nixos/flood: init #269726
nixos/flood: init #269726
Conversation
github-actions
bot
added
6.topic: nixos
ofborg
bot
added
10.rebuild-darwin: 0
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
b680813
to
f4c6af7
Compare
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
f4c6af7
to
94a614b
Compare
|
@ofborg eval |
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
94a614b
to
e8f3e6a
Compare
There was a problem hiding this comment.
If you have included tests, they also need to be specified in the package's passthru.tests attribute.
Also, Flood requires mediainfo to be present on runtime. However, I'm not sure how to properly handle this: you can try to find the call to it in the source code and patch it out there (or wrap the executable with PATH), or just add it to Path= in the systemd service.
Lastly, we probably should add asserts so that only one type of connection is specified at once, i.e. only rtorrent is allowed, not rtorrent and deluge etc. This can also be solved by adding an enable flag on each of these.
|
Oh, and you should also mention this module in the release notes for 24.05. See CONTRIBUTING.md |
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
e8f3e6a
to
e85059d
Compare
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
e85059d
to
24d85c3
Compare
3JlOy-PYCCKUi
force-pushed
the
flood-module
branch
from
24d85c3
to
aff5b3a
Compare
3JlOy-PYCCKUi
added
the
12.approvals: 1
|
Just a suggestion, but maybe add a Also, do we not need to create the flood user and group in this module? Something like: users.users = mkIf (cfg.user == "flood") {
flood = {
group = cfg.group;
isSystemUser = true;
};
};
users.groups = mkIf (cfg.group == "flood") {
flood = {};
}; |
| delugeAuth = addAuthOpt "de" cfg.auth.deluge; | ||
| rtorrentAuth = addAuthOpt "rt" cfg.auth.rtorrent; | ||
| qbittorrentAuth = addAuthOpt "qb" cfg.auth.qbittorrent; | ||
| transmissionAuth = addAuthOpt "tr" cfg.auth.transmission; |
There was a problem hiding this comment.
Passing in secret values through options is bad practice, as they will leak out into the nix store. So this is not really ideal. Unfortunately, Flood does not seem to have any way of loading in these options declaratively without using the command line options. I am currently trying to ask on the Flood Discord if there is a current way or how a PR that addresses this would be structured.
| wantedBy = [ "multi-user.target" ]; | ||
| path = [ pkgs.mediainfo ]; | ||
| serviceConfig = { | ||
| ExecStart = "${cfg.package}/bin/flood ${lib.concatStringsSep " " args}"; |
There was a problem hiding this comment.
The technically correct one:
| ExecStart = "${cfg.package}/bin/flood ${lib.concatStringsSep " " args}"; | |
| ExecStart = "${cfg.package}/bin/flood ${lib.escapeShellArgs " " args}"; |
There was a problem hiding this comment.
Actually, I now know that the correct one is utils.escapeSystemdExecArgs.
Added a PR for Flood for being able to pass the command line options as a JSON as well. They also compose, so you can set {
"qbpass": "qbpassword"
} |
| options = { | ||
| services = { | ||
| flood = { | ||
| enable = lib.mkEnableOption (lib.mdDoc "Flood daemon"); |
| wantedBy = [ "multi-user.target" ]; | ||
| path = [ pkgs.mediainfo ]; | ||
| serviceConfig = { | ||
| ExecStart = "${cfg.package}/bin/flood ${lib.concatStringsSep " " args}"; |
There was a problem hiding this comment.
${lib.getExe cfg.package} would be nice.
wegank
added
the
2.status: merge conflict
Description of changes
Things done
nix.conf? (See Nix manual)sandbox = relaxedsandbox = truenix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Priorities
Add a 👍 reaction to pull requests you find important.