2022-05-19 10:37:12 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.services.bird-lg;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
services.bird-lg = {
|
|
|
|
package = mkOption {
|
|
|
|
type = types.package;
|
|
|
|
default = pkgs.bird-lg;
|
|
|
|
defaultText = literalExpression "pkgs.bird-lg";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "The Bird Looking Glass package to use.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
user = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "bird-lg";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "User to run the service.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
group = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "bird-lg";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Group to run the service.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
frontend = {
|
2022-08-28 20:18:44 +01:00
|
|
|
enable = mkEnableOption (lib.mdDoc "Bird Looking Glass Frontend Webserver");
|
2022-05-19 10:37:12 +01:00
|
|
|
|
|
|
|
listenAddress = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "127.0.0.1:5000";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Address to listen on.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
proxyPort = mkOption {
|
|
|
|
type = types.port;
|
|
|
|
default = 8000;
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Port bird-lg-proxy is running on.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
domain = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "";
|
|
|
|
example = "dn42.lantian.pub";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Server name domain suffixes.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
servers = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [ ];
|
|
|
|
example = [ "gigsgigscloud" "hostdare" ];
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Server name prefixes.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
whois = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "whois.verisign-grs.com";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Whois server for queries.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
dnsInterface = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "asn.cymru.com";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "DNS zone to query ASN information.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
bgpMapInfo = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [ "asn" "as-name" "ASName" "descr" ];
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Information displayed in bgpmap.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
titleBrand = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "Bird-lg Go";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Prefix of page titles in browser tabs.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
netSpecificMode = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "";
|
|
|
|
example = "dn42";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Apply network-specific changes for some networks.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
protocolFilter = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [ ];
|
|
|
|
example = [ "ospf" ];
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Information displayed in bgpmap.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
nameFilter = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "";
|
|
|
|
example = "^ospf";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Protocol names to hide in summary tables (RE2 syntax),";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
timeout = mkOption {
|
|
|
|
type = types.int;
|
|
|
|
default = 120;
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Time before request timed out, in seconds.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
navbar = {
|
|
|
|
brand = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "Bird-lg Go";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Brand to show in the navigation bar .";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
brandURL = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "/";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "URL of the brand to show in the navigation bar.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
allServers = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "ALL Servers";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Text of 'All server' button in the navigation bar.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
allServersURL = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "all";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "URL of 'All servers' button.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
extraArgs = mkOption {
|
|
|
|
type = types.lines;
|
|
|
|
default = "";
|
2022-08-03 21:46:41 +01:00
|
|
|
description = lib.mdDoc ''
|
|
|
|
Extra parameters documented [here](https://github.com/xddxdd/bird-lg-go#frontend).
|
2022-08-03 02:05:47 +01:00
|
|
|
'';
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
proxy = {
|
2022-08-28 20:18:44 +01:00
|
|
|
enable = mkEnableOption (lib.mdDoc "Bird Looking Glass Proxy");
|
2022-05-19 10:37:12 +01:00
|
|
|
|
|
|
|
listenAddress = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "127.0.0.1:8000";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Address to listen on.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
allowedIPs = mkOption {
|
|
|
|
type = types.listOf types.str;
|
|
|
|
default = [ ];
|
|
|
|
example = [ "192.168.25.52" "192.168.25.53" ];
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "List of IPs to allow (default all allowed).";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
birdSocket = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "/run/bird.ctl";
|
|
|
|
example = "/var/run/bird/bird.ctl";
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Bird control socket path.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
traceroute = {
|
|
|
|
binary = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "${pkgs.traceroute}/bin/traceroute";
|
|
|
|
defaultText = literalExpression ''"''${pkgs.traceroute}/bin/traceroute"'';
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Traceroute's binary path.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
rawOutput = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = false;
|
2022-07-28 22:19:15 +01:00
|
|
|
description = lib.mdDoc "Display traceroute output in raw format.";
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
extraArgs = mkOption {
|
|
|
|
type = types.lines;
|
|
|
|
default = "";
|
2022-08-03 21:46:41 +01:00
|
|
|
description = lib.mdDoc ''
|
|
|
|
Extra parameters documented [here](https://github.com/xddxdd/bird-lg-go#proxy).
|
2022-08-03 02:05:47 +01:00
|
|
|
'';
|
2022-05-19 10:37:12 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
###### implementation
|
|
|
|
|
|
|
|
config = {
|
|
|
|
systemd.services = {
|
|
|
|
bird-lg-frontend = mkIf cfg.frontend.enable {
|
|
|
|
enable = true;
|
|
|
|
after = [ "network.target" ];
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
description = "Bird Looking Glass Frontend Webserver";
|
|
|
|
serviceConfig = {
|
|
|
|
Type = "simple";
|
|
|
|
Restart = "on-failure";
|
|
|
|
ProtectSystem = "full";
|
|
|
|
ProtectHome = "yes";
|
|
|
|
MemoryDenyWriteExecute = "yes";
|
|
|
|
User = cfg.user;
|
|
|
|
Group = cfg.group;
|
|
|
|
};
|
|
|
|
script = ''
|
|
|
|
${cfg.package}/bin/frontend \
|
|
|
|
--servers ${concatStringsSep "," cfg.frontend.servers } \
|
|
|
|
--domain ${cfg.frontend.domain} \
|
|
|
|
--listen ${cfg.frontend.listenAddress} \
|
|
|
|
--proxy-port ${toString cfg.frontend.proxyPort} \
|
|
|
|
--whois ${cfg.frontend.whois} \
|
|
|
|
--dns-interface ${cfg.frontend.dnsInterface} \
|
|
|
|
--bgpmap-info ${concatStringsSep "," cfg.frontend.bgpMapInfo } \
|
|
|
|
--title-brand ${cfg.frontend.titleBrand} \
|
|
|
|
--navbar-brand ${cfg.frontend.navbar.brand} \
|
|
|
|
--navbar-brand-url ${cfg.frontend.navbar.brandURL} \
|
|
|
|
--navbar-all-servers ${cfg.frontend.navbar.allServers} \
|
|
|
|
--navbar-all-url ${cfg.frontend.navbar.allServersURL} \
|
|
|
|
--net-specific-mode ${cfg.frontend.netSpecificMode} \
|
|
|
|
--protocol-filter ${concatStringsSep "," cfg.frontend.protocolFilter } \
|
|
|
|
--name-filter ${cfg.frontend.nameFilter} \
|
|
|
|
--time-out ${toString cfg.frontend.timeout} \
|
|
|
|
${cfg.frontend.extraArgs}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
bird-lg-proxy = mkIf cfg.proxy.enable {
|
|
|
|
enable = true;
|
|
|
|
after = [ "network.target" ];
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
description = "Bird Looking Glass Proxy";
|
|
|
|
serviceConfig = {
|
|
|
|
Type = "simple";
|
|
|
|
Restart = "on-failure";
|
|
|
|
ProtectSystem = "full";
|
|
|
|
ProtectHome = "yes";
|
|
|
|
MemoryDenyWriteExecute = "yes";
|
|
|
|
User = cfg.user;
|
|
|
|
Group = cfg.group;
|
|
|
|
};
|
|
|
|
script = ''
|
|
|
|
${cfg.package}/bin/proxy \
|
|
|
|
--allowed ${concatStringsSep "," cfg.proxy.allowedIPs } \
|
|
|
|
--bird ${cfg.proxy.birdSocket} \
|
|
|
|
--listen ${cfg.proxy.listenAddress} \
|
|
|
|
--traceroute_bin ${cfg.proxy.traceroute.binary}
|
|
|
|
--traceroute_raw ${boolToString cfg.proxy.traceroute.rawOutput}
|
|
|
|
${cfg.proxy.extraArgs}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
users = mkIf (cfg.frontend.enable || cfg.proxy.enable) {
|
|
|
|
groups."bird-lg" = mkIf (cfg.group == "bird-lg") { };
|
|
|
|
users."bird-lg" = mkIf (cfg.user == "bird-lg") {
|
|
|
|
description = "Bird Looking Glass user";
|
|
|
|
extraGroups = lib.optionals (config.services.bird2.enable) [ "bird2" ];
|
|
|
|
group = cfg.group;
|
|
|
|
isSystemUser = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|