commit 1a742a9f80225738c26ffabd9a1cbbb2c02232dc · pyrox.dev/nixpkgs

nixos/modules/module-list.nix

···

       856
        
         ./services/misc/tautulli.nix

     

       857
        
         ./services/misc/tiddlywiki.nix

     

       858
        
         ./services/misc/tp-auto-kbbl.nix

     

       0
        
       
     

       859
        
         ./services/misc/tuxclocker.nix

     

       860
        
         ./services/misc/transfer-sh.nix

     

       861
        
         ./services/misc/tzupdate.nix

···

       856
        
         ./services/misc/tautulli.nix

     

       857
        
         ./services/misc/tiddlywiki.nix

     

       858
        
         ./services/misc/tp-auto-kbbl.nix

     

       859
       +
         ./services/misc/turn-rs.nix

     

       860
        
         ./services/misc/tuxclocker.nix

     

       861
        
         ./services/misc/transfer-sh.nix

     

       862
        
         ./services/misc/tzupdate.nix

+86

nixos/modules/services/misc/turn-rs.nix

···

       1
       +
       {

     

       2
       +
         config,

     

       3
       +
         pkgs,

     

       4
       +
         lib,

     

       5
       +
         ...

     

       6
       +
       }:

     

       7
       +
       

     

       8
       +
       let

     

       9
       +
         cfg = config.services.turn-rs;

     

       10
       +
         format = pkgs.formats.toml { };

     

       11
       +
       in

     

       12
       +
       {

     

       13
       +
         options.services.turn-rs = {

     

       14
       +
           enable = lib.mkEnableOption "turn-rs server";

     

       15
       +
           package = lib.mkPackageOption pkgs "turn-rs" { };

     

       16
       +
       

     

       17
       +
           secretFile = lib.mkOption {

     

       18
       +
             type = lib.types.nullOr lib.types.path;

     

       19
       +
             default = null;

     

       20
       +
             example = "/run/keys/turn-rs.env";

     

       21
       +
             description = ''

     

       22
       +
               Environment variables from this file will be interpolated into the

     

       23
       +
               final config file using envsubst with this syntax: `$ENVIRONMENT` or

     

       24
       +
               `''${VARIABLE}`.

     

       25
       +
               The file should contain lines formatted as `SECRET_VAR=SECRET_VALUE`.

     

       26
       +
               This is useful to avoid putting secrets into the nix store.

     

       27
       +
             '';

     

       28
       +
           };

     

       29
       +
       

     

       30
       +
           settings = lib.mkOption {

     

       31
       +
             type = lib.types.submodule {

     

       32
       +
               freeformType = format.type;

     

       33
       +
             };

     

       34
       +
             description = "Turn-rs server config file";

     

       35
       +
             default = { };

     

       36
       +
             example = {

     

       37
       +
               turn = {

     

       38
       +
                 realm = "localhost";

     

       39
       +
                 interfaces = [

     

       40
       +
                   {

     

       41
       +
                     transport = "udp";

     

       42
       +
                     bind = "127.0.0.1:3478";

     

       43
       +
                     external = "127.0.0.1:3478";

     

       44
       +
                   }

     

       45
       +
                   {

     

       46
       +
                     transport = "tcp";

     

       47
       +
                     bind = "127.0.0.1:3478";

     

       48
       +
                     external = "127.0.0.1:3478";

     

       49
       +
                   }

     

       50
       +
                 ];

     

       51
       +
               };

     

       52
       +
       

     

       53
       +
               auth.static_credentials = {

     

       54
       +
                 user1 = "test";

     

       55
       +
                 user2 = "test";

     

       56
       +
               };

     

       57
       +
             };

     

       58
       +
           };

     

       59
       +
         };

     

       60
       +
       

     

       61
       +
         config = lib.mkIf cfg.enable {

     

       62
       +
           services.turn-rs.settings = {

     

       63
       +
             api.bind = lib.mkDefault "127.0.0.1:3000";

     

       64
       +
             log.level = lib.mkDefault "info";

     

       65
       +
           };

     

       66
       +
       

     

       67
       +
           systemd.services.turn-rs = {

     

       68
       +
             enable = true;

     

       69
       +
             wantedBy = [ "multi-user.target" ];

     

       70
       +
             description = "Turn-rs Server Daemon";

     

       71
       +
             preStart =

     

       72
       +
               let

     

       73
       +
                 configFile = format.generate "turn-rs-config.toml" cfg.settings;

     

       74
       +
               in

     

       75
       +
               ''

     

       76
       +
                 ${lib.getExe pkgs.envsubst} -i "${configFile}" -o /run/turn-rs/config.toml

     

       77
       +
               '';

     

       78
       +
             serviceConfig = {

     

       79
       +
               RuntimeDirectory = "turn-rs";

     

       80
       +
               EnvironmentFile = lib.optional (cfg.secretFile != null) cfg.secretFile;

     

       81
       +
               ExecStart = "${lib.getExe cfg.package} --config=/run/turn-rs/config.toml";

     

       82
       +
               DynamicUser = true;

     

       83
       +
             };

     

       84
       +
           };

     

       85
       +
         };

     

       86
       +
       }

nixos/tests/all-tests.nix

···

       1045
        
         txredisapi = handleTest ./txredisapi.nix {};

     

       1046
        
         tuptime = handleTest ./tuptime.nix {};

     

       1047
        
         turbovnc-headless-server = handleTest ./turbovnc-headless-server.nix {};

     

       0
        
       
     

       1048
        
         tuxguitar = handleTest ./tuxguitar.nix {};

     

       1049
        
         twingate = runTest ./twingate.nix;

     

       1050
        
         typesense = handleTest ./typesense.nix {};

···

       1045
        
         txredisapi = handleTest ./txredisapi.nix {};

     

       1046
        
         tuptime = handleTest ./tuptime.nix {};

     

       1047
        
         turbovnc-headless-server = handleTest ./turbovnc-headless-server.nix {};

     

       1048
       +
         turn-rs = handleTest ./turn-rs.nix {};

     

       1049
        
         tuxguitar = handleTest ./tuxguitar.nix {};

     

       1050
        
         twingate = runTest ./twingate.nix;

     

       1051
        
         typesense = handleTest ./typesense.nix {};

+65

nixos/tests/turn-rs.nix

···

       1
       +
       import ./make-test-python.nix (

     

       2
       +
         { pkgs, ... }:

     

       3
       +
         {

     

       4
       +
           name = "turn-rs";

     

       5
       +
       

     

       6
       +
           nodes = {

     

       7
       +
             server = {

     

       8
       +
               virtualisation.vlans = [ 1 ];

     

       9
       +
       

     

       10
       +
               networking = {

     

       11
       +
                 useNetworkd = true;

     

       12
       +
                 useDHCP = false;

     

       13
       +
                 firewall.enable = false;

     

       14
       +
               };

     

       15
       +
       

     

       16
       +
               systemd.network.networks."01-eth1" = {

     

       17
       +
                 name = "eth1";

     

       18
       +
                 networkConfig.Address = "10.0.0.1/24";

     

       19
       +
               };

     

       20
       +
       

     

       21
       +
               services.turn-rs = {

     

       22
       +
                 enable = true;

     

       23
       +
                 secretFile = pkgs.writeText "secret" ''

     

       24
       +
                   USER_1_CREDS="foobar"

     

       25
       +
                 '';

     

       26
       +
                 settings = {

     

       27
       +
                   turn = {

     

       28
       +
                     realm = "localhost";

     

       29
       +
                     interfaces = [

     

       30
       +
                       {

     

       31
       +
                         transport = "udp";

     

       32
       +
                         bind = "127.0.0.1:3478";

     

       33
       +
                         external = "127.0.0.1:3478";

     

       34
       +
                       }

     

       35
       +
                       {

     

       36
       +
                         transport = "tcp";

     

       37
       +
                         bind = "127.0.0.1:3478";

     

       38
       +
                         external = "127.0.0.1:3478";

     

       39
       +
                       }

     

       40
       +
                     ];

     

       41
       +
                   };

     

       42
       +
       

     

       43
       +
                   auth.static_credentials.user1 = "$USER_1_CREDS";

     

       44
       +
                 };

     

       45
       +
               };

     

       46
       +
             };

     

       47
       +
           };

     

       48
       +
       

     

       49
       +
           testScript = # python

     

       50
       +
             ''

     

       51
       +
               import json

     

       52
       +
       

     

       53
       +
               start_all()

     

       54
       +
               server.wait_for_unit('turn-rs.service')

     

       55
       +
               server.wait_for_open_port(3000, "127.0.0.1")

     

       56
       +
       

     

       57
       +
               info = server.succeed('curl http://localhost:3000/info')

     

       58
       +
               jsonInfo = json.loads(info)

     

       59
       +
               assert len(jsonInfo['interfaces']) == 2, f'Interfaces doesn\'t contain two entries:\n{json.dumps(jsonInfo, indent=2)}'

     

       60
       +
       

     

       61
       +
               config = server.succeed('cat /run/turn-rs/config.toml')

     

       62
       +
               assert 'foobar' in config, f'Secrets are not properly injected:\n{config}'

     

       63
       +
             '';

     

       64
       +
         }

     

       65
       +
       )

+5 -1

pkgs/by-name/tu/turn-rs/package.nix

···

       3
        
         lib,

     

       4
        
         fetchFromGitHub,

     

       5
        
         nix-update-script,

     

       0
        
       
     

       6
        
       }:

     

       7
        
       

     

       8
        
       rustPlatform.buildRustPackage rec {

     
···

       18
        
       

     

       19
        
         cargoHash = "sha256-gO2vuOQMvl6KYp529k3CYDyma5ECzOr/lcSvP4OpUUo=";

     

       20
        
       

     

       21
       -
         passthru.updateScript = nix-update-script { };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       22
        
       

     

       23
        
         meta = {

     

       24
        
           description = "Pure rust implemented turn server";

···

       3
        
         lib,

     

       4
        
         fetchFromGitHub,

     

       5
        
         nix-update-script,

     

       6
       +
         nixosTests,

     

       7
        
       }:

     

       8
        
       

     

       9
        
       rustPlatform.buildRustPackage rec {

     
···

       19
        
       

     

       20
        
         cargoHash = "sha256-gO2vuOQMvl6KYp529k3CYDyma5ECzOr/lcSvP4OpUUo=";

     

       21
        
       

     

       22
       +
         passthru = {

     

       23
       +
           updateScript = nix-update-script { };

     

       24
       +
           tests.nixos = nixosTests.turn-rs;

     

       25
       +
         };

     

       26
        
       

     

       27
        
         meta = {

     

       28
        
           description = "Pure rust implemented turn server";