nixpkgs/nixos/modules/programs/nexttrace.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

{ config, lib, pkgs, ... }:

let
  cfg = config.programs.nexttrace;

in
{
  options = {
    programs.nexttrace = {
      enable = lib.mkEnableOption (lib.mdDoc "Nexttrace to the global environment and configure a setcap wrapper for it");
      package = lib.mkPackageOption pkgs "nexttrace" { };
    };
  };

  config = lib.mkIf cfg.enable {
    environment.systemPackages = [ cfg.package ];

    security.wrappers.nexttrace = {
      owner = "root";
      group = "root";
      capabilities = "cap_net_raw,cap_net_admin+eip";
      source = "${cfg.package}/bin/nexttrace";
    };
  };
}