about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--nixos/modules/module-list.nix1
-rw-r--r--nixos/modules/services/networking/dante.nix61
-rw-r--r--pkgs/servers/dante/default.nix23
-rw-r--r--pkgs/top-level/all-packages.nix2
4 files changed, 87 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index d82f1fbc54fd..4589f47e7c19 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -348,6 +348,7 @@
   ./services/networking/connman.nix
   ./services/networking/consul.nix
   ./services/networking/coturn.nix
+  ./services/networking/dante.nix
   ./services/networking/ddclient.nix
   ./services/networking/dhcpcd.nix
   ./services/networking/dhcpd.nix
diff --git a/nixos/modules/services/networking/dante.nix b/nixos/modules/services/networking/dante.nix
new file mode 100644
index 000000000000..8f4e15223ab0
--- /dev/null
+++ b/nixos/modules/services/networking/dante.nix
@@ -0,0 +1,61 @@
+{ config, lib, pkgs, ... }:
+with lib;
+
+let
+  cfg = config.services.dante;
+  confFile = pkgs.writeText "dante-sockd.conf" ''
+    user.privileged: root
+    user.unprivileged: dante
+
+    ${cfg.config}
+  '';
+in
+
+{
+  meta = {
+    maintainers = with maintainers; [ arobyn ];
+  };
+
+  options = {
+    services.dante = {
+      enable = mkEnableOption "Dante SOCKS proxy";
+
+      config = mkOption {
+        default     = null;
+        type        = types.str;
+        description = ''
+          Contents of Dante's configuration file
+          NOTE: user.privileged/user.unprivileged are set by the service
+        '';
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    assertions = [
+      { assertion   = cfg.config != null;
+        message     = "please provide Dante configuration file contents";
+      }
+    ];
+
+    users.users.dante = {
+      description   = "Dante SOCKS proxy daemon user";
+      isSystemUser  = true;
+      group         = "dante";
+    };
+    users.groups.dante = {};
+
+    systemd.services.dante = {
+      description   = "Dante SOCKS v4 and v5 compatible proxy server";
+      after         = [ "network.target" ];
+      wantedBy      = [ "multi-user.target" ];
+
+      serviceConfig = {
+        Type        = "simple";
+        ExecStart   = "${pkgs.dante}/bin/sockd -f ${confFile}";
+        ExecReload  = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+        Restart     = "always";
+      };
+    };
+  };
+}
diff --git a/pkgs/servers/dante/default.nix b/pkgs/servers/dante/default.nix
new file mode 100644
index 000000000000..044d4fa50ab2
--- /dev/null
+++ b/pkgs/servers/dante/default.nix
@@ -0,0 +1,23 @@
+{ stdenv, fetchurl }:
+
+stdenv.mkDerivation (rec {
+  name = "dante-${version}";
+  version = "1.4.1";
+
+  src = fetchurl {
+    url = "https://www.inet.no/dante/files/${name}.tar.gz";
+    sha256 = "0lsg3hk8zd2h9f08s13bn4l4pvyyzkj4gr4ppwa7vj7gdyyk5lmn";
+  };
+
+  configureFlags = [
+    "--with-libc=libc.so.6"
+  ];
+
+  meta = {
+    description = "A circuit-level SOCKS client/server that can be used to provide convenient and secure network connectivity.";
+    homepage    = "https://www.inet.no/dante/";
+    maintainers = [ stdenv.lib.maintainers.arobyn ];
+    license     = stdenv.lib.licenses.bsdOriginal;
+    platforms   = stdenv.lib.platforms.linux;
+  };
+})
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index e30762dd24a4..ad604d8380a0 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -791,6 +791,8 @@ in
 
   daemontools = callPackage ../tools/admin/daemontools { };
 
+  dante = callPackage ../servers/dante { };
+
   datamash = callPackage ../tools/misc/datamash { };
 
   datefudge = callPackage ../tools/system/datefudge { };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-29 20:28:24 +0000