nixos/modules/services/networking/bird-lg.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / networking / bird-lg.nix
at 23.05-pre 8.5 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3with lib;
  4
  5let
  6  cfg = config.services.bird-lg;
  7in
  8{
  9  options = {
 10    services.bird-lg = {
 11      package = mkOption {
 12        type = types.package;
 13        default = pkgs.bird-lg;
 14        defaultText = literalExpression "pkgs.bird-lg";
 15        description = lib.mdDoc "The Bird Looking Glass package to use.";
 16      };
 17
 18      user = mkOption {
 19        type = types.str;
 20        default = "bird-lg";
 21        description = lib.mdDoc "User to run the service.";
 22      };
 23
 24      group = mkOption {
 25        type = types.str;
 26        default = "bird-lg";
 27        description = lib.mdDoc "Group to run the service.";
 28      };
 29
 30      frontend = {
 31        enable = mkEnableOption (lib.mdDoc "Bird Looking Glass Frontend Webserver");
 32
 33        listenAddress = mkOption {
 34          type = types.str;
 35          default = "127.0.0.1:5000";
 36          description = lib.mdDoc "Address to listen on.";
 37        };
 38
 39        proxyPort = mkOption {
 40          type = types.port;
 41          default = 8000;
 42          description = lib.mdDoc "Port bird-lg-proxy is running on.";
 43        };
 44
 45        domain = mkOption {
 46          type = types.str;
 47          default = "";
 48          example = "dn42.lantian.pub";
 49          description = lib.mdDoc "Server name domain suffixes.";
 50        };
 51
 52        servers = mkOption {
 53          type = types.listOf types.str;
 54          default = [ ];
 55          example = [ "gigsgigscloud" "hostdare" ];
 56          description = lib.mdDoc "Server name prefixes.";
 57        };
 58
 59        whois = mkOption {
 60          type = types.str;
 61          default = "whois.verisign-grs.com";
 62          description = lib.mdDoc "Whois server for queries.";
 63        };
 64
 65        dnsInterface = mkOption {
 66          type = types.str;
 67          default = "asn.cymru.com";
 68          description = lib.mdDoc "DNS zone to query ASN information.";
 69        };
 70
 71        bgpMapInfo = mkOption {
 72          type = types.listOf types.str;
 73          default = [ "asn" "as-name" "ASName" "descr" ];
 74          description = lib.mdDoc "Information displayed in bgpmap.";
 75        };
 76
 77        titleBrand = mkOption {
 78          type = types.str;
 79          default = "Bird-lg Go";
 80          description = lib.mdDoc "Prefix of page titles in browser tabs.";
 81        };
 82
 83        netSpecificMode = mkOption {
 84          type = types.str;
 85          default = "";
 86          example = "dn42";
 87          description = lib.mdDoc "Apply network-specific changes for some networks.";
 88        };
 89
 90        protocolFilter = mkOption {
 91          type = types.listOf types.str;
 92          default = [ ];
 93          example = [ "ospf" ];
 94          description = lib.mdDoc "Information displayed in bgpmap.";
 95        };
 96
 97        nameFilter = mkOption {
 98          type = types.str;
 99          default = "";
100          example = "^ospf";
101          description = lib.mdDoc "Protocol names to hide in summary tables (RE2 syntax),";
102        };
103
104        timeout = mkOption {
105          type = types.int;
106          default = 120;
107          description = lib.mdDoc "Time before request timed out, in seconds.";
108        };
109
110        navbar = {
111          brand = mkOption {
112            type = types.str;
113            default = "Bird-lg Go";
114            description = lib.mdDoc "Brand to show in the navigation bar .";
115          };
116
117          brandURL = mkOption {
118            type = types.str;
119            default = "/";
120            description = lib.mdDoc "URL of the brand to show in the navigation bar.";
121          };
122
123          allServers = mkOption {
124            type = types.str;
125            default = "ALL Servers";
126            description = lib.mdDoc "Text of 'All server' button in the navigation bar.";
127          };
128
129          allServersURL = mkOption {
130            type = types.str;
131            default = "all";
132            description = lib.mdDoc "URL of 'All servers' button.";
133          };
134        };
135
136        extraArgs = mkOption {
137          type = types.lines;
138          default = "";
139          description = lib.mdDoc ''
140            Extra parameters documented [here](https://github.com/xddxdd/bird-lg-go#frontend).
141          '';
142        };
143      };
144
145      proxy = {
146        enable = mkEnableOption (lib.mdDoc "Bird Looking Glass Proxy");
147
148        listenAddress = mkOption {
149          type = types.str;
150          default = "127.0.0.1:8000";
151          description = lib.mdDoc "Address to listen on.";
152        };
153
154        allowedIPs = mkOption {
155          type = types.listOf types.str;
156          default = [ ];
157          example = [ "192.168.25.52" "192.168.25.53" ];
158          description = lib.mdDoc "List of IPs to allow (default all allowed).";
159        };
160
161        birdSocket = mkOption {
162          type = types.str;
163          default = "/run/bird.ctl";
164          example = "/var/run/bird/bird.ctl";
165          description = lib.mdDoc "Bird control socket path.";
166        };
167
168        traceroute = {
169          binary = mkOption {
170            type = types.str;
171            default = "${pkgs.traceroute}/bin/traceroute";
172            defaultText = literalExpression ''"''${pkgs.traceroute}/bin/traceroute"'';
173            description = lib.mdDoc "Traceroute's binary path.";
174          };
175
176          rawOutput = mkOption {
177            type = types.bool;
178            default = false;
179            description = lib.mdDoc "Display traceroute output in raw format.";
180          };
181        };
182
183        extraArgs = mkOption {
184          type = types.lines;
185          default = "";
186          description = lib.mdDoc ''
187            Extra parameters documented [here](https://github.com/xddxdd/bird-lg-go#proxy).
188          '';
189        };
190      };
191    };
192  };
193
194  ###### implementation
195
196  config = {
197    systemd.services = {
198      bird-lg-frontend = mkIf cfg.frontend.enable {
199        enable = true;
200        after = [ "network.target" ];
201        wantedBy = [ "multi-user.target" ];
202        description = "Bird Looking Glass Frontend Webserver";
203        serviceConfig = {
204          Type = "simple";
205          Restart = "on-failure";
206          ProtectSystem = "full";
207          ProtectHome = "yes";
208          MemoryDenyWriteExecute = "yes";
209          User = cfg.user;
210          Group = cfg.group;
211        };
212        script = ''
213          ${cfg.package}/bin/frontend \
214            --servers ${concatStringsSep "," cfg.frontend.servers } \
215            --domain ${cfg.frontend.domain} \
216            --listen ${cfg.frontend.listenAddress} \
217            --proxy-port ${toString cfg.frontend.proxyPort} \
218            --whois ${cfg.frontend.whois} \
219            --dns-interface ${cfg.frontend.dnsInterface} \
220            --bgpmap-info ${concatStringsSep "," cfg.frontend.bgpMapInfo } \
221            --title-brand ${cfg.frontend.titleBrand} \
222            --navbar-brand ${cfg.frontend.navbar.brand} \
223            --navbar-brand-url ${cfg.frontend.navbar.brandURL} \
224            --navbar-all-servers ${cfg.frontend.navbar.allServers} \
225            --navbar-all-url ${cfg.frontend.navbar.allServersURL} \
226            --net-specific-mode ${cfg.frontend.netSpecificMode} \
227            --protocol-filter ${concatStringsSep "," cfg.frontend.protocolFilter } \
228            --name-filter ${cfg.frontend.nameFilter} \
229            --time-out ${toString cfg.frontend.timeout} \
230            ${cfg.frontend.extraArgs}
231        '';
232      };
233
234      bird-lg-proxy = mkIf cfg.proxy.enable {
235        enable = true;
236        after = [ "network.target" ];
237        wantedBy = [ "multi-user.target" ];
238        description = "Bird Looking Glass Proxy";
239        serviceConfig = {
240          Type = "simple";
241          Restart = "on-failure";
242          ProtectSystem = "full";
243          ProtectHome = "yes";
244          MemoryDenyWriteExecute = "yes";
245          User = cfg.user;
246          Group = cfg.group;
247        };
248        script = ''
249          ${cfg.package}/bin/proxy \
250          --allowed ${concatStringsSep "," cfg.proxy.allowedIPs } \
251          --bird ${cfg.proxy.birdSocket} \
252          --listen ${cfg.proxy.listenAddress} \
253          --traceroute_bin ${cfg.proxy.traceroute.binary}
254          --traceroute_raw ${boolToString cfg.proxy.traceroute.rawOutput}
255          ${cfg.proxy.extraArgs}
256        '';
257      };
258    };
259    users = mkIf (cfg.frontend.enable || cfg.proxy.enable) {
260      groups."bird-lg" = mkIf (cfg.group == "bird-lg") { };
261      users."bird-lg" = mkIf (cfg.user == "bird-lg") {
262        description = "Bird Looking Glass user";
263        extraGroups = lib.optionals (config.services.bird2.enable) [ "bird2" ];
264        group = cfg.group;
265        isSystemUser = true;
266      };
267    };
268  };
269}