pyrox.dev
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7
8with lib;
9
10let
11 globalCfg = config.services.scion;
12 cfg = config.services.scion.scion-control;
13 toml = pkgs.formats.toml { };
14 connectionDir = if globalCfg.stateless then "/run" else "/var/lib";
15 defaultConfig = {
16 general = {
17 id = "cs";
18 config_dir = "/etc/scion";
19 };
20 beacon_db = {
21 connection = "${connectionDir}/scion-control/control.beacon.db";
22 };
23 path_db = {
24 connection = "${connectionDir}/scion-control/control.path.db";
25 };
26 trust_db = {
27 connection = "${connectionDir}/scion-control/control.trust.db";
28 };
29 log.console = {
30 level = "info";
31 };
32 };
33 configFile = toml.generate "scion-control.toml" (recursiveUpdate defaultConfig cfg.settings);
34in
35{
36 options.services.scion.scion-control = {
37 enable = mkEnableOption "the scion-control service";
38 settings = mkOption {
39 default = { };
40 type = toml.type;
41 example = literalExpression ''
42 {
43 path_db = {
44 connection = "/run/scion-control/control.path.db";
45 };
46 log.console = {
47 level = "info";
48 };
49 }
50 '';
51 description = ''
52 scion-control configuration. Refer to
53 <https://docs.scion.org/en/latest/manuals/common.html>
54 for details on supported values.
55 '';
56 };
57 };
58 config = mkIf cfg.enable {
59 systemd.services.scion-control = {
60 description = "SCION Control Service";
61 after = [
62 "network-online.target"
63 "scion-dispatcher.service"
64 ];
65 wants = [
66 "network-online.target"
67 "scion-dispatcher.service"
68 ];
69 wantedBy = [ "multi-user.target" ];
70 serviceConfig = {
71 Type = "simple";
72 Group = if (config.services.scion.scion-dispatcher.enable == true) then "scion" else null;
73 ExecStart = "${globalCfg.package}/bin/scion-control --config ${configFile}";
74 DynamicUser = true;
75 Restart = "on-failure";
76 BindPaths = [ "/dev/shm:/run/shm" ];
77 ${if globalCfg.stateless then "RuntimeDirectory" else "StateDirectory"} = "scion-control";
78 };
79 };
80 };
81}