Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

squid service: initial service based on default config #27256

Merged
merged 1 commit into from Sep 17, 2017
Merged

squid service: initial service based on default config #27256

merged 1 commit into from Sep 17, 2017

Conversation

bachp
Copy link
Member

@bachp bachp commented Jul 9, 2017

Motivation for this change

Allow to run squid as a NixOS service.

This is work in progress the configuration is based on the the default configuration to make the service work. Currently only the port can be configured.

I'm planning to allow some more configuration by taking inspiration from NethServer.

This is still work in progress but as I'm new to squid and the config is pretty complex I already share my work in case there is a squid expert around wanting to help out.

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@bachp bachp changed the title WIP: squid service: intial service based on default config WIP: squid service: initial service based on default config Jul 9, 2017
0xABAB
0xABAB reviewed Jul 10, 2017
View reviewed changes
nixos/modules/services/networking/squid.nix
Type="forking";
PIDFile="/run/squid.pid";
PermissionsStartOnly = true;
ExecStart = "${pkgs.squid}/bin/squid -YCs -f ${squidConfig}";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use lib.escapeShellArg

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think anything needs escaping. All arguments are fixed and the config file path is generated. Do I miss something?

@bachp bachp changed the title WIP: squid service: initial service based on default config squid service: initial service based on default config Sep 9, 2017
@bachp
Copy link
Member Author

bachp commented Sep 9, 2017

I did run this for some time now and it works. So for basic proyxing it is enough to do services.squid.enable = true;.

I think it can be merged.

@bachp
Copy link
Member Author

bachp commented Sep 9, 2017

@bjornfor systemd service description is now starting with capital letter.

@bachp
Copy link
Member Author

bachp commented Sep 17, 2017

@fpletz this is no longer WIP

@fpletz fpletz added this to the 17.09 milestone Sep 17, 2017
fpletz
fpletz approved these changes Sep 17, 2017
View reviewed changes
Copy link
Member

@fpletz fpletz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! This module is nice and easy so we'll squeeze it into 17.09. :)

@fpletz fpletz merged commit 2759143 into NixOS:master Sep 17, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xABAB 0xABAB 0xABAB left review comments

@fpletz fpletz fpletz approved these changes

Assignees
No one assigned
Labels
8.has: module (new)
Projects
None yet
Milestone
17.09
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bachp @fpletz @0xABAB