgs [ "node-red" ] { };
15 openFirewall = mkOption {
19 Open ports in the firewall for the server.
23 withNpmAndGcc = mkOption {
27 Give Node-RED access to NPM and GCC at runtime, so 'Nodes' can be
28 downloaded and managed imperatively via the 'Palette Manager'.
32 configFile = mkOption {
34 default = "${cfg.package}/lib/node_modules/node-red/packages/node_modules/node-red/settings.js";
35 defaultText = literalExpression ''"''${package}/lib/node_modules/node-red/packages/node_modules/node-red/settings.js"'';
37 Path to the JavaScript configuration file.
38 See <https://github.com/node-red/node-red/blob/master/packages/node_modules/node-red/settings.js>
39 for a configuration example.
46 description = "Listening port.";
51 default = defaultUser;
53 User under which Node-RED runs.If left as the default value this user
54 will automatically be created on system activation, otherwise the
55 sysadmin is responsible for ensuring the user exists.
61 default = defaultUser;
63 Group under which Node-RED runs.If left as the default value this group
64 will automatically be created on system activation, otherwise the
65 sysadmin is responsible for ensuring the group exists.
71 default = "/var/lib/node-red";
73 The directory to store all user data, such as flow and credential files and all library data. If left
74 as the default value this directory will automatically be created before the node-red service starts,
75 otherwise the sysadmin is responsible for ensuring the directory exists with appropriate ownership
83 description = "Whether to launch Node-RED in --safe mode.";
89 description = "List of settings.js overrides to pass via -D to Node-RED.";
90 example = literalExpression ''
92 "logging.console.level" = "trace";
98 config = mkIf cfg.enable {
99 users.users = optionalAttrs (cfg.user == defaultUser) {
106 users.groups = optionalAttrs (cfg.group == defaultUser) {
107 ${defaultUser} = { };
110 networking.firewall = mkIf cfg.openFirewall {
111 allowedTCPPorts = [ cfg.port ];
114 systemd.services.node-red = {
115 description = "Node-RED Service";
116 wantedBy = [ "multi-user.target" ];
117 after = [ "networking.target" ];
121 path = lib.optionals cfg.withNpmAndGcc [ pkgs.nodejs pkgs.gcc ];
122 serviceConfig = mkMerge [
126 ExecStart = "${cfg.package}/bin/node-red ${pkgs.lib.optionalString cfg.safe "--safe"} --settings ${cfg.configFile} --port ${toString cfg.port} --userDir ${cfg.userDir} ${concatStringsSep " " (mapAttrsToList (name: value: "-D ${name}=${value}") cfg.define)}";
129 WorkingDirectory = cfg.userDir;
131 (mkIf (cfg.userDir == "/var/lib/node-red") { StateDirectory = "node-red"; })