diff --git a/nixos/modules/services/networking/avahi-daemon.nix b/nixos/modules/services/networking/avahi-daemon.nix index 284b2b84e6c7..8b178ee93980 100644 --- a/nixos/modules/services/networking/avahi-daemon.nix +++ b/nixos/modules/services/networking/avahi-daemon.nix @@ -1,5 +1,5 @@ # Avahi daemon. -{ config, lib, pkgs, ... }: +{ config, lib, utils, pkgs, ... }: with lib; @@ -7,7 +7,9 @@ let cfg = config.services.avahi; - inherit (pkgs) avahi; + # We must escape interfaces due to the systemd interpretation + subsystemDevice = interface: + "sys-subsystem-net-devices-${utils.escapeSystemdPath interface}.device"; avahiDaemonConf = with cfg; pkgs.writeText "avahi-daemon.conf" '' [server] @@ -21,12 +23,18 @@ let browse-domains=${concatStringsSep ", " browseDomains} use-ipv4=${if ipv4 then "yes" else "no"} use-ipv6=${if ipv6 then "yes" else "no"} + ${optionalString (interfaces!=null) "allow-interfaces=${concatStringsSep "," interfaces}"} [wide-area] enable-wide-area=${if wideArea then "yes" else "no"} [publish] - disable-publishing=${if publishing then "no" else "yes"} + disable-publishing=${if publish.enable then "no" else "yes"} + disable-user-service-publishing=${if publish.userServices then "no" else "yes"} + publish-addresses=${if publish.userServices || publish.addresses then "yes" else "no"} + publish-hinfo=${if publish.hinfo then "yes" else "no"} + publish-workstation=${if publish.workstation then "yes" else "no"} + publish-domain=${if publish.domain then "yes" else "no"} ''; in @@ -74,14 +82,55 @@ in description = ''Whether to use IPv6''; }; + interfaces = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = '' + List of network interfaces that should be used by the avahi-daemon. + Other interfaces will be ignored. If null all local interfaces + except loopback and point-to-point will be used. + ''; + }; + wideArea = mkOption { default = true; description = ''Whether to enable wide-area service discovery.''; }; - publishing = mkOption { - default = true; - description = ''Whether to allow publishing.''; + publish = { + enable = mkOption { + default = false; + description = ''Whether to allow publishing in general.''; + }; + + userServices = mkOption { + default = false; + description = ''Whether to publish user services. Will set addresses=true.''; + }; + + addresses = mkOption { + default = false; + description = ''Whether to register mDNS address records for all local IP addresses.''; + }; + + hinfo = mkOption { + default = false; + description = '' + Whether to register an mDNS HINFO record which contains information about the + local operating system and CPU. + ''; + }; + + workstation = mkOption { + default = false; + description = ''Whether to register a service of type "_workstation._tcp" on the local LAN.''; + }; + + domain = mkOption { + default = false; + description = ''Whether to announce the locally used domain name for browsing by other hosts.''; + }; + }; nssmdns = mkOption { @@ -118,29 +167,36 @@ in system.nssModules = optional cfg.nssmdns pkgs.nssmdns; - environment.systemPackages = [ avahi ]; + environment.systemPackages = [ pkgs.avahi ]; - jobs.avahi_daemon = - { name = "avahi-daemon"; + systemd.services.avahi-daemon = + let + deps = optionals (cfg.interfaces!=null) (map subsystemDevice cfg.interfaces); + in + { description = "Avahi daemon"; + wantedBy = [ "ip-up.target" ]; + bindsTo = deps; + after = deps; + before = [ "ip-up.target" ]; + # Receive restart event after resume + partOf = [ "post-resume.target" ]; - startOn = "ip-up"; + path = [ pkgs.coreutils pkgs.avahi ]; + + preStart = "mkdir -p /var/run/avahi-daemon"; script = '' - export PATH="${avahi}/bin:${avahi}/sbin:$PATH" - # Make NSS modules visible so that `avahi_nss_support ()' can # return a sensible value. export LD_LIBRARY_PATH="${config.system.nssModules.path}" - mkdir -p /var/run/avahi-daemon - - exec ${avahi}/sbin/avahi-daemon --syslog -f "${avahiDaemonConf}" + exec ${pkgs.avahi}/sbin/avahi-daemon --syslog -f "${avahiDaemonConf}" ''; }; services.dbus.enable = true; - services.dbus.packages = [avahi]; + services.dbus.packages = [ pkgs.avahi ]; # Enabling Avahi without exposing it in the firewall doesn't make # sense. diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 69c76cf97cfd..0fe25b66da08 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -247,6 +247,8 @@ in wantedBy = [ "multi-user.target" ]; wants = [ "cups.service" "avahi-daemon.service" ]; + bindsTo = [ "cups.service" "avahi-daemon.service" ]; + partOf = [ "cups.service" "avahi-daemon.service" ]; after = [ "cups.service" "avahi-daemon.service" ]; path = [ cups ];