commit b73ca0df27e8281b72494f826835804d2a90cdfd · pyrox.dev/nixpkgs

+79 -77

nixos/modules/services/networking/tinc.nix

···

       18
        
       

     

       19
        
             networks = mkOption {

     

       20
        
               default = { };

     

       21
       -
               type = types.loaOf types.optionSet;

     

       22
       -
               description = ''

     

       23
       -
                 Defines the tinc networks which will be started.

     

       24
       -
                 Each network invokes a different daemon.

     

       25
       -
               '';

     

       26
       -
               options = {

     

       27
        
       

     

       28
       -
                 extraConfig = mkOption {

     

       29
       -
                   default = "";

     

       30
       -
                   type = types.lines;

     

       31
       -
                   description = ''

     

       32
       -
                     Extra lines to add to the tinc service configuration file.

     

       33
       -
                   '';

     

       34
       -
                 };

     

       35
        
       

     

       36
       -
                 name = mkOption {

     

       37
       -
                   default = null;

     

       38
       -
                   type = types.nullOr types.str;

     

       39
       -
                   description = ''

     

       40
       -
                     The name of the node which is used as an identifier when communicating

     

       41
       -
                     with the remote nodes in the mesh. If null then the hostname of the system

     

       42
       -
                     is used.

     

       43
       -
                   '';

     

       44
       -
                 };

     

       45
        
       

     

       46
       -
                 ed25519PrivateKeyFile = mkOption {

     

       47
       -
                   default = null;

     

       48
       -
                   type = types.nullOr types.path;

     

       49
       -
                   description = ''

     

       50
       -
                     Path of the private ed25519 keyfile.

     

       51
       -
                   '';

     

       52
       -
                 };

     

       53
        
       

     

       54
       -
                 debugLevel = mkOption {

     

       55
       -
                   default = 0;

     

       56
       -
                   type = types.addCheck types.int (l: l >= 0 && l <= 5);

     

       57
       -
                   description = ''

     

       58
       -
                     The amount of debugging information to add to the log. 0 means little

     

       59
       -
                     logging while 5 is the most logging. <command>man tincd</command> for

     

       60
       -
                     more details.

     

       61
       -
                   '';

     

       62
       -
                 };

     

       63
        
       

     

       64
       -
                 hosts = mkOption {

     

       65
       -
                   default = { };

     

       66
       -
                   type = types.loaOf types.lines;

     

       67
       -
                   description = ''

     

       68
       -
                     The name of the host in the network as well as the configuration for that host.

     

       69
       -
                     This name should only contain alphanumerics and underscores.

     

       70
       -
                   '';

     

       71
       -
                 };

     

       72
        
       

     

       73
       -
                 interfaceType = mkOption {

     

       74
       -
                   default = "tun";

     

       75
       -
                   type = types.addCheck types.str (n: n == "tun" || n == "tap");

     

       76
       -
                   description = ''

     

       77
       -
                     The type of virtual interface used for the network connection

     

       78
       -
                   '';

     

       79
       -
                 };

     

       80
        
       

     

       81
       -
                 listenAddress = mkOption {

     

       82
       -
                   default = null;

     

       83
       -
                   type = types.nullOr types.str;

     

       84
       -
                   description = ''

     

       85
       -
                     The ip adress to bind to.

     

       86
       -
                   '';

     

       87
       -
                 };

     

       88
        
       

     

       89
       -
                 package = mkOption {

     

       90
       -
                   type = types.package;

     

       91
       -
                   default = pkgs.tinc_pre;

     

       92
       -
                   defaultText = "pkgs.tinc_pre";

     

       93
       -
                   description = ''

     

       94
       -
                     The package to use for the tinc daemon's binary.

     

       95
       -
                   '';

     

       96
       -
                 };

     

       97
        
       

     

       98
       -
                 chroot = mkOption {

     

       99
       -
                   default = true;

     

       100
       -
                   type = types.bool;

     

       101
       -
                   description = ''

     

       102
       -
                     Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.

     

       103
       -
                     The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.

     

       104
        
       

     

       105
       -
                     Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.

     

       106
       -
                   '';

     

       0
        
       
     

       107
        
                 };

     

       108
       -
               };

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
             };

     

       110
        
           };

     

       111

···

       18
        
       

     

       19
        
             networks = mkOption {

     

       20
        
               default = { };

     

       21
       +
               type = with types; loaOf (submodule {

     

       22
       +
                 options = {

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       23
        
       

     

       24
       +
                   extraConfig = mkOption {

     

       25
       +
                     default = "";

     

       26
       +
                     type = types.lines;

     

       27
       +
                     description = ''

     

       28
       +
                       Extra lines to add to the tinc service configuration file.

     

       29
       +
                     '';

     

       30
       +
                   };

     

       31
        
       

     

       32
       +
                   name = mkOption {

     

       33
       +
                     default = null;

     

       34
       +
                     type = types.nullOr types.str;

     

       35
       +
                     description = ''

     

       36
       +
                       The name of the node which is used as an identifier when communicating

     

       37
       +
                       with the remote nodes in the mesh. If null then the hostname of the system

     

       38
       +
                       is used.

     

       39
       +
                     '';

     

       40
       +
                   };

     

       41
        
       

     

       42
       +
                   ed25519PrivateKeyFile = mkOption {

     

       43
       +
                     default = null;

     

       44
       +
                     type = types.nullOr types.path;

     

       45
       +
                     description = ''

     

       46
       +
                       Path of the private ed25519 keyfile.

     

       47
       +
                     '';

     

       48
       +
                   };

     

       49
        
       

     

       50
       +
                   debugLevel = mkOption {

     

       51
       +
                     default = 0;

     

       52
       +
                     type = types.addCheck types.int (l: l >= 0 && l <= 5);

     

       53
       +
                     description = ''

     

       54
       +
                       The amount of debugging information to add to the log. 0 means little

     

       55
       +
                       logging while 5 is the most logging. <command>man tincd</command> for

     

       56
       +
                       more details.

     

       57
       +
                     '';

     

       58
       +
                   };

     

       59
        
       

     

       60
       +
                   hosts = mkOption {

     

       61
       +
                     default = { };

     

       62
       +
                     type = types.loaOf types.lines;

     

       63
       +
                     description = ''

     

       64
       +
                       The name of the host in the network as well as the configuration for that host.

     

       65
       +
                       This name should only contain alphanumerics and underscores.

     

       66
       +
                     '';

     

       67
       +
                   };

     

       68
        
       

     

       69
       +
                   interfaceType = mkOption {

     

       70
       +
                     default = "tun";

     

       71
       +
                     type = types.addCheck types.str (n: n == "tun" || n == "tap");

     

       72
       +
                     description = ''

     

       73
       +
                       The type of virtual interface used for the network connection

     

       74
       +
                     '';

     

       75
       +
                   };

     

       76
        
       

     

       77
       +
                   listenAddress = mkOption {

     

       78
       +
                     default = null;

     

       79
       +
                     type = types.nullOr types.str;

     

       80
       +
                     description = ''

     

       81
       +
                       The ip adress to bind to.

     

       82
       +
                     '';

     

       83
       +
                   };

     

       84
        
       

     

       85
       +
                   package = mkOption {

     

       86
       +
                     type = types.package;

     

       87
       +
                     default = pkgs.tinc_pre;

     

       88
       +
                     defaultText = "pkgs.tinc_pre";

     

       89
       +
                     description = ''

     

       90
       +
                       The package to use for the tinc daemon's binary.

     

       91
       +
                     '';

     

       92
       +
                   };

     

       93
        
       

     

       94
       +
                   chroot = mkOption {

     

       95
       +
                     default = true;

     

       96
       +
                     type = types.bool;

     

       97
       +
                     description = ''

     

       98
       +
                       Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.

     

       99
       +
                       The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.

     

       100
        
       

     

       101
       +
                       Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.

     

       102
       +
                     '';

     

       103
       +
                   };

     

       104
        
                 };

     

       105
       +
               });

     

       106
       +
       

     

       107
       +
               description = ''

     

       108
       +
                 Defines the tinc networks which will be started.

     

       109
       +
                 Each network invokes a different daemon.

     

       110
       +
               '';

     

       111
        
             };

     

       112
        
           };

     

       113