Author: eelco
Date: Wed Apr 27 14:03:46 2011
New Revision: 26995
URL: https://svn.nixos.org/websvn/nix/?rev=26995&sc=1
Log:
* gw6c: don't depend on the services tree.
Added:
nixos/trunk/modules/services/networking/gw6c/
nixos/trunk/modules/services/networking/gw6c/control.in
- copied unchanged from r26993, services/trunk/gw6c/control.in
nixos/trunk/modules/services/networking/gw6c/default.nix
- copied, changed from r26990,
nixos/trunk/modules/services/networking/gw6c.nix
nixos/trunk/modules/services/networking/gw6c/gw6c.conf
- copied unchanged from r26993, services/trunk/gw6c/gw6c.conf
Deleted:
nixos/trunk/modules/services/networking/gw6c.nix
Modified:
nixos/trunk/modules/module-list.nix
Modified: nixos/trunk/modules/module-list.nix
==============================================================================
--- nixos/trunk/modules/module-list.nix Wed Apr 27 14:03:06 2011 (r26994)
+++ nixos/trunk/modules/module-list.nix Wed Apr 27 14:03:46 2011 (r26995)
@@ -101,7 +101,7 @@
./services/networking/git-daemon.nix
./services/networking/gnunet.nix
./services/networking/gvpe.nix
- ./services/networking/gw6c.nix
+ ./services/networking/gw6c/default.nix
./services/networking/ifplugd.nix
#./services/networking/ircd-hybrid.nix
./services/networking/nat.nix
Copied: nixos/trunk/modules/services/networking/gw6c/control.in (from r26993,
services/trunk/gw6c/control.in)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ nixos/trunk/modules/services/networking/gw6c/control.in Wed Apr 27
14:03:46 2011 (r26995, copy of r26993, services/trunk/gw6c/control.in)
@@ -0,0 +1,42 @@
+#! @shell@ -e
+
+# Make sure that the environment is deterministic.
+export PATH=@coreutils@/bin
+export
PATH=@coreutils@/bin:@gnugrep@/bin:@gnused@/bin:@iputils@/bin:@iputils@/sbin:@procps@/bin:@seccure@/bin
+export BASEDIR=$(dirname $(dirname $0))
+
+ mkdir /tmp/.gw6c || true
+ touch /tmp/.gw6c/gw6c.conf
+ chmod 0700 /tmp/.gw6c
+ chmod 0700 /tmp/.gw6c/gw6c.conf
+ seccure-decrypt -F @privkey@ -i $BASEDIR/conf/gw6c.conf >
/tmp/.gw6c/gw6c.conf
+
+stop ()
+{
+ pkill gw6c
+}
+
+ln -s /dev/net/tun /dev/tun || true;
+
+if test "$1" = "start"; then
+ trap 'stop ; exit ' 15
+
+ if test -n "@pingBefore@"; then while ! @iputils@/bin/ping @gw6server@
-c1 -w1 ; do sleep 1; done; fi
+ cd /tmp/.gw6c
+ @coreutils@/bin/yes | \
+ env - HOME=/tmp/.gw6c $extraEnv \
+ @gw6c@/bin/gw6c -f /tmp/.gw6c/gw6c.conf 2>&1 >/var/log/gw6c.out
+ while @procps@/bin/pgrep gw6c; do
+ sleep @everPing@;
+ @iputils@/sbin/traceroute6 $( @coreutils@/bin/cat /var/log/gw6c.log |
+ @gnugrep@/bin/grep peer |
+ @gnused@/bin/sed -e 's/.*with //; s/ .*//' |
+ @coreutils@/bin/head -1) &
+ done;
+ pkill gw6c;
+ exit
+fi
+
+if test "$1" = "stop"; then
+ env - HOME=/homeless-shelter @procps@/bin/pkill gw6c;
+fi;
Copied and modified: nixos/trunk/modules/services/networking/gw6c/default.nix
(from r26990, nixos/trunk/modules/services/networking/gw6c.nix)
==============================================================================
--- nixos/trunk/modules/services/networking/gw6c.nix Wed Apr 27 13:16:33
2011 (r26990, copy source)
+++ nixos/trunk/modules/services/networking/gw6c/default.nix Wed Apr 27
14:03:46 2011 (r26995)
@@ -6,21 +6,37 @@
cfg = config.services.gw6c;
- # !!! Move this from the services tree to the nixos tree.
- gw6cService = import /etc/nixos/services/gw6c {
- inherit (pkgs) stdenv gw6c coreutils
- procps iputils gnused
- gnugrep seccure writeScript;
- upstart = config.system.build.upstart;
- username = cfg.username;
- password = cfg.password;
- server = cfg.server;
- keepAlive = cfg.keepAlive;
- everPing = cfg.everPing;
- seccureKeys = config.security.seccureKeys;
- waitPingableBroker = cfg.waitPingableBroker;
+ gw6cService = pkgs.stdenv.mkDerivation {
+ name = "gw6c-service";
+ inherit (pkgs) gw6c coreutils procps upstart iputils gnused gnugrep
seccure;
+
+ inherit (cfg) username password keepAlive everPing;
+
+ gw6server = cfg.server;
+ authMethod = if cfg.username == "" then "anonymous" else "any";
+ gw6dir = pkgs.gw6c;
+
+ pingBefore = if cfg.waitPingableBroker then "true" else "";
+
+ pubkey = config.security.seccureKeys.public;
+ privkey = config.security.seccureKeys.private;
+
+ buildCommand =
+ ''
+ mkdir -p $out/bin $out/conf
+
+ mkdir conf
+ chmod 0700 conf
+ touch conf/raw
+ chmod 0700 conf/raw
+
+ substituteAll ${./gw6c.conf} conf/raw
+ $seccure/bin/seccure-encrypt "$(cat $pubkey)" -i conf/raw -o
$out/conf/gw6c.conf
+ substituteAll ${./control.in} $out/bin/control
+ chmod a+x $out/bin/control
+ '';
};
-
+
in
{
Copied: nixos/trunk/modules/services/networking/gw6c/gw6c.conf (from r26993,
services/trunk/gw6c/gw6c.conf)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ nixos/trunk/modules/services/networking/gw6c/gw6c.conf Wed Apr 27
14:03:46 2011 (r26995, copy of r26993, services/trunk/gw6c/gw6c.conf)
@@ -0,0 +1,338 @@
+#-----------------------------------------------------------------------------
+# $Id: gw6c.conf.in,v 1.5 2007/05/09 13:41:32 cnepveu Exp $
+#-----------------------------------------------------------------------------
+
+########################## READ ME! ################################
+#
+# Welcome to the Gateway6 Client configuration file.
+# In order to use the client, you need to modify the 'userid', 'passwd' and
+# 'server' parameters below depending on which of these situations applies:
+#
+# 1. If you created a Freenet6 account, enter your userid and password below.
+# Change the server name to "broker.freenet6.net" and auth_method to 'any'.
+# 2. If you would like to use Freenet6 without creating an account,
+# do not make any modifications and close this file.
+# 3. If this software was provided by your ISP, enter the userid, password and
+# server name provided by your ISP below.
+#
+
+
+########################## BASIC CONFIGURATION ################################
+
+#
+# User Identification and Password:
+# Specify your user name and password as provided by your ISP or Freenet6.
+# If you plan to connect anonymously, leave these values empty.
+# NOTE: Change auth_method option if you are using a username/password.
+#
+# userid=<your_userid>
+# passwd=<your_password>
+#
+userid=@username@
+passwd=@password@
+
+
+#
+# Gateway6 Server:
+# Specify a Gateway6 server name or IP address (provided by your ISP or
+# Freenet6). An optional port number can be added; the default port number
+# is 3653.
+#
+# Examples:
+# server=hostname # FQDN
+# server=A.B.C.D # IPv4 address
+# server=[X:X::X:X] # IPv6 address
+# server=hostname:port_number
+# server=A.B.C.D:port_number
+# server=[X:X::X:X]:port_number
+#
+# Freenet6 account holders should enter broker.freenet6.net, otherwise use
+# anon.freenet6.net. Your ISP may provide you with a different server name.
+#
+#server=anon.freenet6.net
+#server=broker.freenet6.net
+#server=broker.aarnet.net.au
+server=@gw6server@
+
+#
+# Authentication Method:
+#
+# auth_method=<{anonymous}|{any|passdss-3des-1|digest-md5|plain}>
+#
+# anonymous: Sends no username or password
+#
+# any: The most secure method will be used.
+# passdss-3des-1: The password is sent encrypted.
+# digest-md5: The password is sent encrypted.
+# plain: Both username and password are sent as plain text.
+#
+# Recommended values:
+# - any: If you are authenticating a username / password.
+# - anonymous: If you are connecting anonymously.
+#
+#auth_method=anonymous
+#auth_method=any
+auth_method=@authMethod@
+
+
+########################## ROUTING CONFIGURATION ##############################
+# Use these parameters when you wish the client to act as a router and provide
+# IPv6 connectivity to IPv6-capable devices on your network.
+
+#
+# Local Host Type:
+# Change this value to 'router' to enable IPv6 advertisements.
+#
+# host_type=<host|router>
+#
+host_type=host
+
+#
+# Prefix Length:
+# Length of the requested prefix. Valid values range between 0 and 64 when
+# using V6*V4 tunnel modes, and between 0 and 32 when using V4V6 tunnel mode.
+#
+# prefixlen=<integer>
+#
+prefixlen=64
+
+#
+# Advertisement Interface Prefix:
+# Name of the interface that will be configured to send router
advertisements.
+# This is an interface index on Windows (ex: 4) and a name on Linux
+# and BSD (ex: eth1 or fxp1).
+#
+# if_prefix=<interface name>
+#
+if_prefix=
+
+#
+# DNS Server:
+# A DNS server list to which the reverse prefix will be delegated. Servers
+# are separated by the colon(:) delimiter.
+#
+# Example: dns_server=ns1.domain:ns2.domain:ns3.domain
+#
+dns_server=
+
+
+######################### ADVANCED CONFIGURATION ##############################
+
+#
+# Gateway6 Client Installation Directory:
+# Directory where the Gateway6 Client will be installed. This value has been
+# set during installation.
+#
+gw6_dir=@gw6dir@
+
+#
+# Auto-Retry Connect and Delay:
+# The time lapse, in seconds, between each reconnection in the case of a
+# timeout.
+#
+# auto_retry_connect=<yes|no>
+# retry_delay=<integer>
+#
+# Recommended values: "yes" and 30
+#
+auto_retry_connect=yes
+retry_delay=5
+
+#
+# Keepalive Feature and Message Interval:
+# Indicates if and how often the client will send data to keep the tunnel
+# active.
+#
+# keepalive=<yes|no>
+# keepalive_interval=<integer>
+#
+# Recommended values: "yes" and 30
+#
+keepalive=yes
+keepalive_interval=@keepAlive@
+
+#
+# Tunnel Encapsulation Mode:
+# v6v4: IPv6-in-IPv4 tunnel.
+# v6udpv4: IPv6-in-UDP-in-IPv4 tunnel (for clients behind a NAT).
+# v6anyv4: Lets the broker choose the best mode for IPv6 tunnel.
+# v4v6: IPv4-in-IPv6 tunnel.
+#
+# Recommended value: v6anyv4
+#
+tunnel_mode=v6anyv4
+
+#
+# Tunnel Interface Name:
+# The interface name assigned to the tunnel. This value is O/S dependent.
+#
+# if_tunnel_v6v4 is the tunnel interface name for v6v4 encapsulation mode
+# if_tunnel_v6udpv4 is the tunnel interface name for v6udpv4 encapsulate mode
+# if_tunnel_v4v6 is the tunnel interface name for v4v6 encapsulation mode
+#
+# Default values are set during installation.
+#
+if_tunnel_v6v4=sit1
+if_tunnel_v6udpv4=tun
+if_tunnel_v4v6=sit0
+
+#
+# Local IP Address of the Client:
+# Allows you to set a specific address as the local tunnel endpoint.
+#
+# client_v4=<auto|A.B.C.D (valid ipv4 address)>
+# client_v6=<auto|X:X::X:X (valid ipv6 address)>
+# auto: The Gateway6 Client will find the local IP address endpoint.
+#
+# Recommended value: auto
+#
+client_v4=auto
+client_v6=auto
+
+#
+# Script Name:
+# File name of the script to run to install the tunnel interface. The
+# scripts are located in the template directory under the client
+# installation directory.
+#
+#
template=<checktunnel|freebsd|netbsd|openbsd|linux|windows|darwin|cisco|solaris>
+#
+# Default value is set during installation.
+#
+template=linux
+
+#
+# Proxy client:
+# Indicates that this client will request a tunnel for another endpoint,
+# such as a Cisco router.
+#
+# proxy_client=<yes|no>
+#
+# NOTE: NAT traversal is not possible in proxy mode.
+#
+proxy_client=no
+
+
+############################ BROKER REDIRECTION ###############################
+
+#
+# Broker List File Name:
+# The 'broker_list' directive specifies the filename where the broker
+# list received during broker redirection will be saved.
+#
+# broker_list=<file_name>
+#
+broker_list=/tmp/tsp-broker-list.txt
+
+#
+# Last Server Used File Name:
+# The 'last_server' directive specifies the filename where the address of
+# the last broker to which a connection was successfully established will
+# be saved.
+#
+# last_server=<file_name>
+#
+last_server=/tmp/tsp-last-server.txt
+
+#
+# Always Use Last Known Working Server:
+# The value of the 'always_use_same_server' directive determines whether the
+# client should always try to connect to the broker found in the
+# 'last_server' directive filename.
+#
+# always_use_same_server=<yes|no>
+#
+always_use_same_server=no
+
+
+#################################### LOGGING ##################################
+
+#
+# Log Verbosity Configuration:
+# The format is 'log_<destination>=level', where possible values for
+# 'destination' are:
+#
+# - console (logging to the console [AKA stdout])
+# - stderr (logging to standard error)
+# - file (logging to a file)
+# - syslog (logging to syslog [Unix only])
+#
+# and 'level' is a digit between 0 and 3. A 'level' value of 0 disables
+# logging to the destination, while values 1 to 3 request increasing levels
+# of log verbosity and detail. If 'level' is not specified, a value of 1 is
+# assumed.
+#
+# Example:
+# log_file=3 (Maximal logging to a file)
+# log_stderr=0 (Logging to standard error disabled)
+# log_console= (Minimal logging to the console)
+#
+# - Default configuration on Windows platforms:
+#
+# log_console=0
+# log_stderr=0
+# log_file=1
+#
+# - Default configuration on Unix platforms:
+#
+# log_console=0
+# log_stderr=1
+# log_file=0
+# log_syslog=0
+#
+#log_console=
+#log_stderr=
+#log_file=
+#log_syslog=
+log_file=3
+
+#
+# Log File Name:
+# When logging to file is requested using the 'log_file' directive, the name
+# and path of the file to use may be specified using this directive.
+#
+# log_filename=<file_name>
+#
+log_filename=/var/log/gw6c.log
+
+#
+# Log File Rotation:
+# When logging to file is requested using the 'log_file' directive, log file
+# rotation may be enabled. When enabled, the contents of the log file will
+# be moved to a backup file just before it reaches the maximum log file size
+# specified via this directive.
+#
+# The name of the backup file is the name of the original log file with
+# '.<timestamp>' inserted before the file extension. If the file does not
+# have an extension, '.<timestamp>' is appended to the name of the original
+# log file. The timestamp specifies when the rotation occurred.
+#
+# After the contents of the log file have been moved to the backup file, the
+# original file is cleared, and logging resumes at the beginning of the
file.
+#
+# log_rotation=<yes|no>
+#
+log_rotation=yes
+
+#
+# Log File Rotation Size:
+# The 'log_rotation_size' directive specifies the maximum size a log file
may
+# reach before rotation occurs, if enabled. The value is expressed in
+# kilobytes.
+#
+# log_rotation_size=<16|32|128|1024>
+#
+log_rotation_size=32
+
+#
+# Syslog Logging Facility [Unix Only]:
+# When logging to syslog is requested using the 'log_syslog' directive, the
+# facility to use may be specified using this directive.
+#
+# syslog_facility=<USER|LOCAL[0-7]>
+#
+syslog_facility=USER
+
+
+# end of gw6c.conf
+#------------------------------------------------------------------------------
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
