mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-06-13 05:05:29 +03:00
374e6bcc40
Format all Nix files using the officially approved formatter,
making the CI check introduced in the previous commit succeed:
nix-build ci -A fmt.check
This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153)
of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166).
This commit will lead to merge conflicts for a number of PRs,
up to an estimated ~1100 (~33%) among the PRs with activity in the past 2
months, but that should be lower than what it would be without the previous
[partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537).
Merge conflicts caused by this commit can now automatically be resolved while rebasing using the
[auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase).
If you run into any problems regarding any of this, please reach out to the
[formatting team](https://nixos.org/community/teams/formatting/) by
pinging @NixOS/nix-formatting.
184 lines
4.7 KiB
Nix
184 lines
4.7 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.networking.ucarp;
|
|
|
|
ucarpExec = concatStringsSep " " (
|
|
[
|
|
"${cfg.package}/bin/ucarp"
|
|
"--interface=${cfg.interface}"
|
|
"--srcip=${cfg.srcIp}"
|
|
"--vhid=${toString cfg.vhId}"
|
|
"--passfile=${cfg.passwordFile}"
|
|
"--addr=${cfg.addr}"
|
|
"--advbase=${toString cfg.advBase}"
|
|
"--advskew=${toString cfg.advSkew}"
|
|
"--upscript=${cfg.upscript}"
|
|
"--downscript=${cfg.downscript}"
|
|
"--deadratio=${toString cfg.deadratio}"
|
|
]
|
|
++ (optional cfg.preempt "--preempt")
|
|
++ (optional cfg.neutral "--neutral")
|
|
++ (optional cfg.shutdown "--shutdown")
|
|
++ (optional cfg.ignoreIfState "--ignoreifstate")
|
|
++ (optional cfg.noMcast "--nomcast")
|
|
++ (optional (cfg.extraParam != null) "--xparam=${cfg.extraParam}")
|
|
);
|
|
in
|
|
{
|
|
options.networking.ucarp = {
|
|
enable = mkEnableOption "ucarp, userspace implementation of CARP";
|
|
|
|
interface = mkOption {
|
|
type = types.str;
|
|
description = "Network interface to bind to.";
|
|
example = "eth0";
|
|
};
|
|
|
|
srcIp = mkOption {
|
|
type = types.str;
|
|
description = "Source (real) IP address of this host.";
|
|
};
|
|
|
|
vhId = mkOption {
|
|
type = types.ints.between 1 255;
|
|
description = "Virtual IP identifier shared between CARP hosts.";
|
|
example = 1;
|
|
};
|
|
|
|
passwordFile = mkOption {
|
|
type = types.str;
|
|
description = "File containing shared password between CARP hosts.";
|
|
example = "/run/keys/ucarp-password";
|
|
};
|
|
|
|
preempt = mkOption {
|
|
type = types.bool;
|
|
description = ''
|
|
Enable preemptive failover.
|
|
Thus, this host becomes the CARP master as soon as possible.
|
|
'';
|
|
default = false;
|
|
};
|
|
|
|
neutral = mkOption {
|
|
type = types.bool;
|
|
description = "Do not run downscript at start if the host is the backup.";
|
|
default = false;
|
|
};
|
|
|
|
addr = mkOption {
|
|
type = types.str;
|
|
description = "Virtual shared IP address.";
|
|
};
|
|
|
|
advBase = mkOption {
|
|
type = types.ints.unsigned;
|
|
description = "Advertisement frequency in seconds.";
|
|
default = 1;
|
|
};
|
|
|
|
advSkew = mkOption {
|
|
type = types.ints.unsigned;
|
|
description = "Advertisement skew in seconds.";
|
|
default = 0;
|
|
};
|
|
|
|
upscript = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
Command to run after become master, the interface name, virtual address
|
|
and optional extra parameters are passed as arguments.
|
|
'';
|
|
example = literalExpression ''
|
|
pkgs.writeScript "upscript" '''
|
|
#!/bin/sh
|
|
''${pkgs.iproute2}/bin/ip addr add "$2"/24 dev "$1"
|
|
''';
|
|
'';
|
|
};
|
|
|
|
downscript = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
Command to run after become backup, the interface name, virtual address
|
|
and optional extra parameters are passed as arguments.
|
|
'';
|
|
example = literalExpression ''
|
|
pkgs.writeScript "downscript" '''
|
|
#!/bin/sh
|
|
''${pkgs.iproute2}/bin/ip addr del "$2"/24 dev "$1"
|
|
''';
|
|
'';
|
|
};
|
|
|
|
deadratio = mkOption {
|
|
type = types.ints.unsigned;
|
|
description = "Ratio to consider a host as dead.";
|
|
default = 3;
|
|
};
|
|
|
|
shutdown = mkOption {
|
|
type = types.bool;
|
|
description = "Call downscript at exit.";
|
|
default = false;
|
|
};
|
|
|
|
ignoreIfState = mkOption {
|
|
type = types.bool;
|
|
description = "Ignore interface state, e.g., down or no carrier.";
|
|
default = false;
|
|
};
|
|
|
|
noMcast = mkOption {
|
|
type = types.bool;
|
|
description = "Use broadcast instead of multicast advertisements.";
|
|
default = false;
|
|
};
|
|
|
|
extraParam = mkOption {
|
|
type = types.nullOr types.str;
|
|
description = "Extra parameter to pass to the up/down scripts.";
|
|
default = null;
|
|
};
|
|
|
|
package = mkPackageOption pkgs "ucarp" {
|
|
extraDescription = ''
|
|
Please note that the default package, pkgs.ucarp, has not received any
|
|
upstream updates for a long time and can be considered as unmaintained.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
systemd.services.ucarp = {
|
|
description = "ucarp, userspace implementation of CARP";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
|
|
serviceConfig = {
|
|
Type = "exec";
|
|
ExecStart = ucarpExec;
|
|
|
|
ProtectSystem = "strict";
|
|
ProtectHome = true;
|
|
PrivateTmp = true;
|
|
ProtectClock = true;
|
|
ProtectKernelModules = true;
|
|
ProtectControlGroups = true;
|
|
MemoryDenyWriteExecute = true;
|
|
RestrictRealtime = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
meta.maintainers = with lib.maintainers; [ oxzi ];
|
|
}
|