nixos: nylon, use named instances

1 files changed, 51 insertions, 23 deletions

diff --git a/nixos/modules/services/networking/nylon.nix b/nixos/modules/services/networking/nylon.nix
index da6487dbd49..4864ecf3f92 100644
--- a/nixos/modules/services/networking/nylon.nix
+++ b/nixos/modules/services/networking/nylon.nix
@@ -8,7 +8,7 @@ let
 
   homeDir = "/var/lib/nylon";
 
-  configFile = pkgs.writeText "nylon.conf" ''
+  configFile = cfg: pkgs.writeText "nylon-${cfg.name}.conf" ''
     [General]
     No-Simultaneous-Conn=${toString cfg.nrConnections}
     Log=${if cfg.logging then "1" else "0"}
@@ -22,15 +22,9 @@ let
     Deny-IP=${concatStringsSep " " cfg.deniedIPRanges}
   '';
 
-in
-
-{
-
-  ###### interface
-
-  options = {
+  nylonOpts = { name, config, ... }: {
 
-    services.nylon = {
+    options = {
 
       enable = mkOption {
         type = types.bool;
@@ -40,6 +34,12 @@ in
         '';
       };
 
+      name = mkOption {
+        type = types.str;
+        default = "";
+        description = "The name of this nylon instance.";
+      };
+
       nrConnections = mkOption {
         type = types.int;
         default = 10;
@@ -107,13 +107,51 @@ in
         '';
       };
     };
+    config = { name = mkDefault name; };
+  };
+
+  mkNamedNylon = cfg: {
+    "nylon-${cfg.name}" = {
+      description = "Nylon, a lightweight SOCKS proxy server";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig =
+      {
+        User = "nylon";
+        Group = "nylon";
+        WorkingDirectory = homeDir;
+        ExecStart = "${pkgs.nylon}/bin/nylon -f -c ${configFile cfg}";
+      };
+    };
+  };
+
+  anyNylons = collect (p: p ? enable) cfg;
+  enabledNylons = filter (p: p.enable == true) anyNylons;
+  nylonUnits = map (nylon: mkNamedNylon nylon) enabledNylons;
+
+in
+
+{
+
+  ###### interface
+
+  options = {
+
+    services.nylon = mkOption {
+      default = {};
+      description = "Collection of named nylon instances";
+      type = with types; loaOf (submodule nylonOpts);
+      internal = true;
+      options = [ nylonOpts ];
+    };
+
   };
 
   ###### implementation
 
-  config = mkIf cfg.enable {
+  config = mkIf (length(enabledNylons) > 0) {
 
-    users.extraUsers.nylon= {
+    users.extraUsers.nylon = {
       group = "nylon";
       description = "Nylon SOCKS Proxy";
       home = homeDir;
@@ -123,17 +161,7 @@ in
 
     users.extraGroups.nylon.gid = config.ids.gids.nylon;
 
-    systemd.services.nylon = {
-      description = "Nylon, a lightweight SOCKS proxy server";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
-      serviceConfig =
-      {
-        User = "nylon";
-        Group = "nylon";
-        WorkingDirectory = homeDir;
-        ExecStart = "${pkgs.nylon}/bin/nylon -f -c ${configFile}";
-      };
-    };
+    systemd.services = fold (a: b: a // b) {} nylonUnits;
+
   };
 }