pyrox.dev
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7
8let
9 cfg = config.programs.nethoscope;
10in
11{
12 meta.maintainers = with lib.maintainers; [ _0x4A6F ];
13
14 options = {
15 programs.nethoscope = {
16 enable = lib.mkOption {
17 type = lib.types.bool;
18 default = false;
19 description = ''
20 Whether to add nethoscope to the global environment and configure a
21 setcap wrapper for it.
22 '';
23 };
24 };
25 };
26
27 config = lib.mkIf cfg.enable {
28 environment.systemPackages = with pkgs; [ nethoscope ];
29 security.wrappers.nethoscope = {
30 source = "${pkgs.nethoscope}/bin/nethoscope";
31 capabilities = "cap_net_raw,cap_net_admin=eip";
32 };
33 };
34}