matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(esphome): use normal user for systemd unit

Browse source
This commit is contained in:
matt1432 2025-02-06 16:42:44 -05:00
parent 710b86db31
commit 277a462031
1 changed files with 11 additions and 14 deletions

25
modules/esphome-plus/default.nix
View file

@ -12,12 +12,7 @@
cfg = config.services.esphome; cfg = config.services.esphome;
stateDir = "/var/lib/private/esphome"; stateDir = "/var/lib/esphome";
esphomeParams =
if cfg.enableUnixSocket
then "--socket /run/esphome/esphome.sock"
else "--address ${cfg.address} --port ${toString cfg.port}";
format = pkgs.formats.yaml {}; format = pkgs.formats.yaml {};
# Adapted from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/home-automation/home-assistant.nix # Adapted from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/home-automation/home-assistant.nix
@ -52,10 +47,17 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users = {
users.esphome = {
isNormalUser = true;
group = "esphome";
home = stateDir;
};
groups.esphome = {};
};
# https://github.com/NixOS/nixpkgs/issues/339557 # https://github.com/NixOS/nixpkgs/issues/339557
systemd.services.esphome = { systemd.services.esphome = {
environment.PLATFORMIO_CORE_DIR = mkForce "${stateDir}/.platformio";
serviceConfig = serviceConfig =
(optionalAttrs (cfg.firmwareConfigs != {}) { (optionalAttrs (cfg.firmwareConfigs != {}) {
ExecStartPre = getExe (pkgs.writeShellApplication { ExecStartPre = getExe (pkgs.writeShellApplication {
@ -66,10 +68,6 @@ in {
]; ];
text = '' text = ''
if [[ ! -d ${stateDir} ]]; then
mkdir -p ${stateDir}
fi
${optionalString ${optionalString
(cfg.secretsFile != null) (cfg.secretsFile != null)
# bash # bash
@ -96,8 +94,7 @@ in {
}); });
}) })
// { // {
ExecStart = mkForce "${cfg.package}/bin/esphome dashboard ${esphomeParams} ${stateDir}"; DynamicUser = mkForce "off";
WorkingDirectory = mkForce stateDir;
}; };
}; };
}; };