nixos/modules/programs/wireshark.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / programs / wireshark.nix

at 24.11-pre 878 B view raw

 1{ config, lib, pkgs, ... }:
 2
 3let
 4  cfg = config.programs.wireshark;
 5  wireshark = cfg.package;
 6in {
 7  options = {
 8    programs.wireshark = {
 9      enable = lib.mkOption {
10        type = lib.types.bool;
11        default = false;
12        description = ''
13          Whether to add Wireshark to the global environment and configure a
14          setcap wrapper for 'dumpcap' for users in the 'wireshark' group.
15        '';
16      };
17      package = lib.mkPackageOption pkgs "wireshark-cli" {
18        example = "wireshark";
19      };
20    };
21  };
22
23  config = lib.mkIf cfg.enable {
24    environment.systemPackages = [ wireshark ];
25    users.groups.wireshark = {};
26
27    security.wrappers.dumpcap = {
28      source = "${wireshark}/bin/dumpcap";
29      capabilities = "cap_net_raw,cap_net_admin+eip";
30      owner = "root";
31      group = "wireshark";
32      permissions = "u+rx,g+x";
33    };
34  };
35}