diff options
| author | Alexei Robyn <shados@shados.net> | 2016-10-14 16:07:59 +1100 |
|---|---|---|
| committer | Alexei Robyn <shados@shados.net> | 2016-11-22 21:33:54 +1100 |
| commit | 49d679d7a8f5875be21f36cf64d16531e3dd81ee (patch) | |
| tree | fc3404eb2720ec161dd0e8f2db4d780b519b011e /nixos/modules/services/networking/dante.nix | |
| parent | efec7d9787f2642030c1a46acbab8a4d50c6493e (diff) | |
| download | nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar.gz nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar.bz2 nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar.lz nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar.xz nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.tar.zst nixpkgs-49d679d7a8f5875be21f36cf64d16531e3dd81ee.zip | |
dante service: init
Diffstat (limited to 'nixos/modules/services/networking/dante.nix')
| -rw-r--r-- | nixos/modules/services/networking/dante.nix | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/dante.nix b/nixos/modules/services/networking/dante.nix new file mode 100644 index 00000000000..8f4e15223ab --- /dev/null +++ b/nixos/modules/services/networking/dante.nix @@ -0,0 +1,61 @@ +{ config, lib, pkgs, ... }: +with lib; + +let + cfg = config.services.dante; + confFile = pkgs.writeText "dante-sockd.conf" '' + user.privileged: root + user.unprivileged: dante + + ${cfg.config} + ''; +in + +{ + meta = { + maintainers = with maintainers; [ arobyn ]; + }; + + options = { + services.dante = { + enable = mkEnableOption "Dante SOCKS proxy"; + + config = mkOption { + default = null; + type = types.str; + description = '' + Contents of Dante's configuration file + NOTE: user.privileged/user.unprivileged are set by the service + ''; + }; + }; + }; + + config = mkIf cfg.enable { + assertions = [ + { assertion = cfg.config != null; + message = "please provide Dante configuration file contents"; + } + ]; + + users.users.dante = { + description = "Dante SOCKS proxy daemon user"; + isSystemUser = true; + group = "dante"; + }; + users.groups.dante = {}; + + systemd.services.dante = { + description = "Dante SOCKS v4 and v5 compatible proxy server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.dante}/bin/sockd -f ${confFile}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + Restart = "always"; + }; + }; + }; +} |