services: cloudflare-tunnel-service-type: Add %cloudflare-tunnel-accounts.

* rosenthal/services/child-error.scm (%cloudflare-tunnel-accounts): New
variable.
(cloudflare-tunnel-shepherd-service,cloudflare-tunnel-service-type): Honor it.
wip/index/refs/heads/trunk
Hilton Chain 2 years ago
parent 2370498264
commit 0c0571462b
No known key found for this signature in database
GPG Key ID: 5E5AA665614917F7
  1. 20
      rosenthal/services/child-error.scm

@ -8,9 +8,11 @@
#:use-module (guix gexp) #:use-module (guix gexp)
#:use-module (gnu home services) #:use-module (gnu home services)
#:use-module (gnu home services shepherd) #:use-module (gnu home services shepherd)
#:use-module (gnu packages admin)
#:use-module (gnu services) #:use-module (gnu services)
#:use-module (gnu services configuration) #:use-module (gnu services configuration)
#:use-module (gnu services shepherd) #:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:use-module (rosenthal utils home-services-utils) #:use-module (rosenthal utils home-services-utils)
#:export (cloudflare-tunnel-configuration #:export (cloudflare-tunnel-configuration
cloudflare-tunnel-service-type)) cloudflare-tunnel-service-type))
@ -47,6 +49,16 @@
(extra-options cloudflare-tunnel-configuration-extra-options ;list of string (extra-options cloudflare-tunnel-configuration-extra-options ;list of string
(default '()))) (default '())))
(define %cloudflare-tunnel-accounts
(list (user-group (name "cloudflared") (system? #t))
(user-account
(name "cloudflared")
(group "cloudflared")
(system? #t)
(comment "Cloudflare Tunnel user")
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin")))))
(define cloudflare-tunnel-shepherd-service (define cloudflare-tunnel-shepherd-service
(match-lambda (match-lambda
(($ <cloudflare-tunnel-configuration> cloudflared metrics (($ <cloudflare-tunnel-configuration> cloudflared metrics
@ -69,8 +81,8 @@
'("--post-quantum") '("--post-quantum")
'()) '())
#$@extra-options) #$@extra-options)
#:user "nobody" #:user "cloudflared"
#:group "nogroup" #:group "cloudflared"
#:log-file #$log-file)) #:log-file #$log-file))
(stop #~(make-kill-destructor)))))))) (stop #~(make-kill-destructor))))))))
@ -79,6 +91,8 @@
(name 'cloudflare-tunnel) (name 'cloudflare-tunnel)
(extensions (extensions
(list (service-extension shepherd-root-service-type (list (service-extension shepherd-root-service-type
cloudflare-tunnel-shepherd-service))) cloudflare-tunnel-shepherd-service)
(service-extension account-service-type
(const %cloudflare-tunnel-accounts))))
(default-value (cloudflare-tunnel-configuration)) (default-value (cloudflare-tunnel-configuration))
(description "Run cloudflared, the Cloudflare Tunnel daemon."))) (description "Run cloudflared, the Cloudflare Tunnel daemon.")))

Loading…
Cancel
Save