pyrox.dev / nixpkgs
lol
fork atom

sane service: add saned support

Nikolay Amiantov 65f93413 4111710b

+88 -20
unified split
+1 -1
nixos/modules/misc/ids.nix
··· 84 84 spamd = 56; 85 85 #networkmanager = 57; # unused 86 86 nslcd = 58; 87 - #scanner = 59; # unused 87 + scanner = 59; 88 88 nginx = 60; 89 89 chrony = 61; 90 90 #systemd-journal = 62; # unused
+78 -11
nixos/modules/services/hardware/sane.nix
··· 7 7 pkg = if config.hardware.sane.snapshot 8 8 then pkgs.sane-backends-git 9 9 else pkgs.sane-backends; 10 - backends = [ pkg ] ++ config.hardware.sane.extraBackends; 10 + 11 + sanedConf = pkgs.writeTextFile { 12 + name = "saned.conf"; 13 + destination = "/etc/sane.d/saned.conf"; 14 + text = '' 15 + localhost 16 + ${config.services.saned.extraConfig} 17 + ''; 18 + }; 19 + 20 + env = { 21 + SANE_CONFIG_DIR = config.hardware.sane.configDir; 22 + LD_LIBRARY_PATH = [ "${saneConfig}/lib/sane" ]; 23 + }; 24 + 25 + backends = [ pkg ] ++ optional config.services.saned.enable sanedConf ++ config.hardware.sane.extraBackends; 11 26 saneConfig = pkgs.mkSaneConfig { paths = backends; }; 27 + 28 + enabled = config.hardware.sane.enable || config.services.saned.enable; 12 29 13 30 in 14 31 ··· 51 68 52 69 hardware.sane.configDir = mkOption { 53 70 type = types.string; 71 + internal = true; 54 72 description = "The value of SANE_CONFIG_DIR."; 55 73 }; 56 74 75 + services.saned.enable = mkOption { 76 + type = types.bool; 77 + default = false; 78 + description = '' 79 + Enable saned network daemon for remote connection to scanners. 80 + 81 + saned would be runned from <literal>scanner</literal> user; to allow 82 + access to hardware that doesn't have <literal>scanner</literal> group 83 + you should add needed groups to this user. 84 + ''; 85 + }; 86 + 87 + services.saned.extraConfig = mkOption { 88 + type = types.lines; 89 + default = ""; 90 + example = "192.168.0.0/24"; 91 + description = '' 92 + Extra saned configuration lines. 93 + ''; 94 + }; 95 + 57 96 }; 58 97 59 98 60 99 ###### implementation 61 100 62 - config = mkIf config.hardware.sane.enable { 101 + config = mkMerge [ 102 + (mkIf enabled { 103 + hardware.sane.configDir = mkDefault "${saneConfig}/etc/sane.d"; 104 + 105 + environment.systemPackages = backends; 106 + environment.sessionVariables = env; 107 + services.udev.packages = backends; 63 108 64 - hardware.sane.configDir = mkDefault "${saneConfig}/etc/sane.d"; 109 + users.extraGroups."scanner".gid = config.ids.gids.scanner; 110 + }) 65 111 66 - environment.systemPackages = backends; 67 - environment.sessionVariables = { 68 - SANE_CONFIG_DIR = config.hardware.sane.configDir; 69 - LD_LIBRARY_PATH = [ "${saneConfig}/lib/sane" ]; 70 - }; 71 - services.udev.packages = backends; 112 + (mkIf config.services.saned.enable { 113 + networking.firewall.connectionTrackingModules = [ "sane" ]; 72 114 73 - users.extraGroups."scanner".gid = config.ids.gids.scanner; 115 + systemd.services."saned@" = { 116 + description = "Scanner Service"; 117 + environment = mapAttrs (name: val: toString val) env; 118 + serviceConfig = { 119 + User = "scanner"; 120 + Group = "scanner"; 121 + ExecStart = "${pkg}/bin/saned"; 122 + }; 123 + }; 74 124 75 - }; 125 + systemd.sockets.saned = { 126 + description = "saned incoming socket"; 127 + wantedBy = [ "sockets.target" ]; 128 + listenStreams = [ "0.0.0.0:6566" "[::]:6566" ]; 129 + socketConfig = { 130 + # saned needs to distinguish between IPv4 and IPv6 to open matching data sockets. 131 + BindIPv6Only = "ipv6-only"; 132 + Accept = true; 133 + MaxConnections = 1; 134 + }; 135 + }; 136 + 137 + users.extraUsers."scanner" = { 138 + uid = config.ids.uids.scanner; 139 + group = "scanner"; 140 + }; 141 + }) 142 + ]; 76 143 77 144 }
+9 -8
pkgs/applications/graphics/sane/config.nix
··· 4 4 5 5 with stdenv.lib; 6 6 let installSanePath = path: '' 7 - if test -e "${path}/lib/sane"; then 7 + if [ -e "${path}/lib/sane" ]; then 8 8 find "${path}/lib/sane" -maxdepth 1 -not -type d | while read backend; do 9 - ln -s $backend $out/lib/sane/$(basename $backend) 9 + ln -s "$backend" "$out/lib/sane/$(basename "$backend")" 10 10 done 11 11 fi 12 12 13 - if test -e "${path}/etc/sane.d"; then 13 + if [ -e "${path}/etc/sane.d" ]; then 14 14 find "${path}/etc/sane.d" -maxdepth 1 -not -type d | while read conf; do 15 - if test $(basename $conf) = "dll.conf"; then 16 - cat $conf >> $out/etc/sane.d/dll.conf 15 + name="$(basename $conf)" 16 + if [ "$name" = "dll.conf" ] || [ "$name" = "saned.conf" ]; then 17 + cat "$conf" >> "$out/etc/sane.d/$name" 17 18 else 18 - ln -s $conf $out/etc/sane.d/$(basename $conf) 19 + ln -s "$conf" "$out/etc/sane.d/$name" 19 20 fi 20 21 done 21 22 fi 22 23 23 - if test -e "${path}/etc/sane.d/dll.d"; then 24 + if [ -e "${path}/etc/sane.d/dll.d" ]; then 24 25 find "${path}/etc/sane.d/dll.d" -maxdepth 1 -not -type d | while read conf; do 25 - ln -s $conf $out/etc/sane.d/dll.d/$(basename $conf) 26 + ln -s "$conf" "$out/etc/sane.d/dll.d/$(basename $conf)" 26 27 done 27 28 fi 28 29 '';