diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/tinc.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/networking/tinc.nix | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/tinc.nix b/nixpkgs/nixos/modules/services/networking/tinc.nix index eb769f53901c..5f625c10840b 100644 --- a/nixpkgs/nixos/modules/services/networking/tinc.nix +++ b/nixpkgs/nixos/modules/services/networking/tinc.nix @@ -24,13 +24,13 @@ let options = { address = mkOption { type = types.str; - description = lib.mdDoc "The external IP address or hostname where the host can be reached."; + description = "The external IP address or hostname where the host can be reached."; }; port = mkOption { type = types.nullOr types.port; default = null; - description = lib.mdDoc '' + description = '' The port where the host can be reached. If no port is specified, the default Port is used. @@ -43,7 +43,7 @@ let options = { address = mkOption { type = types.str; - description = lib.mdDoc '' + description = '' The subnet of this host. Subnets can either be single MAC, IPv4 or IPv6 addresses, in which case @@ -60,7 +60,7 @@ let prefixLength = mkOption { type = with types; nullOr (addCheck int (n: n >= 0 && n <= 128)); default = null; - description = lib.mdDoc '' + description = '' The prefix length of the subnet. If null, a subnet consisting of only that single address is assumed. @@ -72,7 +72,7 @@ let weight = mkOption { type = types.ints.unsigned; default = 10; - description = lib.mdDoc '' + description = '' Indicates the priority over identical Subnets owned by different nodes. Lower values indicate higher priority. Packets will be sent to the @@ -89,7 +89,7 @@ let addresses = mkOption { type = types.listOf (types.submodule addressSubmodule); default = [ ]; - description = lib.mdDoc '' + description = '' The external address where the host can be reached. This will set this host's {option}`settings.Address` option. @@ -100,7 +100,7 @@ let subnets = mkOption { type = types.listOf (types.submodule subnetSubmodule); default = [ ]; - description = lib.mdDoc '' + description = '' The subnets which this tinc daemon will serve. This will set this host's {option}`settings.Subnet` option. @@ -114,7 +114,7 @@ let rsaPublicKey = mkOption { type = types.str; default = ""; - description = lib.mdDoc '' + description = '' Legacy RSA public key of the host in PEM format, including start and end markers. @@ -128,7 +128,7 @@ let settings = mkOption { default = { }; type = types.submodule { freeformType = tincConfType; }; - description = lib.mdDoc '' + description = '' Configuration for this host. See <https://tinc-vpn.org/documentation-1.1/Host-configuration-variables.html> @@ -167,7 +167,7 @@ in extraConfig = mkOption { default = ""; type = types.lines; - description = lib.mdDoc '' + description = '' Extra lines to add to the tinc service configuration file. Note that using the declarative {option}`service.tinc.networks.<name>.settings` @@ -178,7 +178,7 @@ in name = mkOption { default = null; type = types.nullOr types.str; - description = lib.mdDoc '' + description = '' The name of the node which is used as an identifier when communicating with the remote nodes in the mesh. If null then the hostname of the system is used to derive a name (note that tinc may replace non-alphanumeric characters in @@ -189,7 +189,7 @@ in ed25519PrivateKeyFile = mkOption { default = null; type = types.nullOr types.path; - description = lib.mdDoc '' + description = '' Path of the private ed25519 keyfile. ''; }; @@ -197,7 +197,7 @@ in rsaPrivateKeyFile = mkOption { default = null; type = types.nullOr types.path; - description = lib.mdDoc '' + description = '' Path of the private RSA keyfile. ''; }; @@ -205,7 +205,7 @@ in debugLevel = mkOption { default = 0; type = types.addCheck types.int (l: l >= 0 && l <= 5); - description = lib.mdDoc '' + description = '' The amount of debugging information to add to the log. 0 means little logging while 5 is the most logging. {command}`man tincd` for more details. @@ -215,7 +215,7 @@ in hosts = mkOption { default = { }; type = types.attrsOf types.lines; - description = lib.mdDoc '' + description = '' The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores. @@ -249,7 +249,7 @@ in } ''; type = types.attrsOf (types.submodule hostSubmodule); - description = lib.mdDoc '' + description = '' The name of the host in the network as well as the configuration for that host. This name should only contain alphanumerics and underscores. ''; @@ -258,7 +258,7 @@ in interfaceType = mkOption { default = "tun"; type = types.enum [ "tun" "tap" ]; - description = lib.mdDoc '' + description = '' The type of virtual interface used for the network connection. ''; }; @@ -266,7 +266,7 @@ in listenAddress = mkOption { default = null; type = types.nullOr types.str; - description = lib.mdDoc '' + description = '' The ip address to listen on for incoming connections. ''; }; @@ -274,7 +274,7 @@ in bindToAddress = mkOption { default = null; type = types.nullOr types.str; - description = lib.mdDoc '' + description = '' The ip address to bind to (both listen on and send packets from). ''; }; @@ -284,7 +284,7 @@ in chroot = mkOption { default = false; type = types.bool; - description = lib.mdDoc '' + description = '' Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security. The chroot is performed after all the initialization is done, after writing pid files and opening network sockets. @@ -302,7 +302,7 @@ in Mode = "switch"; } ''; - description = lib.mdDoc '' + description = '' Configuration of the Tinc daemon for this network. See <https://tinc-vpn.org/documentation-1.1/Main-configuration-variables.html> @@ -330,7 +330,7 @@ in }; })); - description = lib.mdDoc '' + description = '' Defines the tinc networks which will be started. Each network invokes a different daemon. ''; @@ -348,7 +348,7 @@ in (flip mapAttrsToList cfg.networks (network: data: flip mapAttrs' data.hosts (host: text: nameValuePair ("tinc/${network}/hosts/${host}") - ({ mode = "0644"; user = "tinc.${network}"; inherit text; }) + ({ mode = "0644"; user = "tinc-${network}"; inherit text; }) ) // { "tinc/${network}/tinc.conf" = { mode = "0444"; @@ -375,13 +375,13 @@ in Restart = "always"; RestartSec = "3"; ExecReload = mkIf (versionAtLeast version "1.1pre") "${data.package}/bin/tinc -n ${network} reload"; - ExecStart = "${data.package}/bin/tincd -D -U tinc.${network} -n ${network} ${optionalString (data.chroot) "-R"} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel}"; + ExecStart = "${data.package}/bin/tincd -D -U tinc-${network} -n ${network} ${optionalString (data.chroot) "-R"} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel}"; }; preStart = '' mkdir -p /etc/tinc/${network}/hosts - chown tinc.${network} /etc/tinc/${network}/hosts + chown tinc-${network} /etc/tinc/${network}/hosts mkdir -p /etc/tinc/${network}/invitations - chown tinc.${network} /etc/tinc/${network}/invitations + chown tinc-${network} /etc/tinc/${network}/invitations # Determine how we should generate our keys if type tinc >/dev/null 2>&1; then @@ -420,14 +420,14 @@ in in [ cli-wrappers ]; users.users = flip mapAttrs' cfg.networks (network: _: - nameValuePair ("tinc.${network}") ({ + nameValuePair ("tinc-${network}") ({ description = "Tinc daemon user for ${network}"; isSystemUser = true; - group = "tinc.${network}"; + group = "tinc-${network}"; }) ); users.groups = flip mapAttrs' cfg.networks (network: _: - nameValuePair "tinc.${network}" {} + nameValuePair "tinc-${network}" {} ); }); |