tuntox: init at 0.0.8 #32823
tuntox: init at 0.0.8 #32823
Conversation
|
@GrahamcOfBorg eval |
What causes the PreStart script to fail? How can I reproduce it? |
|
@orivej useSandbox prevents the preStart script from creating/modifying/(accessing?) /var (edit: well, i'm not 100% sure that's the reason why it fails) Just enable that option and set |
| @@ -306,6 +306,7 @@ | |||
| ceph = 288; | |||
| duplicati = 289; | |||
| monetdb = 290; | |||
| tuntox = 291; | |||
There was a problem hiding this comment.
Are you sure you need the user to be a specific ID? It usually isn't necessary since the system can assign user IDs.
| }; | ||
|
|
||
| preStart = '' | ||
| mkdir -p ${persistentIdDirectory} |
There was a problem hiding this comment.
Instead of making the directory in a preStart you can do it in an activation script like in
| src = fetchFromGitHub { | ||
| owner = "gjedeer"; | ||
| repo = "tuntox"; | ||
| rev = "${version}"; |
| { | ||
| options = { | ||
| services.tuntox.server = { | ||
| enable = mkOption { |
| secret = mkOption { | ||
| type = types.nullOr types.str; | ||
| default = null; | ||
| description = "Shared secret used for connection authentication"; |
There was a problem hiding this comment.
It might be good to point out that this secret will be world readable when inserted in the Nix store. Can this optionally be done with a secretFile that is stored outside the nix store?
|
(triage) @fgaz Are you still willing to work on this? |
|
@Ekleog yes, but it'll have to wait a bit |
|
@fgaz do you need a hand with this or are you able to continue? |
|
@aanderse I just don't (and won't for another month) have much time to make and test those modifications. Maybe in the meantime I could split this into one pr for the package, which is quick and already reviewed, and keep this one for the module only. |
| { stdenv, fetchFromGitHub, fetchpatch, pkgconfig, libtoxcore, libsodium, libevent }: | ||
|
|
||
| stdenv.mkDerivation rec { | ||
| name = "tuntox-${version}"; |
There was a problem hiding this comment.
Please replace with pname = "tuntox"; and then you can drop name as it will be implied.
|
|
||
| src = fetchFromGitHub { | ||
| owner = "gjedeer"; | ||
| repo = "tuntox"; |
There was a problem hiding this comment.
repo = pname; is a common pattern.
| license = licenses.gpl3; | ||
| platforms = platforms.linux; | ||
| maintainers = with maintainers; [ fgaz ]; | ||
| homepage = https://github.com/gjedeer/tuntox; |
|
For the author, reviewers, and committers: this PR was scanned and appears to add a use of the deprecated
|
|
Thank you for your contributions.
|
stale
bot
added
the
2.status: stale
|
Stale bot, I'll still finish this... someday |
stale
bot
removed
the
2.status: stale
|
I marked this as stale due to inactivity. → More info |
stale
bot
added
the
2.status: stale
|
@fgaz Was looking at putting together a PR for tuntox and found this draft first. Are you still interested in finishing it? I'd also be happy to start a new PR based off of this WIP branch. I've never had to create a package that creates/enables a service there so I'm a little bit less certain about fine-tuning those details, but at the very least would like to see the binaries available! |
stale
bot
removed
the
2.status: stale
|
Wow, I totally forgot about this 😅 Thanks for pushing this forward @willcohen! I don't really want to finish the module for this right now, so let's go with your package! |
Motivation for this change
Add the tuntox package and a systemd service to set up a server with it. I may also add a tuntox client service in the future, so the server is under the
tuntox.servernamespaceThings done
build-use-sandboxinnix.confon non-NixOS)/varisn't the right place?nix-shell -p nox --run "nox-review wip"./result/bin/)