make a module for dnsmasq

examples/rotuer.nix

@@ -11,7 +11,6 @@ let
   secrets = import ./rotuer-secrets.nix;
   inherit (pkgs.liminix.networking)
     address
-    dnsmasq
     hostapd
     interface
     route;
@@ -35,6 +34,7 @@ in rec {
     ../modules/wlan.nix
     ../modules/standard.nix
     ../modules/ppp
+    ../modules/dnsmasq
   ];
   rootfsType = "jffs2";
   hostname = "rotuer";
@@ -165,21 +165,11 @@ in rec {
     '';
   };
 
-  users.dnsmasq = {
-    uid = 51; gid= 51; gecos = "DNS/DHCP service user";
-    dir = "/run/dnsmasq";
-    shell = "/bin/false";
-  };
   users.root = secrets.root;
 
-  groups.dnsmasq = {
-    gid = 51; usernames = ["dnsmasq"];
-  };
-  groups.system.usernames = ["dnsmasq"];
-
   services.dns =
     let interface = services.int;
-    in dnsmasq {
+    in config.system.service.dnsmasq {
       resolvconf = services.resolvconf;
       inherit interface;
       ranges = [

modules/dnsmasq/default.nix

@@ -0,0 +1,22 @@
+{ lib, pkgs, config, ...}:
+let
+  inherit (lib) mkOption types;
+in {
+  options = {
+    system.service.dnsmasq = mkOption {
+      type = types.functionTo types.package;
+    };
+  };
+  config = {
+    system.service.dnsmasq = pkgs.callPackage ./service.nix {};
+    users.dnsmasq = {
+      uid = 51; gid= 51; gecos = "DNS/DHCP service user";
+      dir = "/run/dnsmasq";
+      shell = "/bin/false";
+    };
+    groups.dnsmasq = {
+      gid = 51; usernames = ["dnsmasq"];
+    };
+    groups.system.usernames = ["dnsmasq"];
+  };
+}

modules/dnsmasq/service.nix

@@ -4,20 +4,48 @@
 , serviceFns
 , lib
 }:
-{
-  user ? "dnsmasq"
-, group ? "system"
-, resolvconf ? null
-, interface
-, upstreams ? []
-, ranges
-, domain
-} :
 let
   inherit (liminix.services) longrun;
   inherit (lib) concatStringsSep;
+  inherit (liminix.lib) typeChecked;
+  inherit (lib) mkOption types;
+
+  t = {
+    user = mkOption {
+      type = types.str;
+      default = "dnsmasq";
+    };
+    group = mkOption {
+      type = types.str;
+      default = "dnsmasq";
+    };
+    resolvconf = mkOption {
+      type = types.nullOr liminix.lib.types.service;
+      default = null;
+    };
+    interface = mkOption {
+      type = liminix.lib.types.service;
+      default = null;
+    };
+    upstreams = mkOption {
+      type = types.listOf types.str;
+      default = [];
+    };
+    ranges = mkOption {
+      type = types.listOf types.str;
+    };
+    domain = mkOption {
+      type = types.str;
+    };
+  };
+in
+params:
+let
+  inherit (typeChecked "dnsmasq" t params)
+    interface user domain group ranges upstreams resolvconf;
   name = "${interface.device}.dnsmasq";
-in longrun {
+in
+longrun {
   inherit name;
   dependencies = [ interface ];
   run = ''

tests/pppoe/configuration.nix

@@ -1,6 +1,6 @@
 { config, pkgs, lib, ... } :
 let
-  inherit (pkgs.liminix.networking) interface address route dnsmasq;
+  inherit (pkgs.liminix.networking) interface address route;
   inherit (pkgs.liminix.services) oneshot longrun bundle target output;
 in rec {
   services.lan4 =
@@ -9,6 +9,7 @@ in rec {
 
   imports = [
     ../../modules/ppp
+    ../../modules/dnsmasq
   ];
 
   services.pppoe =
@@ -39,16 +40,8 @@ in rec {
       dependencies = [iface];
     };
 
-  users.dnsmasq = {
-    uid = 51; gid= 51; gecos = "DNS/DHCP service user";
-    dir = "/run/dnsmasq";
-    shell = "/bin/false";
-  };
-  groups.dnsmasq = {
-    gid = 51; usernames = ["dnsmasq"];
-  };
   services.dns =
-    dnsmasq {
+    config.system.service.dnsmasq {
       interface = services.lan4;
       ranges = ["192.168.19.10,192.168.19.253"];
       domain = "fake.liminix.org";