jshiffer/lora-xmpp-bridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
lora-xmpp-bridge/module.nix
google-labs-jules[bot] 50b76aabe7 refactor: Convert Nix setup to classic Nix (non-flake) 
This replaces the experimental flake-based Nix configuration with
a classic Nix setup (`default.nix`, `shell.nix`, `module.nix`)
per user request.

Changes include:
- Removing `flake.nix`.
- Creating `default.nix` to package the python bridge.
- Creating `shell.nix` for a reproducible development environment.
- Creating `module.nix` for the NixOS systemd service.
- The `module.nix` now uses systemd's `LoadCredential=` to safely
  expose the XMPP password to the bridge daemon running as a dynamic
  user, resolving permission issues.
- `README.md` instructions have been fully rewritten to focus on classic
  Nix usage, answering user questions on secret management and repository
  cloning structure.

Co-authored-by: jamessucla <2191476+jamessucla@users.noreply.github.com>
2026-03-06 07:29:27 +00:00

61 lines
1.7 KiB
Nix
Raw Permalink Blame History

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.sovereign-bridge;
# Import the package defined in default.nix
sovereign-bridge = import ./default.nix { inherit pkgs; };
in {
options.services.sovereign-bridge = {
enable = mkEnableOption "SovereignRelay Bridge";
jid = mkOption {
type = types.str;
description = "XMPP JID for the bridge bot";
};
passwordFile = mkOption {
type = types.path;
description = "Path to file containing XMPP password";
};
room = mkOption {
type = types.str;
description = "XMPP MUC room to bridge";
};
nick = mkOption {
type = types.str;
default = "meshbridge";
description = "Nickname for the bridge bot in the MUC";
};
};
config = mkIf cfg.enable {
systemd.services.sovereign-bridge = {
description = "SovereignRelay Meshtastic to XMPP Bridge";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
LoadCredential = "xmpp_password:${cfg.passwordFile}";
ExecStart = let
script = pkgs.writeShellScript "sovereign-bridge-start" ''
# Run the bridge
${sovereign-bridge}/bin/sovereign-bridge \
-j ${lib.escapeShellArg cfg.jid} \
-P "$CREDENTIALS_DIRECTORY/xmpp_password" \
-r ${lib.escapeShellArg cfg.room} \
-n ${lib.escapeShellArg cfg.nick}
'';
in "${script}";
Restart = "always";
RestartSec = "10";
# Required to access serial ports for Meshtastic
SupplementaryGroups = [ "dialout" ];
DynamicUser = true;
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink