pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #153481 from Tchekda/submit/bird-lg

authored by Sandro and committed by GitHub 7fa8d8b2 56059fd2

+323
unified split
+7
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
··· 192 192 </listitem> 193 193 <listitem> 194 194 <para> 195 + <link xlink:href="https://github.com/xddxdd/bird-lg-go">bird-lg</link>, 196 + a BGP looking glass for Bird Routing. Available as 197 + <link linkend="opt-services.bird-lg.package">services.bird-lg</link>. 198 + </para> 199 + </listitem> 200 + <listitem> 201 + <para> 195 202 <link xlink:href="https://docs.docker.com/engine/security/rootless/">rootless 196 203 Docker</link>, a <literal>systemd --user</literal> Docker 197 204 service which runs without root permissions. Available as
+2
nixos/doc/manual/release-notes/rl-2205.section.md
··· 61 61 62 62 - [aesmd](https://github.com/intel/linux-sgx#install-the-intelr-sgx-psw), the Intel SGX Architectural Enclave Service Manager. Available as [services.aesmd](#opt-services.aesmd.enable). 63 63 64 + - [bird-lg](https://github.com/xddxdd/bird-lg-go), a BGP looking glass for Bird Routing. Available as [services.bird-lg](#opt-services.bird-lg.package). 65 + 64 66 - [rootless Docker](https://docs.docker.com/engine/security/rootless/), a `systemd --user` Docker service which runs without root permissions. Available as [virtualisation.docker.rootless.enable](options.html#opt-virtualisation.docker.rootless.enable). 65 67 66 68 - [matrix-conduit](https://conduit.rs/), a simple, fast and reliable chat server powered by matrix. Available as [services.matrix-conduit](option.html#opt-services.matrix-conduit.enable).
+1
nixos/modules/module-list.nix
··· 733 733 ./services/networking/bitcoind.nix 734 734 ./services/networking/autossh.nix 735 735 ./services/networking/bird.nix 736 + ./services/networking/bird-lg.nix 736 737 ./services/networking/bitlbee.nix 737 738 ./services/networking/blockbook-frontend.nix 738 739 ./services/networking/blocky.nix
+269
nixos/modules/services/networking/bird-lg.nix
··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + cfg = config.services.bird-lg; 7 + in 8 + { 9 + options = { 10 + services.bird-lg = { 11 + package = mkOption { 12 + type = types.package; 13 + default = pkgs.bird-lg; 14 + defaultText = literalExpression "pkgs.bird-lg"; 15 + description = "The Bird Looking Glass package to use."; 16 + }; 17 + 18 + user = mkOption { 19 + type = types.str; 20 + default = "bird-lg"; 21 + description = "User to run the service."; 22 + }; 23 + 24 + group = mkOption { 25 + type = types.str; 26 + default = "bird-lg"; 27 + description = "Group to run the service."; 28 + }; 29 + 30 + frontend = { 31 + enable = mkEnableOption "Bird Looking Glass Frontend Webserver"; 32 + 33 + listenAddress = mkOption { 34 + type = types.str; 35 + default = "127.0.0.1:5000"; 36 + description = "Address to listen on."; 37 + }; 38 + 39 + proxyPort = mkOption { 40 + type = types.port; 41 + default = 8000; 42 + description = "Port bird-lg-proxy is running on."; 43 + }; 44 + 45 + domain = mkOption { 46 + type = types.str; 47 + default = ""; 48 + example = "dn42.lantian.pub"; 49 + description = "Server name domain suffixes."; 50 + }; 51 + 52 + servers = mkOption { 53 + type = types.listOf types.str; 54 + default = [ ]; 55 + example = [ "gigsgigscloud" "hostdare" ]; 56 + description = "Server name prefixes."; 57 + }; 58 + 59 + whois = mkOption { 60 + type = types.str; 61 + default = "whois.verisign-grs.com"; 62 + description = "Whois server for queries."; 63 + }; 64 + 65 + dnsInterface = mkOption { 66 + type = types.str; 67 + default = "asn.cymru.com"; 68 + description = "DNS zone to query ASN information."; 69 + }; 70 + 71 + bgpMapInfo = mkOption { 72 + type = types.listOf types.str; 73 + default = [ "asn" "as-name" "ASName" "descr" ]; 74 + description = "Information displayed in bgpmap."; 75 + }; 76 + 77 + titleBrand = mkOption { 78 + type = types.str; 79 + default = "Bird-lg Go"; 80 + description = "Prefix of page titles in browser tabs."; 81 + }; 82 + 83 + netSpecificMode = mkOption { 84 + type = types.str; 85 + default = ""; 86 + example = "dn42"; 87 + description = "Apply network-specific changes for some networks."; 88 + }; 89 + 90 + protocolFilter = mkOption { 91 + type = types.listOf types.str; 92 + default = [ ]; 93 + example = [ "ospf" ]; 94 + description = "Information displayed in bgpmap."; 95 + }; 96 + 97 + nameFilter = mkOption { 98 + type = types.str; 99 + default = ""; 100 + example = "^ospf"; 101 + description = "Protocol names to hide in summary tables (RE2 syntax),"; 102 + }; 103 + 104 + timeout = mkOption { 105 + type = types.int; 106 + default = 120; 107 + description = "Time before request timed out, in seconds."; 108 + }; 109 + 110 + navbar = { 111 + brand = mkOption { 112 + type = types.str; 113 + default = "Bird-lg Go"; 114 + description = "Brand to show in the navigation bar ."; 115 + }; 116 + 117 + brandURL = mkOption { 118 + type = types.str; 119 + default = "/"; 120 + description = "URL of the brand to show in the navigation bar."; 121 + }; 122 + 123 + allServers = mkOption { 124 + type = types.str; 125 + default = "ALL Servers"; 126 + description = "Text of 'All server' button in the navigation bar."; 127 + }; 128 + 129 + allServersURL = mkOption { 130 + type = types.str; 131 + default = "all"; 132 + description = "URL of 'All servers' button."; 133 + }; 134 + }; 135 + 136 + extraArgs = mkOption { 137 + type = types.lines; 138 + default = ""; 139 + description = " 140 + Extra parameters documented <link xlink:href=\"https://github.com/xddxdd/bird-lg-go#frontend\">here</link>. 141 + "; 142 + }; 143 + }; 144 + 145 + proxy = { 146 + enable = mkEnableOption "Bird Looking Glass Proxy"; 147 + 148 + listenAddress = mkOption { 149 + type = types.str; 150 + default = "127.0.0.1:8000"; 151 + description = "Address to listen on."; 152 + }; 153 + 154 + allowedIPs = mkOption { 155 + type = types.listOf types.str; 156 + default = [ ]; 157 + example = [ "192.168.25.52" "192.168.25.53" ]; 158 + description = "List of IPs to allow (default all allowed)."; 159 + }; 160 + 161 + birdSocket = mkOption { 162 + type = types.str; 163 + default = "/run/bird.ctl"; 164 + example = "/var/run/bird/bird.ctl"; 165 + description = "Bird control socket path."; 166 + }; 167 + 168 + traceroute = { 169 + binary = mkOption { 170 + type = types.str; 171 + default = "${pkgs.traceroute}/bin/traceroute"; 172 + defaultText = literalExpression ''"''${pkgs.traceroute}/bin/traceroute"''; 173 + description = "Traceroute's binary path."; 174 + }; 175 + 176 + rawOutput = mkOption { 177 + type = types.bool; 178 + default = false; 179 + description = "Display traceroute output in raw format."; 180 + }; 181 + }; 182 + 183 + extraArgs = mkOption { 184 + type = types.lines; 185 + default = ""; 186 + description = " 187 + Extra parameters documented <link xlink:href=\"https://github.com/xddxdd/bird-lg-go#proxy\">here</link>. 188 + "; 189 + }; 190 + }; 191 + }; 192 + }; 193 + 194 + ###### implementation 195 + 196 + config = { 197 + systemd.services = { 198 + bird-lg-frontend = mkIf cfg.frontend.enable { 199 + enable = true; 200 + after = [ "network.target" ]; 201 + wantedBy = [ "multi-user.target" ]; 202 + description = "Bird Looking Glass Frontend Webserver"; 203 + serviceConfig = { 204 + Type = "simple"; 205 + Restart = "on-failure"; 206 + ProtectSystem = "full"; 207 + ProtectHome = "yes"; 208 + MemoryDenyWriteExecute = "yes"; 209 + User = cfg.user; 210 + Group = cfg.group; 211 + }; 212 + script = '' 213 + ${cfg.package}/bin/frontend \ 214 + --servers ${concatStringsSep "," cfg.frontend.servers } \ 215 + --domain ${cfg.frontend.domain} \ 216 + --listen ${cfg.frontend.listenAddress} \ 217 + --proxy-port ${toString cfg.frontend.proxyPort} \ 218 + --whois ${cfg.frontend.whois} \ 219 + --dns-interface ${cfg.frontend.dnsInterface} \ 220 + --bgpmap-info ${concatStringsSep "," cfg.frontend.bgpMapInfo } \ 221 + --title-brand ${cfg.frontend.titleBrand} \ 222 + --navbar-brand ${cfg.frontend.navbar.brand} \ 223 + --navbar-brand-url ${cfg.frontend.navbar.brandURL} \ 224 + --navbar-all-servers ${cfg.frontend.navbar.allServers} \ 225 + --navbar-all-url ${cfg.frontend.navbar.allServersURL} \ 226 + --net-specific-mode ${cfg.frontend.netSpecificMode} \ 227 + --protocol-filter ${concatStringsSep "," cfg.frontend.protocolFilter } \ 228 + --name-filter ${cfg.frontend.nameFilter} \ 229 + --time-out ${toString cfg.frontend.timeout} \ 230 + ${cfg.frontend.extraArgs} 231 + ''; 232 + }; 233 + 234 + bird-lg-proxy = mkIf cfg.proxy.enable { 235 + enable = true; 236 + after = [ "network.target" ]; 237 + wantedBy = [ "multi-user.target" ]; 238 + description = "Bird Looking Glass Proxy"; 239 + serviceConfig = { 240 + Type = "simple"; 241 + Restart = "on-failure"; 242 + ProtectSystem = "full"; 243 + ProtectHome = "yes"; 244 + MemoryDenyWriteExecute = "yes"; 245 + User = cfg.user; 246 + Group = cfg.group; 247 + }; 248 + script = '' 249 + ${cfg.package}/bin/proxy \ 250 + --allowed ${concatStringsSep "," cfg.proxy.allowedIPs } \ 251 + --bird ${cfg.proxy.birdSocket} \ 252 + --listen ${cfg.proxy.listenAddress} \ 253 + --traceroute_bin ${cfg.proxy.traceroute.binary} 254 + --traceroute_raw ${boolToString cfg.proxy.traceroute.rawOutput} 255 + ${cfg.proxy.extraArgs} 256 + ''; 257 + }; 258 + }; 259 + users = mkIf (cfg.frontend.enable || cfg.proxy.enable) { 260 + groups."bird-lg" = mkIf (cfg.group == "bird-lg") { }; 261 + users."bird-lg" = mkIf (cfg.user == "bird-lg") { 262 + description = "Bird Looking Glass user"; 263 + extraGroups = lib.optionals (config.services.bird2.enable) [ "bird2" ]; 264 + group = cfg.group; 265 + isSystemUser = true; 266 + }; 267 + }; 268 + }; 269 + }
+42
pkgs/servers/bird-lg/default.nix
··· 1 + { buildGoModule, fetchFromGitHub, lib, symlinkJoin }: 2 + let 3 + generic = { modRoot, vendorSha256 }: 4 + buildGoModule rec { 5 + pname = "bird-lg-${modRoot}"; 6 + version = "unstable-2022-05-08"; 7 + 8 + src = fetchFromGitHub { 9 + owner = "xddxdd"; 10 + repo = "bird-lg-go"; 11 + rev = "348295b9aa954a92df2cf6b1179846a9486dafc0"; 12 + sha256 = "sha256-2t8ZP9Uc0sJlqWiJMq3MVoARfMKsuTXJkuOid0oWgyY="; 13 + }; 14 + 15 + doDist = false; 16 + 17 + ldflags = [ 18 + "-s" 19 + "-w" 20 + ]; 21 + 22 + inherit modRoot vendorSha256; 23 + 24 + meta = with lib; { 25 + description = "Bird Looking Glass"; 26 + homepage = "https://github.com/xddxdd/bird-lg-go"; 27 + license = licenses.gpl3Plus; 28 + maintainers = with maintainers; [ tchekda ]; 29 + }; 30 + }; 31 + 32 + bird-lg-frontend = generic { 33 + modRoot = "frontend"; 34 + vendorSha256 = "sha256-WKuVGiSV5LZrJ8/672TRN6tZNQxdCktHV6nx0ZxCP4A="; 35 + }; 36 + 37 + bird-lg-proxy = generic { 38 + modRoot = "proxy"; 39 + vendorSha256 = "sha256-7LZeCY4xSxREsQ+Dc2XSpu2ZI8CLE0mz0yoThP7/OO4="; 40 + }; 41 + in 42 + symlinkJoin { name = "bird-lg"; paths = [ bird-lg-frontend bird-lg-proxy ]; }
+2
pkgs/top-level/all-packages.nix
··· 21610 21610 21611 21611 bird = callPackage ../servers/bird { }; 21612 21612 21613 + bird-lg = callPackage ../servers/bird-lg { }; 21614 + 21613 21615 bloat = callPackage ../servers/bloat { }; 21614 21616 21615 21617 bosun = callPackage ../servers/monitoring/bosun { };