nixpkgs/nixos/modules/services/networking/connman.nix

{ config, lib, pkgs, ... }:

with pkgs;
with lib;

let
  cfg = config.services.connman;
  configFile = pkgs.writeText "connman.conf" ''
    [General]
    NetworkInterfaceBlacklist=${concatStringsSep "," cfg.networkInterfaceBlacklist}

    ${cfg.extraConfig}
  '';
  enableIwd = cfg.wifi.backend == "iwd";
in {

  imports = [
    (mkRenamedOptionModule [ "networking" "connman" ] [ "services" "connman" ])
  ];

  ###### interface

  options = {

    services.connman = {

      enable = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to use ConnMan for managing your network connections.
        '';
      };

      enableVPN = mkOption {
        type = types.bool;
        default = true;
        description = ''
          Whether to enable ConnMan VPN service.
        '';
      };

      extraConfig = mkOption {
        type = types.lines;
        default = ''
        '';
        description = ''
          Configuration lines appended to the generated connman configuration file.
        '';
      };

      networkInterfaceBlacklist = mkOption {
        type = with types; listOf str;
        default = [ "vmnet" "vboxnet" "virbr" "ifb" "ve" ];
        description = ''
          Default blacklisted interfaces, this includes NixOS containers interfaces (ve).
        '';
      };

      wifi = {
        backend = mkOption {
          type = types.enum [ "wpa_supplicant" "iwd" ];
          default = "wpa_supplicant";
          description = ''
            Specify the Wi-Fi backend used.
            Currently supported are <option>wpa_supplicant</option> or <option>iwd</option>.
          '';
        };
      };

      extraFlags = mkOption {
        type = with types; listOf str;
        default = [ ];
        example = [ "--nodnsproxy" ];
        description = ''
          Extra flags to pass to connmand
        '';
      };

      package = mkOption {
        type = types.path;
        description = "The connman package / build flavor";
        default = connman;
        example = literalExample "pkgs.connmanFull";
      };

    };

  };

  ###### implementation

  config = mkIf cfg.enable {

    assertions = [{
      assertion = !config.networking.useDHCP;
      message = "You can not use services.connman with networking.useDHCP";
    }{
      # TODO: connman seemingly can be used along network manager and
      # connmanFull supports this - so this should be worked out somehow
      assertion = !config.networking.networkmanager.enable;
      message = "You can not use services.connman with networking.networkmanager";
    }];

    environment.systemPackages = [ cfg.package ];

    systemd.services.connman = {
      description = "Connection service";
      wantedBy = [ "multi-user.target" ];
      after = [ "syslog.target" ] ++ optional enableIwd "iwd.service";
      requires = optional enableIwd "iwd.service";
      serviceConfig = {
        Type = "dbus";
        BusName = "net.connman";
        Restart = "on-failure";
        ExecStart = toString ([
          "${cfg.package}/sbin/connmand"
          "--config=${configFile}"
          "--nodaemon"
        ] ++ optional enableIwd "--wifi=iwd_agent"
          ++ cfg.extraFlags);
        StandardOutput = "null";
      };
    };

    systemd.services.connman-vpn = mkIf cfg.enableVPN {
      description = "ConnMan VPN service";
      wantedBy = [ "multi-user.target" ];
      after = [ "syslog.target" ];
      before = [ "connman" ];
      serviceConfig = {
        Type = "dbus";
        BusName = "net.connman.vpn";
        ExecStart = "${cfg.package}/sbin/connman-vpnd -n";
        StandardOutput = "null";
      };
    };

    systemd.services.net-connman-vpn = mkIf cfg.enableVPN {
      description = "D-BUS Service";
      serviceConfig = {
        Name = "net.connman.vpn";
        before = [ "connman" ];
        ExecStart = "${cfg.package}/sbin/connman-vpnd -n";
        User = "root";
        SystemdService = "connman-vpn.service";
      };
    };

    networking = {
      useDHCP = false;
      wireless = {
        enable = mkIf (!enableIwd) true;
        iwd = mkIf enableIwd {
          enable = true;
        };
      };
      networkmanager.enable = false;
    };
  };
}
Rewrite ‘with pkgs.lib’ -> ‘with lib’ Using pkgs.lib on the spine of module evaluation is problematic because the pkgs argument depends on the result of module evaluation. To prevent an infinite recursion, pkgs and some of the modules are evaluated twice, which is inefficient. Using ‘with lib’ prevents this problem. 2014-04-14 16:26:48 +02:00			`{ config, lib, pkgs, ... }:`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00
			`with pkgs;`
Get all lib functions from lib, not pkgs.lib, in modules 2014-05-05 14:58:51 -04:00			`with lib;`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00
			`let`
connman: move options to services As part of the networking.* name space cleanup, connman should be moved to services.connman. The same will happen for example with networkmanager in a separate PR. 2019-11-24 12:56:44 +01:00			`cfg = config.services.connman;`
connman: improved configuration support 2015-09-12 21:28:53 +09:00			`configFile = pkgs.writeText "connman.conf" ''`
			`[General]`
			`NetworkInterfaceBlacklist=${concatStringsSep "," cfg.networkInterfaceBlacklist}`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00
connman: improved configuration support 2015-09-12 21:28:53 +09:00			`${cfg.extraConfig}`
			`'';`
nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`enableIwd = cfg.wifi.backend == "iwd";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`in {`

nixos/treewide: Move rename.nix imports to their respective modules A centralized list for these renames is not good because: - It breaks disabledModules for modules that have a rename defined - Adding/removing renames for a module means having to find them in the central file - Merge conflicts due to multiple people editing the central file 2019-12-10 02:51:19 +01:00			`imports = [`
			`(mkRenamedOptionModule [ "networking" "connman" ] [ "services" "connman" ])`
			`];`

connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`###### interface`

			`options = {`

connman: move options to services As part of the networking.* name space cleanup, connman should be moved to services.connman. The same will happen for example with networkmanager in a separate PR. 2019-11-24 12:56:44 +01:00			`services.connman = {`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00
			`enable = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = ''`
			`Whether to use ConnMan for managing your network connections.`
			`'';`
			`};`

connman: disable connman-vpn by default (#18323) 2016-09-25 08:02:29 +02:00			`enableVPN = mkOption {`
			`type = types.bool;`
			`default = true;`
			`description = ''`
			`Whether to enable ConnMan VPN service.`
			`'';`
			`};`

connman: improved configuration support 2015-09-12 21:28:53 +09:00			`extraConfig = mkOption {`
			`type = types.lines;`
			`default = ''`
			`'';`
			`description = ''`
			`Configuration lines appended to the generated connman configuration file.`
			`'';`
			`};`

			`networkInterfaceBlacklist = mkOption {`
nixos/modules: Remove all usages of types.string And replace them with a more appropriate type Also fix up some minor module problems along the way 2019-08-08 22:48:27 +02:00			`type = with types; listOf str;`
connman: improved configuration support 2015-09-12 21:28:53 +09:00			`default = [ "vmnet" "vboxnet" "virbr" "ifb" "ve" ];`
			`description = ''`
			`Default blacklisted interfaces, this includes NixOS containers interfaces (ve).`
			`'';`
			`};`

nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`wifi = {`
			`backend = mkOption {`
			`type = types.enum [ "wpa_supplicant" "iwd" ];`
			`default = "wpa_supplicant";`
			`description = ''`
			`Specify the Wi-Fi backend used.`
			`Currently supported are <option>wpa_supplicant</option> or <option>iwd</option>.`
			`'';`
			`};`
			`};`

connmand: add extraFlags option to service 2016-09-13 20:10:03 +02:00			`extraFlags = mkOption {`
nixos/modules: Remove all usages of types.string And replace them with a more appropriate type Also fix up some minor module problems along the way 2019-08-08 22:48:27 +02:00			`type = with types; listOf str;`
connmand: add extraFlags option to service 2016-09-13 20:10:03 +02:00			`default = [ ];`
			`example = [ "--nodnsproxy" ];`
			`description = ''`
			`Extra flags to pass to connmand`
			`'';`
			`};`

nixos/connman: add option to use specific package 2020-03-28 12:06:54 +03:00			`package = mkOption {`
			`type = types.path;`
			`description = "The connman package / build flavor";`
			`default = connman;`
			`example = literalExample "pkgs.connmanFull";`
			`};`

connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`};`

			`};`

			`###### implementation`

			`config = mkIf cfg.enable {`

			`assertions = [{`
Use booleans properly 2016-02-01 17:51:04 +01:00			`assertion = !config.networking.useDHCP;`
connman: move options to services As part of the networking.* name space cleanup, connman should be moved to services.connman. The same will happen for example with networkmanager in a separate PR. 2019-11-24 12:56:44 +01:00			`message = "You can not use services.connman with networking.useDHCP";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`}{`
nixos/connman: add TODOs regarding connman + network-manager 2020-03-28 12:28:29 +03:00			`# TODO: connman seemingly can be used along network manager and`
			`# connmanFull supports this - so this should be worked out somehow`
nixos/connman: Fix assertion for networkmanager Regression introduced by 5184aaa1ea93368cb993b1e8e5862adb6e305110. The fix was intended to remove the "x == true/false" assertions, but by accident a "x == false" was made "x == true" instead of "(!x)". Signed-off-by: aszlig <aszlig@redmoonstudios.org> Reported-by: devhell <"^"@regexmail.net> 2016-02-01 19:33:50 +01:00			`assertion = !config.networking.networkmanager.enable;`
connman: move options to services As part of the networking.* name space cleanup, connman should be moved to services.connman. The same will happen for example with networkmanager in a separate PR. 2019-11-24 12:56:44 +01:00			`message = "You can not use services.connman with networking.networkmanager";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`}];`

nixos/connman: add option to use specific package 2020-03-28 12:06:54 +03:00			`environment.systemPackages = [ cfg.package ];`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00
treewide: remove redundant quotes 2019-08-13 21:52:01 +00:00			`systemd.services.connman = {`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`description = "Connection service";`
			`wantedBy = [ "multi-user.target" ];`
nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`after = [ "syslog.target" ] ++ optional enableIwd "iwd.service";`
			`requires = optional enableIwd "iwd.service";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`serviceConfig = {`
			`Type = "dbus";`
			`BusName = "net.connman";`
			`Restart = "on-failure";`
nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`ExecStart = toString ([`
nixos/connman: add option to use specific package 2020-03-28 12:06:54 +03:00			`"${cfg.package}/sbin/connmand"`
nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`"--config=${configFile}"`
			`"--nodaemon"`
			`] ++ optional enableIwd "--wifi=iwd_agent"`
			`++ cfg.extraFlags);`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`StandardOutput = "null";`
			`};`
			`};`

treewide: remove redundant quotes 2019-08-13 21:52:01 +00:00			`systemd.services.connman-vpn = mkIf cfg.enableVPN {`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`description = "ConnMan VPN service";`
			`wantedBy = [ "multi-user.target" ];`
			`after = [ "syslog.target" ];`
connman-vpn and connman-vpn dbus servise should start after connman service 2014-01-11 21:17:17 +01:00			`before = [ "connman" ];`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`serviceConfig = {`
			`Type = "dbus";`
			`BusName = "net.connman.vpn";`
nixos/connman: add option to use specific package 2020-03-28 12:06:54 +03:00			`ExecStart = "${cfg.package}/sbin/connman-vpnd -n";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`StandardOutput = "null";`
			`};`
			`};`

treewide: remove redundant quotes 2019-08-13 21:52:01 +00:00			`systemd.services.net-connman-vpn = mkIf cfg.enableVPN {`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`description = "D-BUS Service";`
			`serviceConfig = {`
			`Name = "net.connman.vpn";`
connman-vpn and connman-vpn dbus servise should start after connman service 2014-01-11 21:17:17 +01:00			`before = [ "connman" ];`
nixos/connman: add option to use specific package 2020-03-28 12:06:54 +03:00			`ExecStart = "${cfg.package}/sbin/connman-vpnd -n";`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`User = "root";`
			`SystemdService = "connman-vpn.service";`
			`};`
			`};`

			`networking = {`
			`useDHCP = false;`
nixos/connman: optional iwd backend 2019-12-21 13:48:15 -08:00			`wireless = {`
			`enable = mkIf (!enableIwd) true;`
			`iwd = mkIf enableIwd {`
			`enable = true;`
			`};`
			`};`
connman: new packages ConnMan v1.20 and connman-ui 2014-01-04 01:13:26 +01:00			`networkmanager.enable = false;`
			`};`
			`};`
			`}`