commit 879778091a5f8280a72a577b536137fa7a7a852a

pyrox.dev / nixpkgs

lol

iodine service: add clients implimentation

- services.iodined moved to services.iodine
- configuration file backwards compatable
- old iodine server configuration moved to services.iodine.server
- attribute set services.iodine.clients added to specify any number
of iodine clients
- example:
iodine.clients.home = { server = "iodinesubdomain.yourserver.com"; ... };
- client services names iodine-name where name would be home

Mitchell Pleune 10 years ago 87977809 45a2d9e1

+144 -87

4 changed files

expand all

unified split

nixos

modules

module-list.nix

rename.nix

services

networking

iodine.nix

iodined.nix

+1 -1

nixos/modules/module-list.nix

··· 326 326 ./services/networking/hostapd.nix 327 327 ./services/networking/i2pd.nix 328 328 ./services/networking/i2p.nix 329 - ./services/networking/iodined.nix 329 + ./services/networking/iodine.nix 330 330 ./services/networking/ircd-hybrid/default.nix 331 331 ./services/networking/kippo.nix 332 332 ./services/networking/lambdabot.nix

nixos/modules/rename.nix

··· 101 101 # Enlightenment 102 102 (mkRenamedOptionModule [ "services" "xserver" "desktopManager" "e19" "enable" ] [ "services" "xserver" "desktopManager" "enlightenment" "enable" ]) 103 103 104 + # Iodine 105 + (mkRenamedOptionModule [ "services" "iodined" "enable" ] [ "services" "iodine" "server" "enable" ]) 106 + (mkRenamedOptionModule [ "services" "iodined" "domain" ] [ "services" "iodine" "server" "domain" ]) 107 + (mkRenamedOptionModule [ "services" "iodined" "ip" ] [ "services" "iodine" "server" "ip" ]) 108 + (mkRenamedOptionModule [ "services" "iodined" "extraConfig" ] [ "services" "iodine" "server" "extraConfig" ]) 109 + (mkRemovedOptionModule [ "services" "iodined" "client" ]) 110 + 104 111 # Options that are obsolete and have no replacement. 105 112 (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ]) 106 113 (mkRemovedOptionModule [ "programs" "bash" "enable" ])

+136

nixos/modules/services/networking/iodine.nix

··· 1 + # NixOS module for iodine, ip over dns daemon 2 + 3 + { config, lib, pkgs, ... }: 4 + 5 + with lib; 6 + 7 + let 8 + cfg = config.services.iodine; 9 + 10 + iodinedUser = "iodined"; 11 + 12 + in 13 + { 14 + 15 + ### configuration 16 + 17 + options = { 18 + 19 + services.iodine = { 20 + clients = mkOption { 21 + default = {}; 22 + description = '' 23 + Each attribute of this option defines a systemd service that 24 + runs iodine. Many or none may be defined. 25 + The name of each service is 26 + <literal>iodine-<replaceable>name</replaceable></literal> 27 + where <replaceable>name</replaceable> is the name of the 28 + corresponding attribute name. 29 + ''; 30 + example = literalExample '' 31 + { 32 + foo = { 33 + server = "tunnel.mdomain.com"; 34 + relay = "8.8.8.8"; 35 + extraConfig = "-P mysecurepassword"; 36 + } 37 + } 38 + ''; 39 + type = types.attrsOf (types.submodule ( 40 + { 41 + options = { 42 + server = mkOption { 43 + type = types.str; 44 + default = ""; 45 + description = "Domain or Subdomain of server running iodined"; 46 + example = "tunnel.mydomain.com"; 47 + }; 48 + 49 + relay = mkOption { 50 + type = types.str; 51 + default = ""; 52 + description = "DNS server to use as a intermediate relay to the iodined server"; 53 + example = "8.8.8.8"; 54 + }; 55 + 56 + extraConfig = mkOption { 57 + type = types.str; 58 + default = ""; 59 + description = "Additional command line parameters"; 60 + example = "-P mysecurepassword -l 192.168.1.10 -p 23"; 61 + }; 62 + }; 63 + })); 64 + }; 65 + 66 + server = { 67 + enable = mkOption { 68 + type = types.bool; 69 + default = false; 70 + description = "enable iodined server"; 71 + }; 72 + 73 + ip = mkOption { 74 + type = types.str; 75 + default = ""; 76 + description = "The assigned ip address or ip range"; 77 + example = "172.16.10.1/24"; 78 + }; 79 + 80 + domain = mkOption { 81 + type = types.str; 82 + default = ""; 83 + description = "Domain or subdomain of which nameservers point to us"; 84 + example = "tunnel.mydomain.com"; 85 + }; 86 + 87 + extraConfig = mkOption { 88 + type = types.str; 89 + default = ""; 90 + description = "Additional command line parameters"; 91 + example = "-P mysecurepassword -l 192.168.1.10 -p 23"; 92 + }; 93 + }; 94 + 95 + }; 96 + }; 97 + 98 + ### implementation 99 + 100 + config = mkIf (cfg.server.enable || cfg.clients != {}) { 101 + environment.systemPackages = [ pkgs.iodine ]; 102 + boot.kernelModules = [ "tun" ]; 103 + 104 + systemd.services = 105 + let 106 + createIodineClientService = name: cfg: 107 + { 108 + description = "iodine client - ${name}"; 109 + wantedBy = [ "ip-up.target" ]; 110 + serviceConfig = { 111 + RestartSec = "30s"; 112 + Restart = "always"; 113 + ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}"; 114 + }; 115 + }; 116 + in 117 + listToAttrs ( 118 + mapAttrsToList 119 + (name: value: nameValuePair "iodine-${name}" (createIodineClientService name value)) 120 + cfg.clients 121 + ) // { 122 + iodined = mkIf (cfg.server.enable) { 123 + description = "iodine, ip over dns server daemon"; 124 + wantedBy = [ "ip-up.target" ]; 125 + serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}"; 126 + }; 127 + }; 128 + 129 + users.extraUsers = singleton { 130 + name = iodinedUser; 131 + uid = config.ids.uids.iodined; 132 + description = "Iodine daemon user"; 133 + }; 134 + users.extraGroups.iodined.gid = config.ids.gids.iodined; 135 + }; 136 + }

-86

nixos/modules/services/networking/iodined.nix

··· 1 - # NixOS module for iodine, ip over dns daemon 2 - 3 - { config, lib, pkgs, ... }: 4 - 5 - with lib; 6 - 7 - let 8 - cfg = config.services.iodined; 9 - 10 - iodinedUser = "iodined"; 11 - 12 - in 13 - 14 - { 15 - 16 - ### configuration 17 - 18 - options = { 19 - 20 - services.iodined = { 21 - 22 - enable = mkOption { 23 - type = types.bool; 24 - default = false; 25 - description = "Enable iodine, ip over dns daemon"; 26 - }; 27 - 28 - client = mkOption { 29 - type = types.bool; 30 - default = false; 31 - description = "Start iodine in client mode"; 32 - }; 33 - 34 - ip = mkOption { 35 - type = types.str; 36 - default = ""; 37 - description = "Assigned ip address or ip range"; 38 - example = "172.16.10.1/24"; 39 - }; 40 - 41 - domain = mkOption { 42 - type = types.str; 43 - default = ""; 44 - description = "Domain or subdomain of which nameservers point to us"; 45 - example = "tunnel.mydomain.com"; 46 - }; 47 - 48 - extraConfig = mkOption { 49 - type = types.str; 50 - default = ""; 51 - description = "Additional command line parameters"; 52 - example = "-P mysecurepassword -l 192.168.1.10 -p 23"; 53 - }; 54 - 55 - }; 56 - 57 - }; 58 - 59 - ### implementation 60 - 61 - config = mkIf cfg.enable { 62 - environment.systemPackages = [ pkgs.iodine ]; 63 - boot.kernelModules = [ "tun" ]; 64 - 65 - systemd.services.iodined = { 66 - description = "iodine, ip over dns daemon"; 67 - wantedBy = [ "ip-up.target" ]; 68 - serviceConfig.ExecStart = "${pkgs.iodine}/sbin/iodined -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.ip} ${cfg.domain}"; 69 - }; 70 - 71 - 72 - users.extraUsers = singleton { 73 - name = iodinedUser; 74 - uid = config.ids.uids.iodined; 75 - description = "Iodine daemon user"; 76 - }; 77 - users.extraGroups.iodined.gid = config.ids.gids.iodined; 78 - 79 - assertions = [{ assertion = if !cfg.client then cfg.ip != "" else true; 80 - message = "cannot start iodined without ip set";} 81 - { assertion = cfg.domain != ""; 82 - message = "cannot start iodined without domain name set";}]; 83 - 84 - }; 85 - 86 - }