nixpkgs/nixos/modules/services/hardware/thermald.nix
Solene Rapenne f3516813d8 thermald: disable network access
Use systemd PrivateNetwork feature to prevent thermald daemon to have
network capabilities.
2022-01-15 19:33:06 +01:00

58 lines
1.4 KiB
Nix

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.thermald;
in
{
###### interface
options = {
services.thermald = {
enable = mkEnableOption "thermald, the temperature management daemon";
debug = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable debug logging.
'';
};
configFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "the thermald manual configuration file.";
};
package = mkOption {
type = types.package;
default = pkgs.thermald;
defaultText = literalExpression "pkgs.thermald";
description = "Which thermald package to use.";
};
};
};
###### implementation
config = mkIf cfg.enable {
services.dbus.packages = [ cfg.package ];
systemd.services.thermald = {
description = "Thermal Daemon Service";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
PrivateNetwork = true;
ExecStart = ''
${cfg.package}/sbin/thermald \
--no-daemon \
${optionalString cfg.debug "--loglevel=debug"} \
${optionalString (cfg.configFile != null) "--config-file ${cfg.configFile}"} \
--dbus-enable \
--adaptive
'';
};
};
};
}