pyrox.dev / nixpkgs
lol
fork atom

siproxd: initial service expression

Emery Hemingway af09d3eb f95d8f13

+183
unified split
+2
nixos/modules/misc/ids.nix
··· 141 141 unifi = 131; 142 142 gdm = 132; 143 143 dhcpd = 133; 144 + siproxd = 134; 144 145 145 146 # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! 146 147 ··· 256 257 docker = 131; 257 258 gdm = 132; 258 259 tss = 133; 260 + siproxd = 134; 259 261 260 262 # When adding a gid, make sure it doesn't match an existing uid. And don't use gids above 399! 261 263
+1
nixos/modules/module-list.nix
··· 159 159 ./services/misc/nix-ssh-serve.nix 160 160 ./services/misc/rippled.nix 161 161 ./services/misc/rogue.nix 162 + ./services/misc/siproxd.nix 162 163 ./services/misc/svnserve.nix 163 164 ./services/misc/synergy.nix 164 165 ./services/monitoring/apcupsd.nix
+180
nixos/modules/services/misc/siproxd.nix
··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + 5 + let 6 + 7 + cfg = config.services.siproxd; 8 + 9 + conf = '' 10 + daemonize = 0 11 + rtp_proxy_enable = 1 12 + user = siproxd 13 + if_inbound = ${cfg.ifInbound} 14 + if_outbound = ${cfg.ifOutbound} 15 + sip_listen_port = ${toString cfg.sipListenPort} 16 + rtp_port_low = ${toString cfg.rtpPortLow} 17 + rtp_port_high = ${toString cfg.rtpPortHigh} 18 + rtp_dscp = ${toString cfg.rtpDscp} 19 + sip_dscp = ${toString cfg.sipDscp} 20 + ${optionalString (cfg.hostsAllowReg != []) "hosts_allow_reg = ${concatStringsSep "," cfg.hostsAllowReg}"} 21 + ${optionalString (cfg.hostsAllowSip != []) "hosts_allow_sip = ${concatStringsSep "," cfg.hostsAllowSip}"} 22 + ${optionalString (cfg.hostsDenySip != []) "hosts_deny_sip = ${concatStringsSep "," cfg.hostsDenySip}"} 23 + ${if (cfg.passwordFile != "") then "proxy_auth_pwfile = ${cfg.passwordFile}" else ""} 24 + ${cfg.extraConfig} 25 + ''; 26 + 27 + confFile = builtins.toFile "siproxd.conf" conf; 28 + 29 + in 30 + { 31 + ##### interface 32 + 33 + options = { 34 + 35 + services.siproxd = { 36 + 37 + enable = mkOption { 38 + type = types.bool; 39 + default = false; 40 + description = '' 41 + Whether to enable the Siproxd SIP 42 + proxy/masquerading daemon. 43 + ''; 44 + }; 45 + 46 + ifInbound = mkOption { 47 + type = types.str; 48 + example = "eth0"; 49 + description = "Local network interface"; 50 + }; 51 + 52 + ifOutbound = mkOption { 53 + type = types.str; 54 + example = "ppp0"; 55 + description = "Public network interface"; 56 + }; 57 + 58 + hostsAllowReg = mkOption { 59 + type = types.listOf types.str; 60 + default = [ ]; 61 + example = [ "192.168.1.0/24" "192.168.2.0/24" ]; 62 + description = '' 63 + Acess control list for incoming SIP registrations. 64 + ''; 65 + }; 66 + 67 + hostsAllowSip = mkOption { 68 + type = types.listOf types.str; 69 + default = [ ]; 70 + example = [ "123.45.0.0/16" "123.46.0.0/16" ]; 71 + description = '' 72 + Acess control list for incoming SIP traffic. 73 + ''; 74 + }; 75 + 76 + hostsDenySip = mkOption { 77 + type = types.listOf types.str; 78 + default = [ ]; 79 + example = [ "10.0.0.0/8" "11.0.0.0/8" ]; 80 + description = '' 81 + Acess control list for denying incoming 82 + SIP registrations and traffic. 83 + ''; 84 + }; 85 + 86 + sipListenPort = mkOption { 87 + type = types.int; 88 + default = 5060; 89 + description = '' 90 + Port to listen for incoming SIP messages. 91 + ''; 92 + }; 93 + 94 + rtpPortLow = mkOption { 95 + type = types.int; 96 + default = 7070; 97 + description = '' 98 + Bottom of UDP port range for incoming and outgoing RTP traffic 99 + ''; 100 + }; 101 + 102 + rtpPortHigh = mkOption { 103 + type = types.int; 104 + default = 7089; 105 + description = '' 106 + Top of UDP port range for incoming and outgoing RTP traffic 107 + ''; 108 + }; 109 + 110 + rtpTimeout = mkOption { 111 + type = types.int; 112 + default = 300; 113 + description = '' 114 + Timeout for an RTP stream. If for the specified 115 + number of seconds no data is relayed on an active 116 + stream, it is considered dead and will be killed. 117 + ''; 118 + }; 119 + 120 + rtpDscp = mkOption { 121 + type = types.int; 122 + default = 46; 123 + description = '' 124 + DSCP (differentiated services) value to be assigned 125 + to RTP packets. Allows QOS aware routers to handle 126 + different types traffic with different priorities. 127 + ''; 128 + }; 129 + 130 + sipDscp = mkOption { 131 + type = types.int; 132 + default = 0; 133 + description = '' 134 + DSCP (differentiated services) value to be assigned 135 + to SIP packets. Allows QOS aware routers to handle 136 + different types traffic with different priorities. 137 + ''; 138 + }; 139 + 140 + passwordFile = mkOption { 141 + type = types.str; 142 + default = ""; 143 + description = '' 144 + Path to per-user password file. 145 + ''; 146 + }; 147 + 148 + extraConfig = mkOption { 149 + type = types.lines; 150 + default = ""; 151 + description = '' 152 + Extra configuration to add to siproxd configuration. 153 + ''; 154 + }; 155 + 156 + }; 157 + 158 + }; 159 + 160 + ##### implementation 161 + 162 + config = mkIf cfg.enable { 163 + 164 + users.extraUsers = singleton { 165 + name = "siproxyd"; 166 + uid = config.ids.uids.siproxd; 167 + }; 168 + 169 + systemd.services.siproxd = { 170 + description = "SIP proxy/masquerading daemon"; 171 + wantedBy = [ "multi-user.target" ]; 172 + after = [ "network.target" ]; 173 + serviceConfig = { 174 + ExecStart = "${pkgs.siproxd}/sbin/siproxd -c ${confFile}"; 175 + }; 176 + }; 177 + 178 + }; 179 + 180 + }