aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/nixos/modules/services/networking
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/modules/services/networking')
-rw-r--r--nixpkgs/nixos/modules/services/networking/mxisd.nix33
-rw-r--r--nixpkgs/nixos/modules/services/networking/networkmanager.nix51
-rw-r--r--nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix14
-rw-r--r--nixpkgs/nixos/modules/services/networking/zeronet.nix92
4 files changed, 104 insertions, 86 deletions
diff --git a/nixpkgs/nixos/modules/services/networking/mxisd.nix b/nixpkgs/nixos/modules/services/networking/mxisd.nix
index 02e89f441b3..a3d61922e57 100644
--- a/nixpkgs/nixos/modules/services/networking/mxisd.nix
+++ b/nixpkgs/nixos/modules/services/networking/mxisd.nix
@@ -3,6 +3,15 @@
with lib;
let
+
+ isMa1sd =
+ package:
+ lib.hasPrefix "ma1sd" package.name;
+
+ isMxisd =
+ package:
+ lib.hasPrefix "mxisd" package.name;
+
cfg = config.services.mxisd;
server = optionalAttrs (cfg.server.name != null) { inherit (cfg.server) name; }
@@ -12,37 +21,41 @@ let
matrix.domain = cfg.matrix.domain;
key.path = "${cfg.dataDir}/signing.key";
storage = {
- provider.sqlite.database = "${cfg.dataDir}/mxisd.db";
+ provider.sqlite.database = if isMa1sd cfg.package
+ then "${cfg.dataDir}/ma1sd.db"
+ else "${cfg.dataDir}/mxisd.db";
};
} // optionalAttrs (server != {}) { inherit server; };
# merges baseConfig and extraConfig into a single file
fullConfig = recursiveUpdate baseConfig cfg.extraConfig;
- configFile = pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig);
+ configFile = if isMa1sd cfg.package
+ then pkgs.writeText "ma1sd-config.yaml" (builtins.toJSON fullConfig)
+ else pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig);
in {
options = {
services.mxisd = {
- enable = mkEnableOption "mxisd matrix federated identity server";
+ enable = mkEnableOption "matrix federated identity server";
package = mkOption {
type = types.package;
default = pkgs.mxisd;
defaultText = "pkgs.mxisd";
- description = "The mxisd package to use";
+ description = "The mxisd/ma1sd package to use";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/mxisd";
- description = "Where data mxisd uses resides";
+ description = "Where data mxisd/ma1sd uses resides";
};
extraConfig = mkOption {
type = types.attrs;
default = {};
- description = "Extra options merged into the mxisd configuration";
+ description = "Extra options merged into the mxisd/ma1sd configuration";
};
matrix = {
@@ -62,7 +75,7 @@ in {
type = types.nullOr types.str;
default = null;
description = ''
- Public hostname of mxisd, if different from the Matrix domain.
+ Public hostname of mxisd/ma1sd, if different from the Matrix domain.
'';
};
@@ -103,11 +116,13 @@ in {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
- serviceConfig = {
+ serviceConfig = let
+ executable = if isMa1sd cfg.package then "ma1sd" else "mxisd";
+ in {
Type = "simple";
User = "mxisd";
Group = "mxisd";
- ExecStart = "${cfg.package}/bin/mxisd -c ${configFile}";
+ ExecStart = "${cfg.package}/bin/${executable} -c ${configFile}";
WorkingDirectory = cfg.dataDir;
Restart = "on-failure";
};
diff --git a/nixpkgs/nixos/modules/services/networking/networkmanager.nix b/nixpkgs/nixos/modules/services/networking/networkmanager.nix
index 887c89ddf3a..176d26e07b0 100644
--- a/nixpkgs/nixos/modules/services/networking/networkmanager.nix
+++ b/nixpkgs/nixos/modules/services/networking/networkmanager.nix
@@ -5,11 +5,25 @@ with lib;
let
cfg = config.networking.networkmanager;
+ basePackages = with pkgs; [
+ crda
+ modemmanager
+ networkmanager
+ networkmanager-fortisslvpn
+ networkmanager-iodine
+ networkmanager-l2tp
+ networkmanager-openconnect
+ networkmanager-openvpn
+ networkmanager-vpnc
+ ] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant;
+
dynamicHostsEnabled =
cfg.dynamicHosts.enable && cfg.dynamicHosts.hostsDirs != {};
delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != [];
+ enableIwd = cfg.wifi.backend == "iwd";
+
# /var/lib/misc is for dnsmasq.leases.
stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc";
@@ -38,6 +52,7 @@ let
[device]
wifi.scan-rand-mac-address=${if cfg.wifi.scanRandMacAddress then "yes" else "no"}
+ wifi.backend=${cfg.wifi.backend}
${cfg.extraConfig}
'';
@@ -176,25 +191,13 @@ in {
'';
};
- # Ugly hack for using the correct gnome3 packageSet
- basePackages = mkOption {
- type = types.attrsOf types.package;
- default = { inherit (pkgs)
- networkmanager modemmanager crda
- networkmanager-openvpn networkmanager-vpnc
- networkmanager-openconnect networkmanager-fortisslvpn
- networkmanager-l2tp networkmanager-iodine; }
- // optionalAttrs (!delegateWireless) { inherit (pkgs) wpa_supplicant; };
- internal = true;
- };
-
packages = mkOption {
- type = types.listOf types.path;
+ type = types.listOf types.package;
default = [ ];
description = ''
Extra packages that provide NetworkManager plugins.
'';
- apply = list: (attrValues cfg.basePackages) ++ list;
+ apply = list: basePackages ++ list;
};
dhcp = mkOption {
@@ -236,6 +239,15 @@ in {
wifi = {
macAddress = macAddressOpt;
+ backend = mkOption {
+ type = types.enum [ "wpa_supplicant" "iwd" ];
+ default = "wpa_supplicant";
+ description = ''
+ Specify the Wi-Fi backend used for the device.
+ Currently supported are <option>wpa_supplicant</option> or <option>iwd</option> (experimental).
+ '';
+ };
+
powersave = mkOption {
type = types.nullOr types.bool;
default = null;
@@ -390,12 +402,12 @@ in {
{ assertion = !dynamicHostsEnabled || (dynamicHostsEnabled && cfg.dns == "dnsmasq");
message = ''
To use networking.networkmanager.dynamicHosts you also need to set
- networking.networkmanager.dns = "dnsmasq"
+ `networking.networkmanager.dns = "dnsmasq"`
'';
}
];
- environment.etc = with cfg.basePackages; [
+ environment.etc = with pkgs; [
{ source = configFile;
target = "NetworkManager/NetworkManager.conf";
}
@@ -469,12 +481,16 @@ in {
mkdir -m 700 -p /etc/ipsec.d
mkdir -m 755 -p ${stateDirs}
'';
+
+ aliases = [ "dbus-org.freedesktop.NetworkManager.service" ];
};
systemd.services.NetworkManager-wait-online = {
wantedBy = [ "network-online.target" ];
};
+ systemd.services.ModemManager.aliases = [ "dbus-org.freedesktop.ModemManager1.service" ];
+
systemd.services.nm-setup-hostsdirs = mkIf dynamicHostsEnabled {
wantedBy = [ "NetworkManager.service" ];
before = [ "NetworkManager.service" ];
@@ -496,6 +512,7 @@ in {
# useful binaries for user-specified hooks
path = [ pkgs.iproute pkgs.utillinux pkgs.coreutils ];
+ aliases = [ "dbus-org.freedesktop.nm-dispatcher.service" ];
};
# Turn off NixOS' network management when networking is managed entirely by NetworkManager
@@ -505,6 +522,8 @@ in {
wireless.enable = mkDefault false;
}) // (mkIf cfg.enableStrongSwan {
networkmanager.packages = [ pkgs.networkmanager_strongswan ];
+ }) // (mkIf enableIwd {
+ wireless.iwd.enable = true;
});
security.polkit.extraConfig = polkitConf;
diff --git a/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix b/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix
index 63e59e7c8fa..294c0d70ede 100644
--- a/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix
+++ b/nixpkgs/nixos/modules/services/networking/wpa_supplicant.nix
@@ -103,6 +103,13 @@ in {
description = ''
Set this to <literal>true</literal> if the SSID of the network is hidden.
'';
+ example = literalExample ''
+ { echelon = {
+ hidden = true;
+ psk = "abcdefgh";
+ };
+ }
+ '';
};
priority = mkOption {
@@ -146,10 +153,13 @@ in {
'';
default = {};
example = literalExample ''
- { echelon = {
+ { echelon = { # SSID with no spaces or special characters
psk = "abcdefgh";
};
- "free.wifi" = {};
+ "echelon's AP" = { # SSID with spaces and/or special characters
+ psk = "ijklmnop";
+ };
+ "free.wifi" = {}; # Public wireless network
}
'';
};
diff --git a/nixpkgs/nixos/modules/services/networking/zeronet.nix b/nixpkgs/nixos/modules/services/networking/zeronet.nix
index f4988a90268..f354a9d42c7 100644
--- a/nixpkgs/nixos/modules/services/networking/zeronet.nix
+++ b/nixpkgs/nixos/modules/services/networking/zeronet.nix
@@ -1,44 +1,39 @@
{ config, lib, pkgs, ... }:
let
+ inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types;
cfg = config.services.zeronet;
-
- zConfFile = pkgs.writeTextFile {
- name = "zeronet.conf";
-
- text = ''
- [global]
- data_dir = ${cfg.dataDir}
- log_dir = ${cfg.logDir}
- '' + lib.optionalString (cfg.port != null) ''
- ui_port = ${toString cfg.port}
- '' + lib.optionalString (cfg.fileserverPort != null) ''
- fileserver_port = ${toString cfg.fileserverPort}
- '' + lib.optionalString (cfg.torAlways) ''
- tor = always
- '' + cfg.extraConfig;
+ dataDir = "/var/lib/zeronet";
+ configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings));
+
+ defaultSettings = {
+ global = {
+ data_dir = dataDir;
+ log_dir = dataDir;
+ ui_port = cfg.port;
+ fileserver_port = cfg.fileserverPort;
+ tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable";
+ };
};
in with lib; {
options.services.zeronet = {
enable = mkEnableOption "zeronet";
- dataDir = mkOption {
- type = types.path;
- default = "/var/lib/zeronet";
- example = "/home/okina/zeronet";
- description = "Path to the zeronet data directory.";
- };
+ settings = mkOption {
+ type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
+ default = {};
+ example = literalExample "global.tor = enable;";
- logDir = mkOption {
- type = types.path;
- default = "/var/log/zeronet";
- example = "/home/okina/zeronet/log";
- description = "Path to the zeronet log directory.";
+ description = ''
+ <filename>zeronet.conf</filename> configuration. Refer to
+ <link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/>
+ for details on supported values;
+ '';
};
port = mkOption {
- type = types.nullOr types.int;
- default = null;
+ type = types.int;
+ default = 43110;
example = 43110;
description = "Optional zeronet web UI port.";
};
@@ -63,22 +58,13 @@ in with lib; {
default = false;
description = "Use TOR for all zeronet traffic.";
};
-
- extraConfig = mkOption {
- type = types.lines;
- default = "";
-
- description = ''
- Extra configuration. Contents will be added verbatim to the
- configuration file at the end.
- '';
- };
};
config = mkIf cfg.enable {
services.tor = mkIf cfg.tor {
enable = true;
controlPort = 9051;
+
extraConfig = ''
CacheDirectoryGroupReadable 1
CookieAuthentication 1
@@ -86,37 +72,25 @@ in with lib; {
'';
};
- systemd.tmpfiles.rules = [
- "d '${cfg.dataDir}' 750 zeronet zeronet - -"
- "d '${cfg.logDir}' 750 zeronet zeronet - -"
- ];
-
systemd.services.zeronet = {
description = "zeronet";
after = [ "network.target" (optionalString cfg.tor "tor.service") ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
- PrivateTmp = "yes";
User = "zeronet";
- Group = "zeronet";
- ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}";
- };
- };
-
- users = {
- groups.zeronet.gid = config.ids.gids.zeronet;
-
- users.zeronet = {
- description = "zeronet service user";
- home = cfg.dataDir;
- createHome = true;
- group = "zeronet";
- extraGroups = mkIf cfg.tor [ "tor" ];
- uid = config.ids.uids.zeronet;
+ DynamicUser = true;
+ StateDirectory = "zeronet";
+ SupplementaryGroups = mkIf cfg.tor [ "tor" ];
+ ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}";
};
};
};
+ imports = [
+ (mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet")
+ (mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet")
+ ];
+
meta.maintainers = with maintainers; [ chiiruno ];
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 01:42:59 +0000