public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #19875 from joachifm/cjdns-for-upstream

Browse Source 
Cjdns module enhancments
This commit is contained in:
Joachim F 2016-10-28 13:01:58 +02:00 committed by GitHub
commit 1da6dd3eee
2 changed files with 28 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/modules/services/networking/cjdns-hosts.sh
View File

@ -1,11 +0,0 @@
pubs=($pubs)
hosts=($hosts)
lines="''\n"
for ((i = 0; i < ${#pubs[*]}; i++)); do
addr=$($cjdns/bin/publictoip6 ${pubs[i]})
lines="${lines}$addr ${hosts[i]}\n"
done
lines="${lines}''"
echo -ne $lines > $out

55
nixos/modules/services/networking/cjdns.nix
View File

@ -28,21 +28,18 @@ let
}; };
}; };
peers = mapAttrsToList (n: v: v) (cfg.ETHInterface.connectTo // cfg.UDPInterface.connectTo); # Additional /etc/hosts entries for peers with an associated hostname
cjdnsExtraHosts = import (pkgs.runCommand "cjdns-hosts" {}
pubs = toString (map (p: if p.hostname == "" then "" else p.publicKey) peers); # Generate a builder that produces an output usable as a Nix string value
hosts = toString (map (p: if p.hostname == "" then "" else p.hostname) peers); ''
exec >$out
cjdnsHosts = echo \'\'
if hosts != "" then ${concatStringsSep "\n" (mapAttrsToList (k: v:
import (pkgs.stdenv.mkDerivation { optionalString (v.hostname != "")
name = "cjdns-hosts"; "echo $(${pkgs.cjdns}/bin/publictoip6 ${x.key}) ${x.host}")
builder = ./cjdns-hosts.sh; (cfg.ETHInterface.connectTo // cfg.UDPInterface.connectTo))}
echo \'\'
inherit (pkgs) cjdns; '');
inherit pubs hosts;
})
else "";
parseModules = x: parseModules = x:
x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; }; x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; };
@ -95,8 +92,8 @@ in
}; };
confFile = mkOption { confFile = mkOption {
type = types.str; type = types.nullOr types.path;
default = ""; default = null;
example = "/etc/cjdroute.conf"; example = "/etc/cjdroute.conf";
description = '' description = ''
Ignore all other cjdns options and load configuration from this file. Ignore all other cjdns options and load configuration from this file.
@ -112,14 +109,14 @@ in
"49275fut6tmzu354pq70sr5b95qq0vj" "49275fut6tmzu354pq70sr5b95qq0vj"
]; ];
description = '' description = ''
Any remote cjdns nodes that offer these passwords on Any remote cjdns nodes that offer these passwords on
connection will be allowed to route through this node. connection will be allowed to route through this node.
''; '';
}; };
admin = { admin = {
bind = mkOption { bind = mkOption {
type = types.string; type = types.str;
default = "127.0.0.1:11234"; default = "127.0.0.1:11234";
description = '' description = ''
Bind the administration port to this address and port. Bind the administration port to this address and port.
@ -129,7 +126,7 @@ in
UDPInterface = { UDPInterface = {
bind = mkOption { bind = mkOption {
type = types.string; type = types.str;
default = ""; default = "";
example = "192.168.1.32:43211"; example = "192.168.1.32:43211";
description = '' description = ''
@ -154,6 +151,7 @@ in
ETHInterface = { ETHInterface = {
bind = mkOption { bind = mkOption {
type = types.str;
default = ""; default = "";
example = "eth0"; example = "eth0";
description = description =
@ -201,7 +199,7 @@ in
}; };
config = mkIf config.services.cjdns.enable { config = mkIf cfg.enable {
boot.kernelModules = [ "tun" ]; boot.kernelModules = [ "tun" ];
@ -212,7 +210,7 @@ in
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
preStart = if cfg.confFile != "" then "" else '' preStart = if cfg.confFile != null then "" else ''
[ -e /etc/cjdns.keys ] && source /etc/cjdns.keys [ -e /etc/cjdns.keys ] && source /etc/cjdns.keys
if [ -z "$CJDNS_PRIVATE_KEY" ]; then if [ -z "$CJDNS_PRIVATE_KEY" ]; then
@ -228,13 +226,13 @@ in
fi fi
if [ -z "$CJDNS_ADMIN_PASSWORD" ]; then if [ -z "$CJDNS_ADMIN_PASSWORD" ]; then
echo "CJDNS_ADMIN_PASSWORD=$(${pkgs.coreutils}/bin/head -c 96 /dev/urandom | ${pkgs.coreutils}/bin/tr -dc A-Za-z0-9)" \ echo "CJDNS_ADMIN_PASSWORD=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 96)" \
>> /etc/cjdns.keys >> /etc/cjdns.keys
fi fi
''; '';
script = ( script = (
if cfg.confFile != "" then "${pkg}/bin/cjdroute < ${cfg.confFile}" else if cfg.confFile != null then "${pkg}/bin/cjdroute < ${cfg.confFile}" else
'' ''
source /etc/cjdns.keys source /etc/cjdns.keys
echo '${cjdrouteConf}' | sed \ echo '${cjdrouteConf}' | sed \
@ -247,13 +245,16 @@ in
serviceConfig = { serviceConfig = {
Type = "forking"; Type = "forking";
Restart = "on-failure"; Restart = "on-failure";
ProtectHome = true;
PrivateTmp = true;
}; };
}; };
networking.extraHosts = "${cjdnsHosts}"; networking.extraHosts = cjdnsExtraHosts;
assertions = [ assertions = [
{ assertion = ( cfg.ETHInterface.bind != "" || cfg.UDPInterface.bind != "" || cfg.confFile != "" ); { assertion = ( cfg.ETHInterface.bind != "" || cfg.UDPInterface.bind != "" || cfg.confFile != null );
message = "Neither cjdns.ETHInterface.bind nor cjdns.UDPInterface.bind defined."; message = "Neither cjdns.ETHInterface.bind nor cjdns.UDPInterface.bind defined.";
} }
{ assertion = config.networking.enableIPv6; { assertion = config.networking.enableIPv6;