nixpkgs/nixos/modules/services/networking/keybase.nix
Peter Hoeg f2639566b5
Merge pull request #30712 from peterhoeg/f/service
systemd user services shouldn't run as root and other "non-interactive" users
2019-08-02 11:58:27 +08:00

42 lines
776 B
Nix

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.keybase;
in {
###### interface
options = {
services.keybase = {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to start the Keybase service.";
};
};
};
###### implementation
config = mkIf cfg.enable {
systemd.user.services.keybase = {
description = "Keybase service";
unitConfig.ConditionUser = "!@system";
serviceConfig = {
ExecStart = ''
${pkgs.keybase}/bin/keybase service --auto-forked
'';
Restart = "on-failure";
PrivateTmp = true;
};
wantedBy = [ "default.target" ];
};
environment.systemPackages = [ pkgs.keybase ];
};
}