diff options
| author | 0x4A6F <0x4A6F@users.noreply.github.com> | 2021-03-07 11:38:12 +0100 |
|---|---|---|
| committer | 0x4A6F <0x4A6F@users.noreply.github.com> | 2022-04-09 16:50:13 +0200 |
| commit | c57232d31cccfee6444bdd9dcddad95f816f85f2 (patch) | |
| tree | a0f69ec5d4e5f1758f635f3b6ee39cbf2bfd1e8b /nixos/modules/programs/nethoscope.nix | |
| parent | ce56f53d3272901bb96972239bc254df5b56c703 (diff) | |
| download | nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar.gz nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar.bz2 nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar.lz nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar.xz nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.tar.zst nixpkgs-c57232d31cccfee6444bdd9dcddad95f816f85f2.zip | |
programs/nethoscope: add security.wrapper
Diffstat (limited to 'nixos/modules/programs/nethoscope.nix')
| -rw-r--r-- | nixos/modules/programs/nethoscope.nix | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/nixos/modules/programs/nethoscope.nix b/nixos/modules/programs/nethoscope.nix new file mode 100644 index 00000000000..495548e9c65 --- /dev/null +++ b/nixos/modules/programs/nethoscope.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.programs.nethoscope; +in +{ + meta.maintainers = with maintainers; [ _0x4A6F ]; + + options = { + programs.nethoscope = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to add nethoscope to the global environment and configure a + setcap wrapper for it. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ nethoscope ]; + security.wrappers.nethoscope = { + source = "${pkgs.nethoscope}/bin/nethoscope"; + capabilities = "cap_net_raw,cap_net_admin=eip"; + }; + }; +} |