seasharp/Rosenthal
1
0
Fork 0
mirror of https://codeberg.org/hako/Rosenthal.git synced 2025-11-03 19:24:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
0fa66ce699
Rosenthal/modules/rosenthal/services/networking.scm
Hilton Chain 0fa66ce699
services: tailscale: Run with inherited environment variables. 
* modules/rosenthal/services/networking.scm (tailscale-configuration)
[iptables]: Remove field.
(tailscale-shepherd-service): Remove configuration to environment variables.
2025-10-25 15:51:11 +08:00

172 lines
5.0 KiB
Scheme
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;;; SPDX-FileCopyrightText: 2023 Hilton Chain <hako@ultrarare.space>
;;;
;;; SPDX-License-Identifier: GPL-3.0-or-later
(define-module (rosenthal services networking)
#:use-module (srfi srfi-1)
#:use-module (ice-9 match)
#:use-module (guix gexp)
#:use-module (guix records)
#:use-module (gnu packages linux)
#:use-module (gnu packages networking)
#:use-module (rosenthal packages networking)
#:use-module (gnu services)
#:use-module (gnu services admin)
#:use-module (gnu services configuration)
#:use-module (gnu services dbus)
#:use-module (gnu services shepherd)
#:use-module (gnu system shadow)
#:export (sing-box-service-type
sing-box-configuration
tailscale-configuration
tailscale-service-type))
;;;
;;; sing-box
;;;
(define (file-object? val)
(or (string? val)
(file-like? val)))
(define-configuration/no-serialization sing-box-configuration
(sing-box
(file-like sing-box)
"")
(config-file
file-object
"")
(data-directory
(string "/var/lib/sing-box")
"")
;; Shepherd
(shepherd-provision
(list-of-symbols '(sing-box))
"")
(shepherd-requirement
(list-of-symbols '(networking))
"")
(log-file
(string "/var/log/sing-box.log")
"")
(auto-start?
(boolean #t)
""))
(define sing-box-account
(list (user-group (name "sing-box") (system? #t))))
(define sing-box-activation
(match-record-lambda <sing-box-configuration>
(data-directory)
#~(begin
(use-modules (guix build utils))
(mkdir-p #$data-directory))))
(define sing-box-shepherd-service
(match-record-lambda <sing-box-configuration>
(sing-box data-directory config-file
shepherd-provision shepherd-requirement log-file auto-start?)
(list (shepherd-service
(provision shepherd-provision)
(requirement `(user-processes ,@shepherd-requirement))
(start
#~(make-forkexec-constructor
(list #$(file-append sing-box "/bin/sing-box")
"--config" #$config-file
"--directory" #$data-directory
"--disable-color"
"run")
#:log-file #$log-file))
(stop #~(make-kill-destructor))
(auto-start? auto-start?)))))
(define sing-box-service-type
(service-type
(name 'sing-box)
(extensions
(list (service-extension account-service-type
(const sing-box-account))
(service-extension activation-service-type
sing-box-activation)
(service-extension shepherd-root-service-type
sing-box-shepherd-service)
(service-extension log-rotation-service-type
(compose list sing-box-configuration-log-file))))
(description "")))
;;;
;;; Tailscale
;;;
(define-configuration tailscale-configuration
(tailscale
(file-like tailscale)
"The tailscale package to use.")
(log-file
(string "/var/log/tailscaled.log")
"Path to log file.")
(socket
(string "/var/run/tailscale/tailscaled.sock")
"Path of the service UNIX socket.")
(state-directory
(string "/var/lib/tailscale")
"Path to directory for storage of config state, TLS certs, temporary incoming
Taildrop files, etc. If empty, it's derived from @code{state-file} when
possible.")
(upload-log?
(boolean #f)
"Whether to upload logs or not, technical support is also disabled when set
to #f.")
(verbosity
(integer 0)
"Log verbosity level; 0 is default, 1 or higher are increasingly verbose.")
(extra-options
(list-of-strings '())
"List of extra options.")
(no-serialization))
(define tailscale-shepherd-service
(match-record-lambda <tailscale-configuration>
(tailscale log-file socket state-directory
upload-log? verbosity extra-options)
(list (shepherd-service
(documentation "Run tailscaled")
(provision '(tailscaled))
(requirement '(user-processes))
(start
#~(make-forkexec-constructor
(list
#$(file-append tailscale "/bin/tailscaled")
#$@(if upload-log?
'()
'("-no-logs-no-support"))
"-socket" #$socket
"-statedir" #$state-directory
"-verbose" #$(number->string verbosity)
#$@extra-options)
#:log-file #$log-file))
(stop #~(make-kill-destructor))))))
(define tailscale-service-type
(service-type
(name 'tailscaled)
(extensions
(list (service-extension shepherd-root-service-type
tailscale-shepherd-service)
(service-extension profile-service-type
(compose list tailscale-configuration-tailscale))
(service-extension log-rotation-service-type
(compose list tailscale-configuration-log-file))))
(default-value (tailscale-configuration))
(description "Run tailscaled.")))
Reference in New Issue View Git Blame Copy Permalink