diff options
| author | joachifm <joachifm@users.noreply.github.com> | 2016-04-08 02:19:32 +0200 |
|---|---|---|
| committer | joachifm <joachifm@users.noreply.github.com> | 2016-04-08 02:19:32 +0200 |
| commit | 6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f (patch) | |
| tree | 5ca5917b86f7ea35b4176148fbd8860dbf2344c6 /nixos | |
| parent | 62ef65f31fa149a0c57c622fdbe05f649b2d41f5 (diff) | |
| parent | 879778091a5f8280a72a577b536137fa7a7a852a (diff) | |
| download | nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar.gz nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar.bz2 nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar.lz nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar.xz nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.tar.zst nixlib-6d2df6d578f903e79d00b8d9de7d6dfdce32bb4f.zip | |
Merge pull request #14222 from Pleune/fix/iodined-client-mode
iodine service: add client mode implimentation
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/module-list.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/rename.nix | 7 | ||||
| -rw-r--r-- | nixos/modules/services/networking/iodine.nix | 136 | ||||
| -rw-r--r-- | nixos/modules/services/networking/iodined.nix | 86 |
4 files changed, 144 insertions, 87 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index fd479763c0a0..7bcc5b849417 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -328,7 +328,7 @@ ./services/networking/hostapd.nix ./services/networking/i2pd.nix ./services/networking/i2p.nix - ./services/networking/iodined.nix + ./services/networking/iodine.nix ./services/networking/ircd-hybrid/default.nix ./services/networking/kippo.nix ./services/networking/lambdabot.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index c6a781b6f00f..84eccfd51292 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -101,6 +101,13 @@ with lib; # Enlightenment (mkRenamedOptionModule [ "services" "xserver" "desktopManager" "e19" "enable" ] [ "services" "xserver" "desktopManager" "enlightenment" "enable" ]) + # Iodine + (mkRenamedOptionModule [ "services" "iodined" "enable" ] [ "services" "iodine" "server" "enable" ]) + (mkRenamedOptionModule [ "services" "iodined" "domain" ] [ "services" "iodine" "server" "domain" ]) + (mkRenamedOptionModule [ "services" "iodined" "ip" ] [ "services" "iodine" "server" "ip" ]) + (mkRenamedOptionModule [ "services" "iodined" "extraConfig" ] [ "services" "iodine" "server" "extraConfig" ]) + (mkRemovedOptionModule [ "services" "iodined" "client" ]) + # Options that are obsolete and have no replacement. (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ]) (mkRemovedOptionModule [ "programs" "bash" "enable" ]) diff --git a/nixos/modules/services/networking/iodine.nix b/nixos/modules/services/networking/iodine.nix new file mode 100644 index 000000000000..1b0d2d9a517c --- /dev/null +++ b/nixos/modules/services/networking/iodine.nix @@ -0,0 +1,136 @@ +# NixOS module for iodine, ip over dns daemon + +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.iodine; + + iodinedUser = "iodined"; + +in +{ + + ### configuration + + options = { + + services.iodine = { + clients = mkOption { + default = {}; + description = '' + Each attribute of this option defines a systemd service that + runs iodine. Many or none may be defined. + The name of each service is + <literal>iodine-<replaceable>name</replaceable></literal> + where <replaceable>name</replaceable> is the name of the + corresponding attribute name. + ''; + example = literalExample '' + { + foo = { + server = "tunnel.mdomain.com"; + relay = "8.8.8.8"; + extraConfig = "-P mysecurepassword"; + } + } + ''; + type = types.attrsOf (types.submodule ( + { + options = { + server = mkOption { + type = types.str; + default = ""; + description = "Domain or Subdomain of server running iodined"; + example = "tunnel.mydomain.com"; + }; + + relay = mkOption { + type = types.str; + default = ""; + description = "DNS server to use as a intermediate relay to the iodined server"; + example = "8.8.8.8"; + }; + + extraConfig = mkOption { + type = types.str; + default = ""; + description = "Additional command line parameters"; + example = "-P mysecurepassword -l 192.168.1.10 -p 23"; + }; + }; + })); + }; + + server = { + enable = mkOption { + type = types.bool; + default = false; + description = "enable iodined server"; + }; + + ip = mkOption { + type = types.str; + default = ""; + description = "The assigned ip address or ip range"; + example = "172.16.10.1/24"; + }; + + domain = mkOption { + type = types.str; + default = ""; + description = "Domain or subdomain of which nameservers point to us"; + example = "tunnel.mydomain.com"; + }; + + extraConfig = mkOption { + type = types.str; + default = ""; + description = "Additional command line parameters"; + example = "-P mysecurepassword -l 192.168.1.10 -p 23"; + }; + }; + + }; + }; + + ### implementation + + config = mkIf (cfg.server.enable || cfg.clients != {}) { + environment.systemPackages = [ pkgs.iodine ]; + boot.kernelModules = [ "tun" ]; + + systemd.services = + let + createIodineClientService = name: cfg: + { + description = "iodine client - ${name}"; + wantedBy = [ "ip-up.target" ]; + serviceConfig = { + RestartSec = "30s"; + Restart = "always"; + ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}"; + }; + }; + in + listToAttrs ( + mapAttrsToList + (name: value: nameValuePair "iodine-${name}" (createIodineClientService name value)) + cfg.clients + ) // { + iodined = mkIf (cfg.server.enable) { + description = "iodine, ip over dns server daemon"; + wantedBy = [ "ip-up.target" ]; + serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}"; + }; + }; + + users.extraUsers = singleton { + name = iodinedUser; + uid = config.ids.uids.iodined; + description = "Iodine daemon user"; + }; + users.extraGroups.iodined.gid = config.ids.gids.iodined; + }; +} diff --git a/nixos/modules/services/networking/iodined.nix b/nixos/modules/services/networking/iodined.nix deleted file mode 100644 index 20d371c4e2d1..000000000000 --- a/nixos/modules/services/networking/iodined.nix +++ /dev/null @@ -1,86 +0,0 @@ -# NixOS module for iodine, ip over dns daemon - -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.iodined; - - iodinedUser = "iodined"; - -in - -{ - - ### configuration - - options = { - - services.iodined = { - - enable = mkOption { - type = types.bool; - default = false; - description = "Enable iodine, ip over dns daemon"; - }; - - client = mkOption { - type = types.bool; - default = false; - description = "Start iodine in client mode"; - }; - - ip = mkOption { - type = types.str; - default = ""; - description = "Assigned ip address or ip range"; - example = "172.16.10.1/24"; - }; - - domain = mkOption { - type = types.str; - default = ""; - description = "Domain or subdomain of which nameservers point to us"; - example = "tunnel.mydomain.com"; - }; - - extraConfig = mkOption { - type = types.str; - default = ""; - description = "Additional command line parameters"; - example = "-P mysecurepassword -l 192.168.1.10 -p 23"; - }; - - }; - - }; - - ### implementation - - config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.iodine ]; - boot.kernelModules = [ "tun" ]; - - systemd.services.iodined = { - description = "iodine, ip over dns daemon"; - wantedBy = [ "ip-up.target" ]; - serviceConfig.ExecStart = "${pkgs.iodine}/sbin/iodined -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.ip} ${cfg.domain}"; - }; - - - users.extraUsers = singleton { - name = iodinedUser; - uid = config.ids.uids.iodined; - description = "Iodine daemon user"; - }; - users.extraGroups.iodined.gid = config.ids.gids.iodined; - - assertions = [{ assertion = if !cfg.client then cfg.ip != "" else true; - message = "cannot start iodined without ip set";} - { assertion = cfg.domain != ""; - message = "cannot start iodined without domain name set";}]; - - }; - -} |