| blob | fc0d5ec1a7abbefbf4bac8b3ad15c375e31e9930 |
1 {
2 config,
3 lib,
4 pkgs,
5 ...
6 }:
8 with lib;
10 let
11 cfg = config.services.pixiecore;
12 in
13 {
14 meta.maintainers = with maintainers; [ bbigras ];
16 options = {
17 services.pixiecore = {
18 enable = mkEnableOption "Pixiecore";
20 openFirewall = mkOption {
21 type = types.bool;
22 default = false;
23 description = ''
24 Open ports (67, 69, 4011 UDP and 'port', 'statusPort' TCP) in the firewall for Pixiecore.
25 '';
26 };
28 mode = mkOption {
29 description = "Which mode to use";
30 default = "boot";
31 type = types.enum [
32 "api"
33 "boot"
34 "quick"
35 ];
36 };
38 debug = mkOption {
39 type = types.bool;
40 default = false;
41 description = "Log more things that aren't directly related to booting a recognized client";
42 };
44 dhcpNoBind = mkOption {
45 type = types.bool;
46 default = false;
47 description = "Handle DHCP traffic without binding to the DHCP server port";
48 };
50 quick = mkOption {
51 description = "Which quick option to use";
52 default = "xyz";
53 type = types.enum [
54 "arch"
55 "centos"
56 "coreos"
57 "debian"
58 "fedora"
59 "ubuntu"
60 "xyz"
61 ];
62 };
64 kernel = mkOption {
65 type = types.str or types.path;
66 default = "";
67 description = "Kernel path. Ignored unless mode is set to 'boot'";
68 };
70 initrd = mkOption {
71 type = types.str or types.path;
72 default = "";
73 description = "Initrd path. Ignored unless mode is set to 'boot'";
74 };
76 cmdLine = mkOption {
77 type = types.str;
78 default = "";
79 description = "Kernel commandline arguments. Ignored unless mode is set to 'boot'";
80 };
82 listen = mkOption {
83 type = types.str;
84 default = "0.0.0.0";
85 description = "IPv4 address to listen on";
86 };
88 port = mkOption {
89 type = types.port;
90 default = 80;
91 description = "Port to listen on for HTTP";
92 };
94 statusPort = mkOption {
95 type = types.port;
96 default = 80;
97 description = "HTTP port for status information (can be the same as --port)";
98 };
100 apiServer = mkOption {
101 type = types.str;
102 example = "http://localhost:8080";
103 description = "URI to connect to the API. Ignored unless mode is set to 'api'";
104 };
106 extraArguments = mkOption {
107 type = types.listOf types.str;
108 default = [ ];
109 description = "Additional command line arguments to pass to Pixiecore";
110 };
111 };
112 };
114 config = mkIf cfg.enable {
115 users.groups.pixiecore = { };
116 users.users.pixiecore = {
117 description = "Pixiecore daemon user";
118 group = "pixiecore";
119 isSystemUser = true;
120 };
122 networking.firewall = mkIf cfg.openFirewall {
123 allowedTCPPorts = [
124 cfg.port
125 cfg.statusPort
126 ];
127 allowedUDPPorts = [
128 67
129 69
130 4011
131 ];
132 };
134 systemd.services.pixiecore = {
135 description = "Pixiecore server";
136 after = [ "network.target" ];
137 wants = [ "network.target" ];
138 wantedBy = [ "multi-user.target" ];
139 serviceConfig = {
140 User = "pixiecore";
141 Restart = "always";
142 AmbientCapabilities = [ "cap_net_bind_service" ] ++ optional cfg.dhcpNoBind "cap_net_raw";
143 ExecStart =
144 let
145 argString =
146 if cfg.mode == "boot" then
147 [
148 "boot"
149 cfg.kernel
150 ]
151 ++ optional (cfg.initrd != "") cfg.initrd
152 ++ optionals (cfg.cmdLine != "") [
153 "--cmdline"
154 cfg.cmdLine
155 ]
156 else if cfg.mode == "quick" then
157 [
158 "quick"
159 cfg.quick
160 ]
161 else
162 [
163 "api"
164 cfg.apiServer
165 ];
166 in
167 ''
168 ${pkgs.pixiecore}/bin/pixiecore \
169 ${lib.escapeShellArgs argString} \
170 ${optionalString cfg.debug "--debug"} \
171 ${optionalString cfg.dhcpNoBind "--dhcp-no-bind"} \
172 --listen-addr ${lib.escapeShellArg cfg.listen} \
173 --port ${toString cfg.port} \
174 --status-port ${toString cfg.statusPort} \
175 ${escapeShellArgs cfg.extraArguments}
176 '';
177 };
178 };
179 };
180 }