From 706ce9e2308ac370088abb09cf63b20cce2b07cf Mon Sep 17 00:00:00 2001 From: Joshua Trees Date: Mon, 31 May 2021 00:15:56 +0200 Subject: [PATCH] nixos/synergy: add encryption support Make it possible to use the Synergy server with TLS encryption without resorting to the GUI. --- nixos/modules/services/misc/synergy.nix | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/synergy.nix b/nixos/modules/services/misc/synergy.nix index 7990a9f6f4ce..d6cd5d7f0d66 100644 --- a/nixos/modules/services/misc/synergy.nix +++ b/nixos/modules/services/misc/synergy.nix @@ -70,6 +70,26 @@ in type = types.bool; description = "Whether the Synergy server should be started automatically."; }; + tls = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether TLS encryption should be used. + + Using this requires a TLS certificate that can be + generated by starting the Synergy GUI once and entering + a valid product key. + ''; + }; + + cert = mkOption { + type = types.nullOr types.str; + default = null; + example = "~/.synergy/SSL/Synergy.pem"; + description = "The TLS certificate to use for encryption."; + }; + }; }; }; @@ -95,7 +115,7 @@ in description = "Synergy server"; wantedBy = optional cfgS.autoStart "graphical-session.target"; path = [ pkgs.synergy ]; - serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f ${optionalString (cfgS.address != "") "-a ${cfgS.address}"} ${optionalString (cfgS.screenName != "") "-n ${cfgS.screenName}" }''; + serviceConfig.ExecStart = ''${pkgs.synergy}/bin/synergys -c ${cfgS.configFile} -f${optionalString (cfgS.address != "") " -a ${cfgS.address}"}${optionalString (cfgS.screenName != "") " -n ${cfgS.screenName}"}${optionalString cfgS.tls.enable " --enable-crypto"}${optionalString (cfgS.tls.cert != null) (" --tls-cert=${cfgS.tls.cert}")}''; serviceConfig.Restart = "on-failure"; }; })