1 { pkgs, lib, config, inputs, ... }:
3 systemd.sockets."tmux@" = {
4 listenStreams = [ "/home/%i/tmux.sock" ];
5 socketConfig.SocketUser = "%i";
6 socketConfig.SocketMode = "600";
7 socketConfig.Service = "tmux@%i.service";
10 systemd.services."proxy-to-irssi@" = {
11 requires = ["irssi@%i.service"];
12 after = ["irssi@%i.service" "proxy-to-irssi-%i.socket"];
13 #unitConfig.JoinsNamespaceOf = ["netns-${netns}.service"];
14 unitConfig.JoinsNamespaceOf = ["irssi@%i.service"];
16 ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd /var/lib/irssi/%i/tmux.sock";
17 #PrivateNetwork = true;
22 #systemd.sockets."irssi@" = {
23 # enable = values.peersAnnouncing.enable;
24 # listenStreams = [(toString values.peersAnnouncing.listenPort)];
25 # socketConfig.Accept = true;
26 # socketConfig.ReusePort = true;
27 # wantedBy = [ "sockets.target" ];
29 systemd.services."tmux@" = {
30 description = "tmux for user %i";
31 #after = [ "network.target" ];
32 environment.HOME = "/var/lib/tmux/%i";
33 # A custom LD_LIBRARY_PATH is needed to access in `getent passwd`
34 # the systemd's entry about the DynamicUser=
35 environment.LD_LIBRARY_PATH = config.system.nssModules.path;
36 serviceConfig = let tmux = "/home/julm/src/tmux/result/bin/tmux"; in {
39 ExecStart = "${tmux} -v -D -f /var/lib/tmux/%i/.config/tmux/tmux.conf -f ${pkgs.writeText "tmux.conf" ''
40 set-option -g default-shell ${pkgs.runtimeShell}
41 #set-option -g exit-empty off
43 run-shell -b "systemd-notify --ready"
46 RefuseManualStart = true;
47 #RuntimeDirectory = ["tmux/%i"];
48 #RuntimeDirectoryMode = "755";
49 StateDirectory = ["tmux/%i"];
52 # Send CTRL+u to clear the input line before /quit
53 #"-${tmux} -L %p send-keys -t irssi:0 C-u"
54 #"-${tmux} -L %p send-keys -t irssi:0 /quit Enter"
55 # Sending /quit to irssi is asynchronous, so wait for irssi to exit
56 # before killing the session in tmux
57 #(pkgs.writeShellScript "stop-irssi" ''
58 # timeout 3 tail --pid=$(cat %t/irssi.pid || echo 0) -f /dev/null
60 #"-${tmux} -L %p kill-session -t irssi-%i"
62 WorkingDirectory = "/var/lib/tmux/%i";
66 "-/home/%i/.config/tmux/tmux.conf:/var/lib/tmux/%i/.config/tmux/tmux.conf"
69 #IPAddressDeny = "any";
70 #AmbientCapabilities = [""];
71 #CapabilityBoundingSet = [""];
72 #RestrictNamespaces = true;
74 ##NoNewPrivileges = true;
75 ##ProtectSystem = true;
77 #PrivateDevices = true;
79 #ProtectControlGroups = true;
81 #ProtectKernelLogs = true;
82 #ProtectKernelModules = true;
83 #ProtectKernelTunables = true;
84 #ProtectProc = "invisible";
85 #SystemCallArchitectures = "native";
88 # "~@keyring" "~@clock" "~@debug" "~@module"
89 # "~@obsolete" "~@privileged" "~@process" "~@resources"
91 #RestrictRealtime = true;
92 #LockPersonality = true;
93 #MemoryDenyWriteExecute = true;
95 #ProtectHostname = true;
97 #StandardInput = "socket";
98 #StandardOutput = "socket";
99 #RestrictAddressFamilies = "";