forked from DGNum/liminix
make a module for dnsmasq
This commit is contained in:
Daniel Barlow
parent
5fee3e54d2
commit
669af24247
4 changed files with 65 additions and 32 deletions
22
modules/dnsmasq/default.nix
Normal file
22
modules/dnsmasq/default.nix
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
{ lib, pkgs, config, ...}:
|
||||
let
|
||||
inherit (lib) mkOption types;
|
||||
in {
|
||||
options = {
|
||||
system.service.dnsmasq = mkOption {
|
||||
type = types.functionTo types.package;
|
||||
};
|
||||
};
|
||||
config = {
|
||||
system.service.dnsmasq = pkgs.callPackage ./service.nix {};
|
||||
users.dnsmasq = {
|
||||
uid = 51; gid= 51; gecos = "DNS/DHCP service user";
|
||||
dir = "/run/dnsmasq";
|
||||
shell = "/bin/false";
|
||||
};
|
||||
groups.dnsmasq = {
|
||||
gid = 51; usernames = ["dnsmasq"];
|
||||
};
|
||||
groups.system.usernames = ["dnsmasq"];
|
||||
};
|
||||
}
|
||||
72
modules/dnsmasq/service.nix
Normal file
72
modules/dnsmasq/service.nix
Normal file
|
|
@ -0,0 +1,72 @@
|
|||
{
|
||||
liminix
|
||||
, dnsmasq
|
||||
, serviceFns
|
||||
, lib
|
||||
}:
|
||||
let
|
||||
inherit (liminix.services) longrun;
|
||||
inherit (lib) concatStringsSep;
|
||||
inherit (liminix.lib) typeChecked;
|
||||
inherit (lib) mkOption types;
|
||||
|
||||
t = {
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "dnsmasq";
|
||||
};
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "dnsmasq";
|
||||
};
|
||||
resolvconf = mkOption {
|
||||
type = types.nullOr liminix.lib.types.service;
|
||||
default = null;
|
||||
};
|
||||
interface = mkOption {
|
||||
type = liminix.lib.types.service;
|
||||
default = null;
|
||||
};
|
||||
upstreams = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
};
|
||||
ranges = mkOption {
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
};
|
||||
};
|
||||
in
|
||||
params:
|
||||
let
|
||||
inherit (typeChecked "dnsmasq" t params)
|
||||
interface user domain group ranges upstreams resolvconf;
|
||||
name = "${interface.device}.dnsmasq";
|
||||
in
|
||||
longrun {
|
||||
inherit name;
|
||||
dependencies = [ interface ];
|
||||
run = ''
|
||||
. ${serviceFns}
|
||||
${dnsmasq}/bin/dnsmasq \
|
||||
--user=${user} \
|
||||
--domain=${domain} \
|
||||
--group=${group} \
|
||||
--interface=${interface.device} \
|
||||
${lib.concatStringsSep " " (builtins.map (r: "--dhcp-range=${r}") ranges)} \
|
||||
${lib.concatStringsSep " " (builtins.map (r: "--server=${r}") upstreams)} \
|
||||
--keep-in-foreground \
|
||||
--dhcp-authoritative \
|
||||
${if resolvconf != null then "--resolv-file=$(output_path ${resolvconf} resolv.conf)" else "--no-resolv"} \
|
||||
--no-hosts \
|
||||
--log-dhcp \
|
||||
--enable-ra \
|
||||
--log-debug \
|
||||
--log-queries \
|
||||
--log-facility=- \
|
||||
--dhcp-leasefile=/run/${name}.leases \
|
||||
--pid-file=/run/${name}.pid
|
||||
'';
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue