{ config, pkgs, lib, ... }: with lib; let cfg = config.services.ssh-cert-dist; directoryModule = { name, ... }: { options = { name = mkOption { type = types.str; default = last (splitString "/" name); }; fetch = mkOption { type = types.bool; default = true; }; upload = mkOption { type = types.bool; default = false; }; }; }; in { options.services.ssh-cert-dist = { enable = mkEnableOption "ssh-cert-dist"; endpoint = mkOption { type = types.str; description = "API endpoint url"; }; package = mkOption { type = types.package; default = pkgs.ssh-cert-dist; }; directories = mkOption { type = with types; attrsOf (submodule directoryModule); default = { }; }; }; config.systemd.user.services = mkIf cfg.enable (mapAttrs' (path: options: { inherit (options) name; value = { Unit.Description = "ssh-cert-dist service for ${path}"; Service = { Environment = "RUST_LOG=debug"; ExecStart = toString (pkgs.writeShellApplication { name = "ssh-cert-dist-${options.name}"; runtimeInputs = [ cfg.package ]; text = '' ${optionalString options.fetch '' ssh-cert-dist client fetch --cert-dir '${path}' --api-endpoint '${cfg.endpoint}' ''} ${optionalString options.upload '' ssh-cert-dist client upload --api-endpoint '${cfg.endpoint}' ${path}/* ''} ''; }); }; }; }) cfg.directories); options.programs.ssh-cert-dist = { enable = mkEnableOption "ssh-cert-dist"; package = mkOption { type = types.package; default = pkgs.ssh-cert-dist; }; endpoint = mkOption { type = types.str; description = "API endpoint url"; }; }; config.home = let cfg = config.programs.ssh-cert-dist; in mkIf cfg.enable { packages = [ cfg.package ]; sessionVariables.SSH_CD_API = cfg.endpoint; }; }