diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking')
4 files changed, 104 insertions, 86 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/mxisd.nix b/nixpkgs/nixos/modules/services/networking/mxisd.nix index 02e89f441b3..a3d61922e57 100644 --- a/nixpkgs/nixos/modules/services/networking/mxisd.nix +++ b/nixpkgs/nixos/modules/services/networking/mxisd.nix @@ -3,6 +3,15 @@ with lib; let + + isMa1sd = + package: + lib.hasPrefix "ma1sd" package.name; + + isMxisd = + package: + lib.hasPrefix "mxisd" package.name; + cfg = config.services.mxisd; server = optionalAttrs (cfg.server.name != null) { inherit (cfg.server) name; } @@ -12,37 +21,41 @@ let matrix.domain = cfg.matrix.domain; key.path = "${cfg.dataDir}/signing.key"; storage = { - provider.sqlite.database = "${cfg.dataDir}/mxisd.db"; + provider.sqlite.database = if isMa1sd cfg.package + then "${cfg.dataDir}/ma1sd.db" + else "${cfg.dataDir}/mxisd.db"; }; } // optionalAttrs (server != {}) { inherit server; }; # merges baseConfig and extraConfig into a single file fullConfig = recursiveUpdate baseConfig cfg.extraConfig; - configFile = pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig); + configFile = if isMa1sd cfg.package + then pkgs.writeText "ma1sd-config.yaml" (builtins.toJSON fullConfig) + else pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig); in { options = { services.mxisd = { - enable = mkEnableOption "mxisd matrix federated identity server"; + enable = mkEnableOption "matrix federated identity server"; package = mkOption { type = types.package; default = pkgs.mxisd; defaultText = "pkgs.mxisd"; - description = "The mxisd package to use"; + description = "The mxisd/ma1sd package to use"; }; dataDir = mkOption { type = types.str; default = "/var/lib/mxisd"; - description = "Where data mxisd uses resides"; + description = "Where data mxisd/ma1sd uses resides"; }; extraConfig = mkOption { type = types.attrs; default = {}; - description = "Extra options merged into the mxisd configuration"; + description = "Extra options merged into the mxisd/ma1sd configuration"; }; matrix = { @@ -62,7 +75,7 @@ in { type = types.nullOr types.str; default = null; description = '' - Public hostname of mxisd, if different from the Matrix domain. + Public hostname of mxisd/ma1sd, if different from the Matrix domain. ''; }; @@ -103,11 +116,13 @@ in { after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - serviceConfig = { + serviceConfig = let + executable = if isMa1sd cfg.package then "ma1sd" else "mxisd"; + in { Type = "simple"; User = "mxisd"; Group = "mxisd"; - ExecStart = "${cfg.package}/bin/mxisd -c ${configFile}"; + ExecStart = "${cfg.package}/bin/${executable} -c ${configFile}"; WorkingDirectory = cfg.dataDir; Restart = "on-failure"; }; diff --git a/nixpkgs/nixos/modules/services/networking/networkmanager.nix b/nixpkgs/nixos/modules/services/networking/networkmanager.nix index 887c89ddf3a..176d26e07b0 100644 --- a/nixpkgs/nixos/modules/services/networking/networkmanager.nix +++ b/nixpkgs/nixos/modules/services/networking/networkmanager.nix @@ -5,11 +5,25 @@ with lib; let cfg = config.networking.networkmanager; + basePackages = with pkgs; [ + crda + modemmanager + networkmanager + networkmanager-fortisslvpn + networkmanager-iodine + networkmanager-l2tp + networkmanager-openconnect + networkmanager-openvpn + networkmanager-vpnc + ] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant; + dynamicHostsEnabled = cfg.dynamicHosts.enable && cfg.dynamicHosts.hostsDirs != {}; delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != []; + enableIwd = cfg.wifi.backend == "iwd"; + # /var/lib/misc is for dnsmasq.leases. stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc"; @@ -38,6 +52,7 @@ let [device] wifi.scan-rand-mac-address=${if cfg.wifi.scanRandMacAddress then "yes" else "no"} + wifi.backend=${cfg.wifi.backend} ${cfg.extraConfig} ''; @@ -176,25 +191,13 @@ in { ''; }; - # Ugly hack for using the correct gnome3 packageSet - basePackages = mkOption { - type = types.attrsOf types.package; - default = { inherit (pkgs) - networkmanager modemmanager crda - networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-l2tp networkmanager-iodine; } - // optionalAttrs (!delegateWireless) { inherit (pkgs) wpa_supplicant; }; - internal = true; - }; - packages = mkOption { - type = types.listOf types.path; + type = types.listOf types.package; default = [ ]; description = '' Extra packages that provide NetworkManager plugins. ''; - apply = list: (attrValues cfg.basePackages) ++ list; + apply = list: basePackages ++ list; }; dhcp = mkOption { @@ -236,6 +239,15 @@ in { wifi = { macAddress = macAddressOpt; + backend = mkOption { + type = types.enum [ "wpa_supplicant" "iwd" ]; + default = "wpa_supplicant"; + description = '' + Specify the Wi-Fi backend used for the device. + Currently supported are <option>wpa_supplicant</option> or <option>iwd</option> (experimental). + ''; + }; + powersave = mkOption { type = types.nullOr types.bool; default = null; @@ -390,12 +402,12 @@ in { { assertion = !dynamicHostsEnabled || (dynamicHostsEnabled && cfg.dns == "dnsmasq"); message = '' To use networking.networkmanager.dynamicHosts you also need to set - networking.networkmanager.dns = "dnsmasq" + `networking.networkmanager.dns = "dnsmasq"` ''; } ]; - environment.etc = with cfg.basePackages; [ + environment.etc = with pkgs; [ { source = configFile; target = "NetworkManager/NetworkManager.conf"; } @@ -469,12 +481,16 @@ in { mkdir -m 700 -p /etc/ipsec.d mkdir -m 755 -p ${stateDirs} ''; + + aliases = [ "dbus-org.freedesktop.NetworkManager.service" ]; }; systemd.services.NetworkManager-wait-online = { wantedBy = [ "network-online.target" ]; }; + systemd.services.ModemManager.aliases = [ "dbus-org.freedesktop.ModemManager1.service" ]; + systemd.services.nm-setup-hostsdirs = mkIf dynamicHostsEnabled { wantedBy = [ "NetworkManager.service" ]; before = [ "NetworkManager.service" ]; @@ -496,6 +512,7 @@ in { # useful binaries for user-specified hooks path = [ pkgs.iproute pkgs.utillinux pkgs.coreutils ]; + aliases = [ "dbus-org.freedesktop.nm-dispatcher.service" ]; }; # Turn off NixOS' network management when networking is managed entirely by NetworkManager @@ -505,6 +522,8 @@ in { wireless.enable = mkDefault false; }) // (mkIf cfg.enableStrongSwan { networkmanager.packages = [ pkgs.networkmanager_strongswan ]; + }) // (mkIf enableIwd { + wireless.iwd.enable = true; }); security.polkit.extraConfig = polkitConf; diff --git a/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix b/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix index 63e59e7c8fa..294c0d70ede 100644 --- a/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix @@ -103,6 +103,13 @@ in { description = '' Set this to <literal>true</literal> if the SSID of the network is hidden. ''; + example = literalExample '' + { echelon = { + hidden = true; + psk = "abcdefgh"; + }; + } + ''; }; priority = mkOption { @@ -146,10 +153,13 @@ in { ''; default = {}; example = literalExample '' - { echelon = { + { echelon = { # SSID with no spaces or special characters psk = "abcdefgh"; }; - "free.wifi" = {}; + "echelon's AP" = { # SSID with spaces and/or special characters + psk = "ijklmnop"; + }; + "free.wifi" = {}; # Public wireless network } ''; }; diff --git a/nixpkgs/nixos/modules/services/networking/zeronet.nix b/nixpkgs/nixos/modules/services/networking/zeronet.nix index f4988a90268..f354a9d42c7 100644 --- a/nixpkgs/nixos/modules/services/networking/zeronet.nix +++ b/nixpkgs/nixos/modules/services/networking/zeronet.nix @@ -1,44 +1,39 @@ { config, lib, pkgs, ... }: let + inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types; cfg = config.services.zeronet; - - zConfFile = pkgs.writeTextFile { - name = "zeronet.conf"; - - text = '' - [global] - data_dir = ${cfg.dataDir} - log_dir = ${cfg.logDir} - '' + lib.optionalString (cfg.port != null) '' - ui_port = ${toString cfg.port} - '' + lib.optionalString (cfg.fileserverPort != null) '' - fileserver_port = ${toString cfg.fileserverPort} - '' + lib.optionalString (cfg.torAlways) '' - tor = always - '' + cfg.extraConfig; + dataDir = "/var/lib/zeronet"; + configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings)); + + defaultSettings = { + global = { + data_dir = dataDir; + log_dir = dataDir; + ui_port = cfg.port; + fileserver_port = cfg.fileserverPort; + tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable"; + }; }; in with lib; { options.services.zeronet = { enable = mkEnableOption "zeronet"; - dataDir = mkOption { - type = types.path; - default = "/var/lib/zeronet"; - example = "/home/okina/zeronet"; - description = "Path to the zeronet data directory."; - }; + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); + default = {}; + example = literalExample "global.tor = enable;"; - logDir = mkOption { - type = types.path; - default = "/var/log/zeronet"; - example = "/home/okina/zeronet/log"; - description = "Path to the zeronet log directory."; + description = '' + <filename>zeronet.conf</filename> configuration. Refer to + <link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/> + for details on supported values; + ''; }; port = mkOption { - type = types.nullOr types.int; - default = null; + type = types.int; + default = 43110; example = 43110; description = "Optional zeronet web UI port."; }; @@ -63,22 +58,13 @@ in with lib; { default = false; description = "Use TOR for all zeronet traffic."; }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - - description = '' - Extra configuration. Contents will be added verbatim to the - configuration file at the end. - ''; - }; }; config = mkIf cfg.enable { services.tor = mkIf cfg.tor { enable = true; controlPort = 9051; + extraConfig = '' CacheDirectoryGroupReadable 1 CookieAuthentication 1 @@ -86,37 +72,25 @@ in with lib; { ''; }; - systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}' 750 zeronet zeronet - -" - "d '${cfg.logDir}' 750 zeronet zeronet - -" - ]; - systemd.services.zeronet = { description = "zeronet"; after = [ "network.target" (optionalString cfg.tor "tor.service") ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - PrivateTmp = "yes"; User = "zeronet"; - Group = "zeronet"; - ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}"; - }; - }; - - users = { - groups.zeronet.gid = config.ids.gids.zeronet; - - users.zeronet = { - description = "zeronet service user"; - home = cfg.dataDir; - createHome = true; - group = "zeronet"; - extraGroups = mkIf cfg.tor [ "tor" ]; - uid = config.ids.uids.zeronet; + DynamicUser = true; + StateDirectory = "zeronet"; + SupplementaryGroups = mkIf cfg.tor [ "tor" ]; + ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}"; }; }; }; + imports = [ + (mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet") + (mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet") + ]; + meta.maintainers = with maintainers; [ chiiruno ]; } |