synergy: add options for TLS

author: Michael Hoang <enzime@users.noreply.github.com> 2023-04-18 12:01:31 +0900
committer: Michael Hoang <enzime@users.noreply.github.com> 2023-04-18 14:31:42 +0900
commit: 90b36a5efe003a388451af2e0f41774bcdc0d658 (patch)
tree: 7b7b71ee6d18e4d54d5c8a465d016d61bc99d9cd /modules/services/synergy
parent: 025912529dd0b31dead95519e944ea05f1ad56f2 (diff)
1 files changed, 40 insertions, 3 deletions
diff --git a/modules/services/synergy/default.nix b/modules/services/synergy/default.nix
index 71418a6..f7503da 100644
--- a/modules/services/synergy/default.nix
+++ b/modules/services/synergy/default.nix
@@ -48,6 +48,21 @@ in
           type = types.bool;
           description = "Whether the Synergy client should be started automatically.";
         };
+        tls = {
+          enable = mkEnableOption ''
+            Whether TLS encryption should be used.
+
+            Using this requires a TLS certificate that can be
+            generated by starting the Synergy GUI once and entering
+            a valid product key.
+          '';
+          cert = mkOption {
+            type = types.nullOr types.str;
+            default = null;
+            example = "~/.synergy/SSL/Synergy.pem";
+            description = "The TLS certificate to use for encryption.";
+          };
+        };
       };
 
       server = {
@@ -81,6 +96,21 @@ in
           type = types.bool;
           description = "Whether the Synergy server should be started automatically.";
         };
+        tls = {
+          enable = mkEnableOption ''
+            Whether TLS encryption should be used.
+
+            Using this requires a TLS certificate that can be
+            generated by starting the Synergy GUI once and entering
+            a valid product key.
+          '';
+          cert = mkOption {
+            type = types.nullOr types.str;
+            default = null;
+            example = "~/.synergy/SSL/Synergy.pem";
+            description = "The TLS certificate to use for encryption.";
+          };
+        };
       };
     };
 
@@ -92,8 +122,13 @@ in
       launchd.user.agents."synergy-client" = {
         path = [ config.environment.systemPath ];
         serviceConfig.ProgramArguments = [
-          "${cfg.package}/bin/synergyc" "-f" "${cfg.client.serverAddress}"
-        ] ++ optionals (cfg.client.screenName != "") [ "-n" cfg.client.screenName ];
+          "${cfg.package}/bin/synergyc" "-f"
+        ] ++ optionals (cfg.client.tls.enable) [ "--enable-crypto" ]
+          ++ optionals (cfg.client.tls.cert != null) [ "--tls-cert" cfg.client.tls.cert ]
+          ++ optionals (cfg.client.screenName != "") [ "-n" cfg.client.screenName ]
+          ++ [
+          cfg.client.serverAddress
+        ];
         serviceConfig.KeepAlive = true;
         serviceConfig.RunAtLoad = cfg.client.autoStart;
         serviceConfig.ProcessType = "Interactive";
@@ -105,7 +140,9 @@ in
         path = [ config.environment.systemPath ];
         serviceConfig.ProgramArguments = [
           "${cfg.package}/bin/synergys" "-c" "${cfg.server.configFile}" "-f"
-        ] ++ optionals (cfg.server.screenName != "") [ "-n" cfg.server.screenName ]
+        ] ++ optionals (cfg.server.tls.enable) [ "--enable-crypto" ]
+          ++ optionals (cfg.server.tls.cert != null) [ "--tls-cert" cfg.server.tls.cert ]
+          ++ optionals (cfg.server.screenName != "") [ "-n" cfg.server.screenName ]
           ++ optionals (cfg.server.address != "") [ "-a" cfg.server.address ];
         serviceConfig.KeepAlive = true;
         serviceConfig.RunAtLoad = cfg.server.autoStart;
author	Michael Hoang <enzime@users.noreply.github.com>	2023-04-18 12:01:31 +0900
committer	Michael Hoang <enzime@users.noreply.github.com>	2023-04-18 14:31:42 +0900
commit	90b36a5efe003a388451af2e0f41774bcdc0d658 (patch)
tree	7b7b71ee6d18e4d54d5c8a465d016d61bc99d9cd /modules/services/synergy
parent	025912529dd0b31dead95519e944ea05f1ad56f2 (diff)