about summary refs log tree commit diff
path: root/nixpkgs/nixos/modules/services/networking/corerad.nix
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2020-01-22 15:26:58 +0000
committerAlyssa Ross <hi@alyssa.is>2020-01-22 16:56:33 +0000
commit542f80867c380b0ac79250b6e5358dda8bc49e0d (patch)
treeaa5903f228b2f32c524a9a6e4f6dd94f8c5b869e /nixpkgs/nixos/modules/services/networking/corerad.nix
parentf69898c7d5b757342e6ab90d5fcc7c9aea9f5ff4 (diff)
parent90441b4b47fc7280de6a5bd1a228017caaa0f97f (diff)
downloadnixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.gz
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.bz2
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.lz
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.xz
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.tar.zst
nixlib-542f80867c380b0ac79250b6e5358dda8bc49e0d.zip
Merge commit '90441b4b47fc7280de6a5bd1a228017caaa0f97f'
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/corerad.nix')
-rw-r--r--nixpkgs/nixos/modules/services/networking/corerad.nix46


1 files changed, 46 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/corerad.nix b/nixpkgs/nixos/modules/services/networking/corerad.nix
new file mode 100644
index 000000000000..1a2c4aec6651
--- /dev/null
+++ b/nixpkgs/nixos/modules/services/networking/corerad.nix
@@ -0,0 +1,46 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.corerad;
+in {
+  meta = {
+    maintainers = with maintainers; [ mdlayher ];
+  };
+
+  options.services.corerad = {
+    enable = mkEnableOption "CoreRAD IPv6 NDP RA daemon";
+
+    configFile = mkOption {
+      type = types.path;
+      example = literalExample "\"\${pkgs.corerad}/etc/corerad/corerad.toml\"";
+      description = "Path to CoreRAD TOML configuration file.";
+    };
+
+    package = mkOption {
+      default = pkgs.corerad;
+      defaultText = literalExample "pkgs.corerad";
+      type = types.package;
+      description = "CoreRAD package to use.";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.services.corerad = {
+      description = "CoreRAD IPv6 NDP RA daemon";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        LimitNPROC = 512;
+        LimitNOFILE = 1048576;
+        CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_RAW";
+        AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW";
+        NoNewPrivileges = true;
+        DynamicUser = true;
+        ExecStart = "${getBin cfg.package}/bin/corerad -c=${cfg.configFile}";
+        Restart = "on-failure";
+      };
+    };
+  };
+}

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-10 13:41:01 +0000