movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 12:45:27 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/services._3proxy: remove with lib;

Browse source
This commit is contained in:
Felix Buehler 2024-08-28 21:19:00 +02:00 committed by Jörg Thalheim
parent 76831f7a1b
commit 02bb53fbc3
1 changed files with 69 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

139
nixos/modules/services/networking/3proxy.nix
View file

@ -1,21 +1,20 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
pkg = pkgs._3proxy; pkg = pkgs._3proxy;
cfg = config.services._3proxy; cfg = config.services._3proxy;
optionalList = list: if list == [ ] then "*" else concatMapStringsSep "," toString list; optionalList = list: if list == [ ] then "*" else lib.concatMapStringsSep "," toString list;
in { in {
options.services._3proxy = { options.services._3proxy = {
enable = mkEnableOption "3proxy"; enable = lib.mkEnableOption "3proxy";
confFile = mkOption { confFile = lib.mkOption {
type = types.path; type = lib.types.path;
example = "/var/lib/3proxy/3proxy.conf"; example = "/var/lib/3proxy/3proxy.conf";
description = '' description = ''
Ignore all other 3proxy options and load configuration from this file. Ignore all other 3proxy options and load configuration from this file.
''; '';
}; };
usersFile = mkOption { usersFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
example = "/var/lib/3proxy/3proxy.passwd"; example = "/var/lib/3proxy/3proxy.passwd";
description = '' description = ''
@ -40,11 +39,11 @@ in {
Consult [documentation](https://github.com/z3APA3A/3proxy/wiki/How-To-%28incomplete%29#USERS) for more information. Consult [documentation](https://github.com/z3APA3A/3proxy/wiki/How-To-%28incomplete%29#USERS) for more information.
''; '';
}; };
services = mkOption { services = lib.mkOption {
type = types.listOf (types.submodule { type = lib.types.listOf (lib.types.submodule {
options = { options = {
type = mkOption { type = lib.mkOption {
type = types.enum [ type = lib.types.enum [
"proxy" "proxy"
"socks" "socks"
"pop3p" "pop3p"
@ -68,32 +67,32 @@ in {
- `"udppm"`: UDP portmapper. - `"udppm"`: UDP portmapper.
''; '';
}; };
bindAddress = mkOption { bindAddress = lib.mkOption {
type = types.str; type = lib.types.str;
default = "[::]"; default = "[::]";
example = "127.0.0.1"; example = "127.0.0.1";
description = '' description = ''
Address used for service. Address used for service.
''; '';
}; };
bindPort = mkOption { bindPort = lib.mkOption {
type = types.nullOr types.int; type = lib.types.nullOr lib.types.int;
default = null; default = null;
example = 3128; example = 3128;
description = '' description = ''
Override default port used for service. Override default port used for service.
''; '';
}; };
maxConnections = mkOption { maxConnections = lib.mkOption {
type = types.int; type = lib.types.int;
default = 100; default = 100;
example = 1000; example = 1000;
description = '' description = ''
Maximum number of simulationeous connections to this service. Maximum number of simulationeous connections to this service.
''; '';
}; };
auth = mkOption { auth = lib.mkOption {
type = types.listOf (types.enum [ "none" "iponly" "strong" ]); type = lib.types.listOf (lib.types.enum [ "none" "iponly" "strong" ]);
example = [ "iponly" "strong" ]; example = [ "iponly" "strong" ];
description = '' description = ''
Authentication type. The following values are valid: Authentication type. The following values are valid:
@ -122,11 +121,11 @@ in {
In this example strong username authentication is not required to access 192.168.0.0/16. In this example strong username authentication is not required to access 192.168.0.0/16.
''; '';
}; };
acl = mkOption { acl = lib.mkOption {
type = types.listOf (types.submodule { type = lib.types.listOf (lib.types.submodule {
options = { options = {
rule = mkOption { rule = lib.mkOption {
type = types.enum [ "allow" "deny" ]; type = lib.types.enum [ "allow" "deny" ];
example = "allow"; example = "allow";
description = '' description = ''
ACL rule. The following values are valid: ACL rule. The following values are valid:
@ -135,24 +134,24 @@ in {
- `"deny"`: connections not allowed. - `"deny"`: connections not allowed.
''; '';
}; };
users = mkOption { users = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [ ];
example = [ "user1" "user2" "user3" ]; example = [ "user1" "user2" "user3" ];
description = '' description = ''
List of users, use empty list for any. List of users, use empty list for any.
''; '';
}; };
sources = mkOption { sources = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [ ];
example = [ "127.0.0.1" "192.168.1.0/24" ]; example = [ "127.0.0.1" "192.168.1.0/24" ];
description = '' description = ''
List of source IP range, use empty list for any. List of source IP range, use empty list for any.
''; '';
}; };
targets = mkOption { targets = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [ ];
example = [ "127.0.0.1" "192.168.1.0/24" ]; example = [ "127.0.0.1" "192.168.1.0/24" ];
description = '' description = ''
@ -162,8 +161,8 @@ in {
Hostname is only checked if hostname presents in request. Hostname is only checked if hostname presents in request.
''; '';
}; };
targetPorts = mkOption { targetPorts = lib.mkOption {
type = types.listOf types.int; type = lib.types.listOf lib.types.int;
default = [ ]; default = [ ];
example = [ 80 443 ]; example = [ 80 443 ];
description = '' description = ''
@ -173,7 +172,7 @@ in {
}; };
}); });
default = [ ]; default = [ ];
example = literalExpression '' example = lib.literalExpression ''
[ [
{ {
rule = "allow"; rule = "allow";
@ -192,8 +191,8 @@ in {
Use this option to limit user access to resources. Use this option to limit user access to resources.
''; '';
}; };
extraArguments = mkOption { extraArguments = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
default = null; default = null;
example = "-46"; example = "-46";
description = '' description = ''
@ -201,8 +200,8 @@ in {
Consult "Options" section in [documentation](https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg) for available arguments. Consult "Options" section in [documentation](https://github.com/z3APA3A/3proxy/wiki/3proxy.cfg) for available arguments.
''; '';
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.nullOr types.lines; type = lib.types.nullOr lib.types.lines;
default = null; default = null;
description = '' description = ''
Extra configuration for service. Use this to configure things like bandwidth limiter or ACL-based redirection. Extra configuration for service. Use this to configure things like bandwidth limiter or ACL-based redirection.
@ -212,7 +211,7 @@ in {
}; };
}); });
default = [ ]; default = [ ];
example = literalExpression '' example = lib.literalExpression ''
[ [
{ {
type = "proxy"; type = "proxy";
@ -238,15 +237,15 @@ in {
Use this option to define 3proxy services. Use this option to define 3proxy services.
''; '';
}; };
denyPrivate = mkOption { denyPrivate = lib.mkOption {
type = types.bool; type = lib.types.bool;
default = true; default = true;
description = '' description = ''
Whether to deny access to private IP ranges including loopback. Whether to deny access to private IP ranges including loopback.
''; '';
}; };
privateRanges = mkOption { privateRanges = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ default = [
"0.0.0.0/8" "0.0.0.0/8"
"127.0.0.0/8" "127.0.0.0/8"
@ -262,11 +261,11 @@ in {
What IP ranges to deny access when denyPrivate is set tu true. What IP ranges to deny access when denyPrivate is set tu true.
''; '';
}; };
resolution = mkOption { resolution = lib.mkOption {
type = types.submodule { type = lib.types.submodule {
options = { options = {
nserver = mkOption { nserver = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [ ];
example = [ "127.0.0.53" "192.168.1.3:5353/tcp" ]; example = [ "127.0.0.53" "192.168.1.3:5353/tcp" ];
description = '' description = ''
@ -276,20 +275,20 @@ in {
default system name resolution functions are used. default system name resolution functions are used.
''; '';
}; };
nscache = mkOption { nscache = lib.mkOption {
type = types.int; type = lib.types.int;
default = 65535; default = 65535;
description = "Set name cache size for IPv4."; description = "Set name cache size for IPv4.";
}; };
nscache6 = mkOption { nscache6 = lib.mkOption {
type = types.int; type = lib.types.int;
default = 65535; default = 65535;
description = "Set name cache size for IPv6."; description = "Set name cache size for IPv6.";
}; };
nsrecord = mkOption { nsrecord = lib.mkOption {
type = types.attrsOf types.str; type = lib.types.attrsOf lib.types.str;
default = { }; default = { };
example = literalExpression '' example = lib.literalExpression ''
{ {
"files.local" = "192.168.1.12"; "files.local" = "192.168.1.12";
"site.local" = "192.168.1.43"; "site.local" = "192.168.1.43";
@ -304,8 +303,8 @@ in {
Use this option to configure name resolution and DNS caching. Use this option to configure name resolution and DNS caching.
''; '';
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.nullOr types.lines; type = lib.types.nullOr lib.types.lines;
default = null; default = null;
description = '' description = ''
Extra configuration, appended to the 3proxy configuration file. Extra configuration, appended to the 3proxy configuration file.
@ -314,33 +313,33 @@ in {
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
services._3proxy.confFile = mkDefault (pkgs.writeText "3proxy.conf" '' services._3proxy.confFile = lib.mkDefault (pkgs.writeText "3proxy.conf" ''
# log to stdout # log to stdout
log log
${concatMapStringsSep "\n" (x: "nserver " + x) cfg.resolution.nserver} ${lib.concatMapStringsSep "\n" (x: "nserver " + x) cfg.resolution.nserver}
nscache ${toString cfg.resolution.nscache} nscache ${toString cfg.resolution.nscache}
nscache6 ${toString cfg.resolution.nscache6} nscache6 ${toString cfg.resolution.nscache6}
${concatMapStringsSep "\n" (x: "nsrecord " + x) ${lib.concatMapStringsSep "\n" (x: "nsrecord " + x)
(mapAttrsToList (name: value: "${name} ${value}") (lib.mapAttrsToList (name: value: "${name} ${value}")
cfg.resolution.nsrecord)} cfg.resolution.nsrecord)}
${optionalString (cfg.usersFile != null) ${lib.optionalString (cfg.usersFile != null)
''users $"${cfg.usersFile}"'' ''users $"${cfg.usersFile}"''
} }
${concatMapStringsSep "\n" (service: '' ${lib.concatMapStringsSep "\n" (service: ''
auth ${concatStringsSep " " service.auth} auth ${lib.concatStringsSep " " service.auth}
${optionalString (cfg.denyPrivate) ${lib.optionalString (cfg.denyPrivate)
"deny * * ${optionalList cfg.privateRanges}"} "deny * * ${optionalList cfg.privateRanges}"}
${concatMapStringsSep "\n" (acl: ${lib.concatMapStringsSep "\n" (acl:
"${acl.rule} ${ "${acl.rule} ${
concatMapStringsSep " " optionalList [ lib.concatMapStringsSep " " optionalList [
acl.users acl.users
acl.sources acl.sources
acl.targets acl.targets
@ -350,18 +349,18 @@ in {
maxconn ${toString service.maxConnections} maxconn ${toString service.maxConnections}
${optionalString (service.extraConfig != null) service.extraConfig} ${lib.optionalString (service.extraConfig != null) service.extraConfig}
${service.type} -i${toString service.bindAddress} ${ ${service.type} -i${toString service.bindAddress} ${
optionalString (service.bindPort != null) lib.optionalString (service.bindPort != null)
"-p${toString service.bindPort}" "-p${toString service.bindPort}"
} ${ } ${
optionalString (service.extraArguments != null) service.extraArguments lib.optionalString (service.extraArguments != null) service.extraArguments
} }
flush flush
'') cfg.services} '') cfg.services}
${optionalString (cfg.extraConfig != null) cfg.extraConfig} ${lib.optionalString (cfg.extraConfig != null) cfg.extraConfig}
''); '');
systemd.services."3proxy" = { systemd.services."3proxy" = {
description = "Tiny free proxy server"; description = "Tiny free proxy server";
@ -377,5 +376,5 @@ in {
}; };
}; };
meta.maintainers = with maintainers; [ misuzu ]; meta.maintainers = with lib.maintainers; [ misuzu ];
} }