1 { pkgs, lib, config, inputs, ... }:
3 systemd.sockets."tmux@" = {
4 listenStreams = [ "/home/%i/tmux.sock" ];
5 socketConfig.SocketUser = "%i";
6 socketConfig.SocketMode = "600";
7 socketConfig.Service = "tmux@%i.service";
10 systemd.services."proxy-to-irssi@" = {
11 requires = ["irssi@%i.service"];
12 after = ["irssi@%i.service" "proxy-to-irssi-%i.socket"];
13 #unitConfig.JoinsNamespaceOf = ["netns-${netns}.service"];
14 unitConfig.JoinsNamespaceOf = ["irssi@%i.service"];
16 ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd /var/lib/irssi/%i/tmux.sock";
17 #PrivateNetwork = true;
22 #systemd.sockets."irssi@" = {
23 # enable = values.peersAnnouncing.enable;
24 # listenStreams = [(toString values.peersAnnouncing.listenPort)];
25 # socketConfig.Accept = true;
26 # socketConfig.ReusePort = true;
27 # wantedBy = [ "sockets.target" ];
29 systemd.services."tmux@" = {
30 description = "tmux for user %i";
31 #after = [ "network.target" ];
32 environment.HOME = "/var/lib/tmux/%i";
33 # A custom LD_LIBRARY_PATH is needed to access in `getent passwd`
34 # the systemd's entry about the DynamicUser=
35 environment.LD_LIBRARY_PATH = config.system.nssModules.path;
37 RefuseManualStart = true;
39 serviceConfig = let tmux = "/home/julm/src/tmux/result/bin/tmux"; in {
42 ExecStart = "${tmux} -v -D -f /var/lib/tmux/%i/.config/tmux/tmux.conf -f ${pkgs.writeText "tmux.conf" ''
43 set-option -g default-shell ${pkgs.runtimeShell}
44 #set-option -g exit-empty off
46 run-shell -b "systemd-notify --ready"
49 #RuntimeDirectory = ["tmux/%i"];
50 #RuntimeDirectoryMode = "755";
51 StateDirectory = ["tmux/%i"];
54 # Send CTRL+u to clear the input line before /quit
55 #"-${tmux} -L %p send-keys -t irssi:0 C-u"
56 #"-${tmux} -L %p send-keys -t irssi:0 /quit Enter"
57 # Sending /quit to irssi is asynchronous, so wait for irssi to exit
58 # before killing the session in tmux
59 #(pkgs.writeShellScript "stop-irssi" ''
60 # timeout 3 tail --pid=$(cat %t/irssi.pid || echo 0) -f /dev/null
62 #"-${tmux} -L %p kill-session -t irssi-%i"
64 WorkingDirectory = "/var/lib/tmux/%i";
68 "-/home/%i/.config/tmux/tmux.conf:/var/lib/tmux/%i/.config/tmux/tmux.conf"
71 #IPAddressDeny = "any";
72 #AmbientCapabilities = [""];
73 #CapabilityBoundingSet = [""];
74 #RestrictNamespaces = true;
76 ##NoNewPrivileges = true;
77 ##ProtectSystem = true;
79 #PrivateDevices = true;
81 #ProtectControlGroups = true;
83 #ProtectKernelLogs = true;
84 #ProtectKernelModules = true;
85 #ProtectKernelTunables = true;
86 #ProtectProc = "invisible";
87 #SystemCallArchitectures = "native";
90 # "~@keyring" "~@clock" "~@debug" "~@module"
91 # "~@obsolete" "~@privileged" "~@process" "~@resources"
93 #RestrictRealtime = true;
94 #LockPersonality = true;
95 #MemoryDenyWriteExecute = true;
97 #ProtectHostname = true;
99 #StandardInput = "socket";
100 #StandardOutput = "socket";
101 #RestrictAddressFamilies = "";