 7e2b0068e6
			
		
	
	7e2b0068e6
	
	
	
		
			
			There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging
		
			
				
	
	
		
			130 lines
		
	
	
		
			2.8 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
			
		
		
	
	
			130 lines
		
	
	
		
			2.8 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
| {
 | |
|   writeAshScript,
 | |
|   liminix,
 | |
|   svc,
 | |
|   lib,
 | |
|   serviceFns,
 | |
|   output-template,
 | |
| }:
 | |
| {
 | |
|   command,
 | |
|   name,
 | |
|   debug,
 | |
|   username,
 | |
|   password,
 | |
|   lcpEcho,
 | |
|   ppp-options,
 | |
|   dependencies ? [ ],
 | |
| }:
 | |
| let
 | |
|   inherit (lib)
 | |
|     optional
 | |
|     optionals
 | |
|     escapeShellArgs
 | |
|     concatStringsSep
 | |
|     ;
 | |
|   inherit (liminix.services) longrun;
 | |
|   inherit (builtins) toJSON toString typeOf;
 | |
| 
 | |
|   ip-up = writeAshScript "ip-up" { } ''
 | |
|     exec >&5 2>&5
 | |
|     . ${serviceFns} 
 | |
|     in_outputs ${name}
 | |
|     echo $1 > ifname
 | |
|     echo $2 > tty
 | |
|     echo $3 > speed
 | |
|     echo $4 > address
 | |
|     echo $5 > peer-address
 | |
|     set +o nounset
 | |
|     if test -n "''${DNS1}" ;then echo ''${DNS1} > ns1 ; fi
 | |
|     if test -n "''${DNS2}" ;then echo ''${DNS2} > ns2 ; fi
 | |
|     test -e ipv6-address && echo >/proc/self/fd/10
 | |
|   '';
 | |
|   ip6-up = writeAshScript "ip6-up" { } ''
 | |
|     exec >&5 2>&5
 | |
|     . ${serviceFns} 
 | |
|     in_outputs ${name}
 | |
|     echo $4 > ipv6-address
 | |
|     echo $5 > ipv6-peer-address
 | |
|     test -e ifname && echo >/proc/self/fd/10
 | |
|   '';
 | |
|   literal_or_output =
 | |
|     let
 | |
|       v =
 | |
|         o:
 | |
|         (
 | |
|           {
 | |
|             string = toJSON;
 | |
|             int = toJSON;
 | |
|             lambda = (o: "output(${toJSON (o "service")}, ${toJSON (o "path")})");
 | |
|           }
 | |
|           .${typeOf o}
 | |
|         )
 | |
|           o;
 | |
|     in
 | |
|     o: "{{ ${v o} }}";
 | |
| 
 | |
|   ppp-options' =
 | |
|     [
 | |
|       "+ipv6"
 | |
|       "noauth"
 | |
|     ]
 | |
|     ++ optional debug "debug"
 | |
|     ++ optionals (username != null) [
 | |
|       "name"
 | |
|       (literal_or_output username)
 | |
|     ]
 | |
|     ++ optionals (password != null) [
 | |
|       "password"
 | |
|       (literal_or_output password)
 | |
|     ]
 | |
|     ++ optional lcpEcho.adaptive "lcp-echo-adaptive"
 | |
|     ++ optionals (lcpEcho.interval != null) [
 | |
|       "lcp-echo-interval"
 | |
|       (toString lcpEcho.interval)
 | |
|     ]
 | |
|     ++ optionals (lcpEcho.failure != null) [
 | |
|       "lcp-echo-failure"
 | |
|       (toString lcpEcho.failure)
 | |
|     ]
 | |
|     ++ ppp-options
 | |
|     ++ [
 | |
|       "ip-up-script"
 | |
|       ip-up
 | |
|       "ipv6-up-script"
 | |
|       ip6-up
 | |
|       "ipparam"
 | |
|       name
 | |
|       "nodetach"
 | |
|       # usepeerdns requests DNS servers from peer (which is good),
 | |
|       # then attempts to write them to /nix/store/xxxx/ppp/resolv.conf
 | |
|       # which causes an unsightly but inconsequential error message
 | |
|       "usepeerdns"
 | |
|       "nodefaultroute"
 | |
|       "logfd"
 | |
|       "2"
 | |
|     ];
 | |
|   service = longrun {
 | |
|     inherit name;
 | |
|     run = ''
 | |
|       mkdir -p /run/${name}
 | |
|       chmod 0700 /run/${name}
 | |
|       in_outputs ${name}
 | |
|       echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options
 | |
|       fdmove -c 5 2 \
 | |
|       ${command}
 | |
|     '';
 | |
|     notification-fd = 10;
 | |
|     timeout-up =
 | |
|       if lcpEcho.failure != null then (10 + lcpEcho.failure * lcpEcho.interval) * 1000 else 60 * 1000;
 | |
|     inherit dependencies;
 | |
|   };
 | |
| in
 | |
| svc.secrets.subscriber.build {
 | |
|   watch = lib.filter (n: typeOf n == "lambda") [
 | |
|     username
 | |
|     password
 | |
|   ];
 | |
|   inherit service;
 | |
| }
 |