nixpkgs/nixos/modules/services/networking/pixiecore.nix

{
  config,
  lib,
  pkgs,
  ...
}:

with lib;

let
  cfg = config.services.pixiecore;
in
{
  meta.maintainers = with maintainers; [ bbigras ];

  options = {
    services.pixiecore = {
      enable = mkEnableOption "Pixiecore";

      openFirewall = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.
        '';
      };

      mode = mkOption {
        description = "Which mode to use";
        default = "boot";
        type = types.enum [
          "api"
          "boot"
          "quick"
        ];
      };

      debug = mkOption {
        type = types.bool;
        default = false;
        description = "Log more things that aren't directly related to booting a recognized client";
      };

      dhcpNoBind = mkOption {
        type = types.bool;
        default = false;
        description = "Handle DHCP traffic without binding to the DHCP server port";
      };

      quick = mkOption {
        description = "Which quick option to use";
        default = "xyz";
        type = types.enum [
          "arch"
          "centos"
          "coreos"
          "debian"
          "fedora"
          "ubuntu"
          "xyz"
        ];
      };

      kernel = mkOption {
        type = types.str or types.path;
        default = "";
        description = "Kernel path. Ignored unless mode is set to 'boot'";
      };

      initrd = mkOption {
        type = types.str or types.path;
        default = "";
        description = "Initrd path. Ignored unless mode is set to 'boot'";
      };

      cmdLine = mkOption {
        type = types.str;
        default = "";
        description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
      };

      listen = mkOption {
        type = types.str;
        default = "0.0.0.0";
        description = "IPv4 address to listen on";
      };

      port = mkOption {
        type = types.port;
        default = 80;
        description = "Port to listen on for HTTP";
      };

      statusPort = mkOption {
        type = types.port;
        default = 80;
        description = "HTTP port for status information (can be the same as --port)";
      };

      apiServer = mkOption {
        type = types.str;
        example = "http://localhost:8080";
        description = "URI to connect to the API. Ignored unless mode is set to 'api'";
      };

      extraArguments = mkOption {
        type = types.listOf types.str;
        default = [ ];
        description = "Additional command line arguments to pass to Pixiecore";
      };
    };
  };

  config = mkIf cfg.enable {
    users.groups.pixiecore = { };
    users.users.pixiecore = {
      description = "Pixiecore daemon user";
      group = "pixiecore";
      isSystemUser = true;
    };

    networking.firewall = mkIf cfg.openFirewall {
      allowedTCPPorts = [
        cfg.port
        cfg.statusPort
      ];
      allowedUDPPorts = [
        67
        69
        4011
      ];
    };

    systemd.services.pixiecore = {
      description = "Pixiecore server";
      after = [ "network.target" ];
      wants = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        User = "pixiecore";
        Restart = "always";
        AmbientCapabilities = [ "cap_net_bind_service" ] ++ optional cfg.dhcpNoBind "cap_net_raw";
        ExecStart =
          let
            argString =
              if cfg.mode == "boot" then
                [
                  "boot"
                  cfg.kernel
                ]
                ++ optional (cfg.initrd != "") cfg.initrd
                ++ optionals (cfg.cmdLine != "") [
                  "--cmdline"
                  cfg.cmdLine
                ]
              else if cfg.mode == "quick" then
                [
                  "quick"
                  cfg.quick
                ]
              else
                [
                  "api"
                  cfg.apiServer
                ];
          in
          ''
            ${pkgs.pixiecore}/bin/pixiecore \
              ${lib.escapeShellArgs argString} \
              ${optionalString cfg.debug "--debug"} \
              ${optionalString cfg.dhcpNoBind "--dhcp-no-bind"} \
              --listen-addr ${lib.escapeShellArg cfg.listen} \
              --port ${toString cfg.port} \
              --status-port ${toString cfg.statusPort} \
              ${escapeShellArgs cfg.extraArguments}
          '';
      };
    };
  };
}
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`

			`with lib;`

			`let`
			`cfg = config.services.pixiecore;`
			`in`
			`{`
maintainers: drop danderson 2024-04-26 11:36:31 -07:00			`meta.maintainers = with maintainers; [ bbigras ];`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00
			`options = {`
			`services.pixiecore = {`
			`enable = mkEnableOption "Pixiecore";`

			`openFirewall = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = ''`
nixos/pixiecore: fix port 4011 from tcp to udp 2023-08-29 11:43:19 +01:00			`Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`'';`
			`};`

			`mode = mkOption {`
			`description = "Which mode to use";`
			`default = "boot";`
services.pixiecore: add quick option 2022-02-13 14:58:18 -05:00			`type = types.enum [`
			`"api"`
			`"boot"`
			`"quick"`
			`];`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`};`

			`debug = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = "Log more things that aren't directly related to booting a recognized client";`
			`};`

			`dhcpNoBind = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = "Handle DHCP traffic without binding to the DHCP server port";`
			`};`

services.pixiecore: add quick option 2022-02-13 14:58:18 -05:00			`quick = mkOption {`
			`description = "Which quick option to use";`
			`default = "xyz";`
			`type = types.enum [`
			`"arch"`
			`"centos"`
			`"coreos"`
			`"debian"`
			`"fedora"`
			`"ubuntu"`
			`"xyz"`
			`];`
			`};`

nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`kernel = mkOption {`
			`type = types.str or types.path;`
			`default = "";`
			`description = "Kernel path. Ignored unless mode is set to 'boot'";`
			`};`

			`initrd = mkOption {`
			`type = types.str or types.path;`
			`default = "";`
			`description = "Initrd path. Ignored unless mode is set to 'boot'";`
			`};`

			`cmdLine = mkOption {`
			`type = types.str;`
			`default = "";`
			`description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";`
			`};`

			`listen = mkOption {`
			`type = types.str;`
			`default = "0.0.0.0";`
			`description = "IPv4 address to listen on";`
			`};`

			`port = mkOption {`
			`type = types.port;`
			`default = 80;`
			`description = "Port to listen on for HTTP";`
			`};`

			`statusPort = mkOption {`
			`type = types.port;`
			`default = 80;`
			`description = "HTTP port for status information (can be the same as --port)";`
			`};`

			`apiServer = mkOption {`
			`type = types.str;`
nixos/pixiecore: fix apiServer example Add missing http:// scheme. Without it pixiecore logs this and never contacts the API server: [DHCP] Couldn't get bootspec for [REDACTED_MAC_ADDR]: Get "localhost:8080/v1/boot/[REDACTED_MAC_ADDR]": unsupported protocol scheme "localhost" 2024-05-09 17:43:50 +02:00			`example = "http://localhost:8080";`
			`description = "URI to connect to the API. Ignored unless mode is set to 'api'";`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`};`

			`extraArguments = mkOption {`
			`type = types.listOf types.str;`
			`default = [ ];`
			`description = "Additional command line arguments to pass to Pixiecore";`
			`};`
			`};`
			`};`

			`config = mkIf cfg.enable {`
			`users.groups.pixiecore = { };`
			`users.users.pixiecore = {`
			`description = "Pixiecore daemon user";`
			`group = "pixiecore";`
nixos/users: require one of users.users.name.{isSystemUser,isNormalUser} As the only consequence of isSystemUser is that if the uid is null then it's allocated below 500, if a user has uid = something below 500 then we don't require isSystemUser to be set. Motivation: https://github.com/NixOS/nixpkgs/issues/112647 2021-03-07 14:54:00 +01:00			`isSystemUser = true;`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`};`

			`networking.firewall = mkIf cfg.openFirewall {`
nixos/pixiecore: fix port 4011 from tcp to udp 2023-08-29 11:43:19 +01:00			`allowedTCPPorts = [`
			`cfg.port`
			`cfg.statusPort`
			`];`
			`allowedUDPPorts = [`
			`67`
			`69`
			`4011`
			`];`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`};`

			`systemd.services.pixiecore = {`
			`description = "Pixiecore server";`
			`after = [ "network.target" ];`
			`wants = [ "network.target" ];`
			`wantedBy = [ "multi-user.target" ];`
			`serviceConfig = {`
			`User = "pixiecore";`
			`Restart = "always";`
			`AmbientCapabilities = [ "cap_net_bind_service" ] ++ optional cfg.dhcpNoBind "cap_net_raw";`
			`ExecStart =`
			`let`
			`argString =`
			`if cfg.mode == "boot" then`
			`[`
			`"boot"`
			`cfg.kernel`
			`]`
			`++ optional (cfg.initrd != "") cfg.initrd`
nixos/pixiecore: fix escaping of cmdline 2020-05-12 15:14:49 +02:00			`++ optionals (cfg.cmdLine != "") [`
			`"--cmdline"`
			`cfg.cmdLine`
			`]`
services.pixiecore: add quick option 2022-02-13 14:58:18 -05:00			`else if cfg.mode == "quick" then`
			`[`
			`"quick"`
			`cfg.quick`
			`]`
nixos/pixiecore: init (#83406) Co-authored-by: raunovv <rauno@oyenetwork.com> Co-authored-by: Jörg Thalheim <joerg@thalheim.io> 2020-04-02 08:06:21 -04:00			`else`
			`[`
			`"api"`
			`cfg.apiServer`
			`];`
			`in`
			`''`
			`${pkgs.pixiecore}/bin/pixiecore \`
			`${lib.escapeShellArgs argString} \`
			`${optionalString cfg.debug "--debug"} \`
			`${optionalString cfg.dhcpNoBind "--dhcp-no-bind"} \`
			`--listen-addr ${lib.escapeShellArg cfg.listen} \`
			`--port ${toString cfg.port} \`
			`--status-port ${toString cfg.statusPort} \`
			`${escapeShellArgs cfg.extraArguments}`
			`'';`
			`};`
			`};`
			`};`
			`}`