diff options
author | Alyssa Ross <hi@alyssa.is> | 2020-01-22 15:26:58 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2020-01-22 16:56:33 +0000 |
commit | 542f80867c380b0ac79250b6e5358dda8bc49e0d (patch) | |
tree | aa5903f228b2f32c524a9a6e4f6dd94f8c5b869e /nixpkgs/nixos/modules/services/networking/corerad.nix | |
parent | f69898c7d5b757342e6ab90d5fcc7c9aea9f5ff4 (diff) | |
parent | 90441b4b47fc7280de6a5bd1a228017caaa0f97f (diff) | |
download | nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.gz nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.bz2 nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.lz nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.xz nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.zst nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.zip |
Merge commit '90441b4b47fc7280de6a5bd1a228017caaa0f97f'
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/corerad.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/corerad.nix | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/corerad.nix b/nixpkgs/nixos/modules/services/networking/corerad.nix new file mode 100644 index 000000000000..1a2c4aec6651 --- /dev/null +++ b/nixpkgs/nixos/modules/services/networking/corerad.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.corerad; +in { + meta = { + maintainers = with maintainers; [ mdlayher ]; + }; + + options.services.corerad = { + enable = mkEnableOption "CoreRAD IPv6 NDP RA daemon"; + + configFile = mkOption { + type = types.path; + example = literalExample "\"\${pkgs.corerad}/etc/corerad/corerad.toml\""; + description = "Path to CoreRAD TOML configuration file."; + }; + + package = mkOption { + default = pkgs.corerad; + defaultText = literalExample "pkgs.corerad"; + type = types.package; + description = "CoreRAD package to use."; + }; + }; + + config = mkIf cfg.enable { + systemd.services.corerad = { + description = "CoreRAD IPv6 NDP RA daemon"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + LimitNPROC = 512; + LimitNOFILE = 1048576; + CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW"; + AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW"; + NoNewPrivileges = true; + DynamicUser = true; + ExecStart = "${getBin cfg.package}/bin/corerad -c=${cfg.configFile}"; + Restart = "on-failure"; + }; + }; + }; +} |