diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking/corerad.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/services/networking/corerad.nix | 48 |
1 files changed, 45 insertions, 3 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/corerad.nix b/nixpkgs/nixos/modules/services/networking/corerad.nix index 1a2c4aec665..d90a5923bc6 100644 --- a/nixpkgs/nixos/modules/services/networking/corerad.nix +++ b/nixpkgs/nixos/modules/services/networking/corerad.nix @@ -4,14 +4,50 @@ with lib; let cfg = config.services.corerad; + + writeTOML = name: x: + pkgs.runCommandNoCCLocal name { + passAsFile = ["config"]; + config = builtins.toJSON x; + buildInputs = [ pkgs.go-toml ]; + } "jsontoml < $configPath > $out"; + in { - meta = { - maintainers = with maintainers; [ mdlayher ]; - }; + meta.maintainers = with maintainers; [ mdlayher ]; options.services.corerad = { enable = mkEnableOption "CoreRAD IPv6 NDP RA daemon"; + settings = mkOption { + type = types.uniq types.attrs; + example = literalExample '' + { + interfaces = [ + # eth0 is an upstream interface monitoring for IPv6 router advertisements. + { + name = "eth0"; + monitor = true; + } + # eth1 is a downstream interface advertising IPv6 prefixes for SLAAC. + { + name = "eth1"; + advertise = true; + prefix = [{ prefix = "::/64"; }]; + } + ]; + # Optionally enable Prometheus metrics. + debug = { + address = "localhost:9430"; + prometheus = true; + }; + } + ''; + description = '' + Configuration for CoreRAD, see <link xlink:href="https://github.com/mdlayher/corerad/blob/master/internal/config/default.toml"/> + for supported values. Ignored if configFile is set. + ''; + }; + configFile = mkOption { type = types.path; example = literalExample "\"\${pkgs.corerad}/etc/corerad/corerad.toml\""; @@ -27,6 +63,9 @@ in { }; config = mkIf cfg.enable { + # Prefer the config file over settings if both are set. + services.corerad.configFile = mkDefault (writeTOML "corerad.toml" cfg.settings); + systemd.services.corerad = { description = "CoreRAD IPv6 NDP RA daemon"; after = [ "network.target" ]; @@ -38,8 +77,11 @@ in { AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_RAW"; NoNewPrivileges = true; DynamicUser = true; + Type = "notify"; + NotifyAccess = "main"; ExecStart = "${getBin cfg.package}/bin/corerad -c=${cfg.configFile}"; Restart = "on-failure"; + RestartKillSignal = "SIGHUP"; }; }; }; |