From 1c71216a051746d600fd8f5e9ae8c133be232160 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Wed, 24 Jun 2015 18:38:44 +0200
Subject: tv ejabberd: add option certFile

---
 modules/tv/ejabberd.nix | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'modules/tv')

diff --git a/modules/tv/ejabberd.nix b/modules/tv/ejabberd.nix
index 008fe2cd..54a9aad0 100644
--- a/modules/tv/ejabberd.nix
+++ b/modules/tv/ejabberd.nix
@@ -9,7 +9,8 @@ let
 
   cfg = config.services.ejabberd-cd;
 
-
+  # XXX this is a placeholder that happens to work the default strings.
+  toErlang = builtins.toJSON;
 
 in
 
@@ -26,6 +27,16 @@ in
         description = "Whether to enable ejabberd server";
       };
 
+      certFile = mkOption {
+        # TODO if it's types.path then it gets copied to /nix/store with
+        #      bad unsafe permissions...
+        type = types.string;
+        default = "/etc/ejabberd/ejabberd.pem";
+        description = ''
+          TODO
+        '';
+      };
+
       config = mkOption {
         type = types.string;
         default = "";
@@ -221,7 +232,7 @@ in
                 %% file and uncomment this line:
                 %%
                 starttls,
-                {certfile, "/etc/ejabberd/ejabberd.pem"},
+                {certfile, ${toErlang cfg.certFile}},
 
                 {access, c2s},
                 {shaper, c2s_shaper},
@@ -274,7 +285,7 @@ in
           %%
           %% s2s_certfile: Specify a certificate file.
           %%
-          {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
+          {s2s_certfile, ${toErlang cfg.certFile}}.
 
           %%
           %% domain_certfile: Specify a different certificate for each served hostname.
-- 
cgit v1.2.3