diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix index 31a112d6c74..ed1a5544d7a 100644 --- a/nixos/modules/services/games/asf.nix +++ b/nixos/modules/services/games/asf.nix @@ -13,7 +13,7 @@ let # is in theory not needed as this is already the default for default builds UpdateChannel = 0; Headless = true; - } // lib.optionalAttrs (cfg.ipcPasswordFile != "") { + } // lib.optionalAttrs (cfg.ipcPasswordFile != null) { IPCPassword = "#ipcPassword#"; }); @@ -94,7 +94,8 @@ in }; ipcPasswordFile = mkOption { - type = types.path; + type = types.nullOr types.path; + default = null; description = "Path to a file containig the password. The file must be readable by the asf user/group."; }; @@ -159,7 +160,6 @@ in users = { users.asf = { home = cfg.dataDir; - homeMode = "700"; isSystemUser = true; group = "asf"; description = "Archis-Steam-Farm service user"; @@ -174,13 +174,17 @@ in wantedBy = [ "multi-user.target" ]; serviceConfig = mkMerge [ - (mkIf (cfg.dataDir == "/var/lib/asf") { StateDirectory = "asf"; }) + (mkIf (cfg.dataDir == "/var/lib/asf") { + StateDirectory = "asf"; + StateDirectoryMode = "700"; + }) { User = "asf"; Group = "asf"; WorkingDirectory = cfg.dataDir; Type = "simple"; ExecStart = "${cfg.package}/bin/ArchiSteamFarm --path ${cfg.dataDir} --process-required --no-restart --service --no-config-migrate"; + Restart = "always"; # mostly copied from the default systemd service PrivateTmp = true; @@ -222,7 +226,10 @@ in mkdir -p config cp --no-preserve=mode ${asf-config} config/ASF.json - ${replaceSecretBin} '#ipcPassword#' '${cfg.ipcPasswordFile}' config/ASF.json + + ${optionalString (cfg.ipcPasswordFile != null) '' + ${replaceSecretBin} '#ipcPassword#' '${cfg.ipcPasswordFile}' config/ASF.json + ''} ${optionalString (cfg.ipcSettings != {}) '' ln -fs ${ipc-config} config/IPC.config @@ -243,6 +250,6 @@ in meta = { buildDocsInSandbox = false; - maintainers = with maintainers; [ lom ]; + maintainers = with maintainers; [ lom SuperSandro2000 ]; }; }