nixos/modules/services/networking/scion/scion-control.nix

   1 {
   2   config,
   3   lib,
   4   pkgs,
   5   ...
   6 }:
   7
   8 with lib;
   9
  10 let
  11   globalCfg = config.services.scion;
  12   cfg = config.services.scion.scion-control;
  13   toml = pkgs.formats.toml { };
  14   connectionDir = if globalCfg.stateless then "/run" else "/var/lib";
  15   defaultConfig = {
  16     general = {
  17       id = "cs";
  18       config_dir = "/etc/scion";
  19       reconnect_to_dispatcher = true;
  20     };
  21     beacon_db = {
  22       connection = "${connectionDir}/scion-control/control.beacon.db";
  23     };
  24     path_db = {
  25       connection = "${connectionDir}/scion-control/control.path.db";
  26     };
  27     trust_db = {
  28       connection = "${connectionDir}/scion-control/control.trust.db";
  29     };
  30     log.console = {
  31       level = "info";
  32     };
  33   };
  34   configFile = toml.generate "scion-control.toml" (recursiveUpdate defaultConfig cfg.settings);
  35 in
  36 {
  37   options.services.scion.scion-control = {
  38     enable = mkEnableOption "the scion-control service";
  39     settings = mkOption {
  40       default = { };
  41       type = toml.type;
  42       example = literalExpression ''
  43         {
  44           path_db = {
  45             connection = "/run/scion-control/control.path.db";
  46           };
  47           log.console = {
  48             level = "info";
  49           };
  50         }
  51       '';
  52       description = ''
  53         scion-control configuration. Refer to
  54         <https://docs.scion.org/en/latest/manuals/common.html>
  55         for details on supported values.
  56       '';
  57     };
  58   };
  59   config = mkIf cfg.enable {
  60     systemd.services.scion-control = {
  61       description = "SCION Control Service";
  62       after = [
  63         "network-online.target"
  64         "scion-dispatcher.service"
  65       ];
  66       wants = [
  67         "network-online.target"
  68         "scion-dispatcher.service"
  69       ];
  70       wantedBy = [ "multi-user.target" ];
  71       serviceConfig = {
  72         Type = "simple";
  73         Group = if (config.services.scion.scion-dispatcher.enable == true) then "scion" else null;
  74         ExecStart = "${globalCfg.package}/bin/scion-control --config ${configFile}";
  75         DynamicUser = true;
  76         Restart = "on-failure";
  77         BindPaths = [ "/dev/shm:/run/shm" ];
  78         ${if globalCfg.stateless then "RuntimeDirectory" else "StateDirectory"} = "scion-control";
  79       };
  80     };
  81   };
  82 }