nixos/modules/programs/wireshark.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / programs / wireshark.nix

at 23.11-pre 1.1 kB view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5let
 6  cfg = config.programs.wireshark;
 7  wireshark = cfg.package;
 8in {
 9  options = {
10    programs.wireshark = {
11      enable = mkOption {
12        type = types.bool;
13        default = false;
14        description = lib.mdDoc ''
15          Whether to add Wireshark to the global environment and configure a
16          setcap wrapper for 'dumpcap' for users in the 'wireshark' group.
17        '';
18      };
19      package = mkOption {
20        type = types.package;
21        default = pkgs.wireshark-cli;
22        defaultText = literalExpression "pkgs.wireshark-cli";
23        description = lib.mdDoc ''
24          Which Wireshark package to install in the global environment.
25        '';
26      };
27    };
28  };
29
30  config = mkIf cfg.enable {
31    environment.systemPackages = [ wireshark ];
32    users.groups.wireshark = {};
33
34    security.wrappers.dumpcap = {
35      source = "${wireshark}/bin/dumpcap";
36      capabilities = "cap_net_raw,cap_net_admin+eip";
37      owner = "root";
38      group = "wireshark";
39      permissions = "u+rx,g+x";
40    };
41  };
42}