167 lines
3.8 KiB
Nix
167 lines
3.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.services.gnunet;
|
|
|
|
homeDir = "/var/lib/gnunet";
|
|
|
|
configFile = with cfg; pkgs.writeText "gnunetd.conf"
|
|
''
|
|
[PATHS]
|
|
SERVICEHOME = ${homeDir}
|
|
|
|
[ats]
|
|
WAN_QUOTA_IN = ${toString load.maxNetDownBandwidth} b
|
|
WAN_QUOTA_OUT = ${toString load.maxNetUpBandwidth} b
|
|
|
|
[datastore]
|
|
QUOTA = ${toString fileSharing.quota} MB
|
|
|
|
[transport-udp]
|
|
PORT = ${toString udp.port}
|
|
ADVERTISED_PORT = ${toString udp.port}
|
|
|
|
[transport-tcp]
|
|
PORT = ${toString tcp.port}
|
|
ADVERTISED_PORT = ${toString tcp.port}
|
|
|
|
${extraOptions}
|
|
'';
|
|
|
|
in
|
|
|
|
{
|
|
|
|
###### interface
|
|
|
|
options = {
|
|
|
|
services.gnunet = {
|
|
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
Whether to run the GNUnet daemon. GNUnet is GNU's anonymous
|
|
peer-to-peer communication and file sharing framework.
|
|
'';
|
|
};
|
|
|
|
fileSharing = {
|
|
quota = mkOption {
|
|
type = types.int;
|
|
default = 1024;
|
|
description = ''
|
|
Maximum file system usage (in MiB) for file sharing.
|
|
'';
|
|
};
|
|
};
|
|
|
|
udp = {
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 2086; # assigned by IANA
|
|
description = ''
|
|
The UDP port for use by GNUnet.
|
|
'';
|
|
};
|
|
};
|
|
|
|
tcp = {
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 2086; # assigned by IANA
|
|
description = ''
|
|
The TCP port for use by GNUnet.
|
|
'';
|
|
};
|
|
};
|
|
|
|
load = {
|
|
maxNetDownBandwidth = mkOption {
|
|
type = types.int;
|
|
default = 50000;
|
|
description = ''
|
|
Maximum bandwidth usage (in bits per second) for GNUnet
|
|
when downloading data.
|
|
'';
|
|
};
|
|
|
|
maxNetUpBandwidth = mkOption {
|
|
type = types.int;
|
|
default = 50000;
|
|
description = ''
|
|
Maximum bandwidth usage (in bits per second) for GNUnet
|
|
when downloading data.
|
|
'';
|
|
};
|
|
|
|
hardNetUpBandwidth = mkOption {
|
|
type = types.int;
|
|
default = 0;
|
|
description = ''
|
|
Hard bandwidth limit (in bits per second) when uploading
|
|
data.
|
|
'';
|
|
};
|
|
};
|
|
|
|
package = mkOption {
|
|
type = types.package;
|
|
default = pkgs.gnunet;
|
|
defaultText = "pkgs.gnunet";
|
|
description = "Overridable attribute of the gnunet package to use.";
|
|
example = literalExample "pkgs.gnunet_git";
|
|
};
|
|
|
|
extraOptions = mkOption {
|
|
type = types.lines;
|
|
default = "";
|
|
description = ''
|
|
Additional options that will be copied verbatim in `gnunet.conf'.
|
|
See `gnunet.conf(5)' for details.
|
|
'';
|
|
};
|
|
};
|
|
|
|
};
|
|
|
|
|
|
###### implementation
|
|
|
|
config = mkIf config.services.gnunet.enable {
|
|
|
|
users.users.gnunet = {
|
|
group = "gnunet";
|
|
description = "GNUnet User";
|
|
home = homeDir;
|
|
createHome = true;
|
|
uid = config.ids.uids.gnunet;
|
|
};
|
|
|
|
users.groups.gnunet.gid = config.ids.gids.gnunet;
|
|
|
|
# The user tools that talk to `gnunetd' should come from the same source,
|
|
# so install them globally.
|
|
environment.systemPackages = [ cfg.package ];
|
|
|
|
systemd.services.gnunet = {
|
|
description = "GNUnet";
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [ cfg.package pkgs.miniupnpc ];
|
|
environment.TMPDIR = "/tmp";
|
|
serviceConfig.PrivateTmp = true;
|
|
serviceConfig.ExecStart = "${cfg.package}/lib/gnunet/libexec/gnunet-service-arm -c ${configFile}";
|
|
serviceConfig.User = "gnunet";
|
|
serviceConfig.UMask = "0007";
|
|
serviceConfig.WorkingDirectory = homeDir;
|
|
};
|
|
|
|
};
|
|
|
|
}
|