pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / networking / gvpe.nix
at release-16.03-start 3.1 kB view raw
1# GNU Virtual Private Ethernet 2 3{config, pkgs, lib, ...}: 4 5let 6 inherit (lib) mkOption mkIf; 7 8 cfg = config.services.gvpe; 9 10 finalConfig = if cfg.configFile != null then 11 cfg.configFile 12 else if cfg.configText != null then 13 pkgs.writeTextFile { 14 name = "gvpe.conf"; 15 text = cfg.configText; 16 } 17 else 18 throw "You must either specify contents of the config file or the config file itself for GVPE"; 19 20 ifupScript = if cfg.ipAddress == null || cfg.subnet == null then 21 throw "Specify IP address and subnet (with mask) for GVPE" 22 else if cfg.nodename == null then 23 throw "You must set node name for GVPE" 24 else 25 (pkgs.writeTextFile { 26 name = "gvpe-if-up"; 27 text = '' 28 #! /bin/sh 29 30 export PATH=$PATH:${pkgs.iproute}/sbin 31 32 ip link set $IFNAME up 33 ip address add ${cfg.ipAddress} dev $IFNAME 34 ip route add ${cfg.subnet} dev $IFNAME 35 36 ${cfg.customIFSetup} 37 ''; 38 executable = true; 39 }); 40in 41 42{ 43 options = { 44 services.gvpe = { 45 enable = mkOption { 46 default = false; 47 description = '' 48 Whether to run gvpe 49 ''; 50 }; 51 nodename = mkOption { 52 default = null; 53 description ='' 54 GVPE node name 55 ''; 56 }; 57 configText = mkOption { 58 default = null; 59 example = '' 60 tcp-port = 655 61 udp-port = 655 62 mtu = 1480 63 ifname = vpn0 64 65 node = alpha 66 hostname = alpha.example.org 67 connect = always 68 enable-udp = true 69 enable-tcp = true 70 on alpha if-up = if-up-0 71 on alpha pid-file = /var/gvpe/gvpe.pid 72 ''; 73 description = '' 74 GVPE config contents 75 ''; 76 }; 77 configFile = mkOption { 78 default = null; 79 example = "/root/my-gvpe-conf"; 80 description = '' 81 GVPE config file, if already present 82 ''; 83 }; 84 ipAddress = mkOption { 85 default = null; 86 description = '' 87 IP address to assign to GVPE interface 88 ''; 89 }; 90 subnet = mkOption { 91 default = null; 92 example = "10.0.0.0/8"; 93 description = '' 94 IP subnet assigned to GVPE network 95 ''; 96 }; 97 customIFSetup = mkOption { 98 default = ""; 99 description = '' 100 Additional commands to apply in ifup script 101 ''; 102 }; 103 }; 104 }; 105 config = mkIf cfg.enable { 106 systemd.services.gvpe = { 107 description = "GNU Virtual Private Ethernet node"; 108 after = [ "network-interfaces.target" ]; 109 wantedBy = [ "multi-user.target" ]; 110 111 preStart = '' 112 mkdir -p /var/gvpe 113 mkdir -p /var/gvpe/pubkey 114 chown root /var/gvpe 115 chmod 700 /var/gvpe 116 cp ${finalConfig} /var/gvpe/gvpe.conf 117 cp ${ifupScript} /var/gvpe/if-up 118 ''; 119 120 script = "${pkgs.gvpe}/sbin/gvpe -c /var/gvpe -D ${cfg.nodename} " 121 + " ${cfg.nodename}.pid-file=/var/gvpe/gvpe.pid" 122 + " ${cfg.nodename}.if-up=if-up" 123 + " &> /var/log/gvpe"; 124 125 serviceConfig.Restart = "always"; 126 }; 127 }; 128}