dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

nixos: init programs/nncp module

Browse Source 
The NNCP utilities read a configuration at "/etc/nncp.hjson" by
default. Add a NixOS module for generating this configuration.
This commit is contained in:
Emery Hemingway 2022-02-26 10:53:26 -06:00 committed by ehmry
parent ad15abe7ff
commit 4ec35ff6d6
4 changed files with 110 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
View File

@ -1660,6 +1660,12 @@
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</listitem> </listitem>
<listitem>
<para>
The <literal>programs.nncp</literal> options were added for
generating host-global NNCP configuration.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
</section> </section>

2
nixos/doc/manual/release-notes/rl-2205.section.md
View File

@ -587,4 +587,6 @@ In addition to numerous new and upgraded packages, this release has the followin
- Testing has been enabled for `aarch64-linux` in addition to `x86_64-linux`. - Testing has been enabled for `aarch64-linux` in addition to `x86_64-linux`.
- The `spark3` package is now usable on `aarch64-darwin` as a result of [#158613](https://github.com/NixOS/nixpkgs/pull/158613) and [#158992](https://github.com/NixOS/nixpkgs/pull/158992). - The `spark3` package is now usable on `aarch64-darwin` as a result of [#158613](https://github.com/NixOS/nixpkgs/pull/158613) and [#158992](https://github.com/NixOS/nixpkgs/pull/158992).
- The `programs.nncp` options were added for generating host-global NNCP configuration.
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

1
nixos/modules/module-list.nix
View File

@ -184,6 +184,7 @@
./programs/nix-ld.nix ./programs/nix-ld.nix
./programs/neovim.nix ./programs/neovim.nix
./programs/nm-applet.nix ./programs/nm-applet.nix
./programs/nncp.nix
./programs/npm.nix ./programs/npm.nix
./programs/noisetorch.nix ./programs/noisetorch.nix
./programs/oblogout.nix ./programs/oblogout.nix

101
nixos/modules/programs/nncp.nix Normal file
View File

@ -0,0 +1,101 @@
{ config, lib, pkgs, ... }:
with lib;
let
nncpCfgFile = "/run/nncp.hjson";
programCfg = config.programs.nncp;
settingsFormat = pkgs.formats.json { };
jsonCfgFile = settingsFormat.generate "nncp.json" programCfg.settings;
pkg = programCfg.package;
in {
options.programs.nncp = {
enable =
mkEnableOption "NNCP (Node to Node copy) utilities and configuration";
group = mkOption {
type = types.str;
default = "uucp";
description = ''
The group under which NNCP files shall be owned.
Any member of this group may access the secret keys
of this NNCP node.
'';
};
package = mkOption {
type = types.package;
default = pkgs.nncp;
defaultText = literalExpression "pkgs.nncp";
description = "The NNCP package to use system-wide.";
};
secrets = mkOption {
type = with types; listOf str;
example = [ "/run/keys/nncp.hjson" ];
description = ''
A list of paths to NNCP configuration files that should not be
in the Nix store. These files are layered on top of the values at
<xref linkend="opt-programs.nncp.settings"/>.
'';
};
settings = mkOption {
type = settingsFormat.type;
description = ''
NNCP configuration, see
<link xlink:href="http://www.nncpgo.org/Configuration.html"/>.
At runtime these settings will be overlayed by the contents of
<xref linkend="opt-programs.nncp.secrets"/> into the file
<literal>${nncpCfgFile}</literal>. Node keypairs go in
<literal>secrets</literal>, do not specify them in
<literal>settings</literal> as they will be leaked into
<literal>/nix/store</literal>!
'';
default = { };
};
};
config = mkIf programCfg.enable {
environment = {
systemPackages = [ pkg ];
etc."nncp.hjson".source = nncpCfgFile;
};
programs.nncp.settings = {
spool = mkDefault "/var/spool/nncp";
log = mkDefault "/var/spool/nncp/log";
};
systemd.tmpfiles.rules = [
"d ${programCfg.settings.spool} 0770 root ${programCfg.group}"
"f ${programCfg.settings.log} 0770 root ${programCfg.group}"
];
systemd.services.nncp-config = {
path = [ pkg ];
description = "Generate NNCP configuration";
wantedBy = [ "basic.target" ];
serviceConfig.Type = "oneshot";
script = ''
umask u=rw
nncpCfgDir=$(mktemp --directory nncp.XXX)
for f in ${jsonCfgFile} ${toString config.programs.nncp.secrets}; do
tmpdir=$(mktemp --directory nncp.XXX)
nncp-cfgdir -cfg $f -dump $tmpdir
find $tmpdir -size 1c -delete
cp -a $tmpdir/* $nncpCfgDir/
rm -rf $tmpdir
done
nncp-cfgdir -load $nncpCfgDir > ${nncpCfgFile}
rm -rf $nncpCfgDir
chgrp ${programCfg.group} ${nncpCfgFile}
chmod g+r ${nncpCfgFile}
'';
};
};
meta.maintainers = with lib.maintainers; [ ehmry ];
}