nixos/freeradius : init - Added freeradius service

lol

Inspired from the dhcpd service implementation
Only 2 configurations options at the moment:
- enabled
- path to config directory (defaults to /etc/raddb)

Implementation was also inspired from ArchLinux
systemd file and corrected with @dotlambda and
@fpletz help.

Netix (Espinet François) 8 years ago 2a2e885c 5925caf3

+72

1 changed file

expand all

nixos

modules

services

networking

freeradius.nix

+72

nixos/modules/services/networking/freeradius.nix

··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + 7 + cfg = config.services.freeradius; 8 + 9 + freeradiusService = cfg: 10 + { 11 + description = "FreeRadius server"; 12 + wantedBy = ["multi-user.target"]; 13 + after = ["network-online.target"]; 14 + wants = ["network-online.target"]; 15 + preStart = '' 16 + ${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout 17 + ''; 18 + 19 + serviceConfig = { 20 + ExecStart = "${pkgs.freeradius}/bin/radiusd -f -d ${cfg.configDir} -l stdout -xx"; 21 + ExecReload = [ 22 + "${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout" 23 + "${pkgs.coreutils}/bin/kill -HUP $MAINPID" 24 + ]; 25 + User = "radius"; 26 + ProtectSystem = "full"; 27 + ProtectHome = "on"; 28 + Restart = "on-failure"; 29 + RestartSec = 2; 30 + }; 31 + }; 32 + 33 + freeradiusConfig = { 34 + enable = mkEnableOption "the freeradius server"; 35 + 36 + configDir = mkOption { 37 + type = types.path; 38 + default = "/etc/raddb"; 39 + description = '' 40 + The path of the freeradius server configuration directory. 41 + ''; 42 + }; 43 + 44 + }; 45 + 46 + in 47 + 48 + { 49 + 50 + ###### interface 51 + 52 + options = { 53 + services.freeradius = freeradiusConfig; 54 + }; 55 + 56 + 57 + ###### implementation 58 + 59 + config = mkIf (cfg.enable) { 60 + 61 + users = { 62 + extraUsers.radius = { 63 + /*uid = config.ids.uids.radius;*/ 64 + description = "Radius daemon user"; 65 + }; 66 + }; 67 + 68 + systemd.services.freeradius = freeradiusService cfg; 69 + 70 + }; 71 + 72 + }