sslh: added libwrap support + improved nixos module.
This commit is contained in:
parent
1439e72147
commit
cb153cfca3
@ -6,13 +6,13 @@ let
|
||||
cfg = config.services.sslh;
|
||||
configFile = pkgs.writeText "sslh.conf" ''
|
||||
verbose: ${if cfg.verbose then "true" else "false"};
|
||||
foreground: false;
|
||||
foreground: true;
|
||||
inetd: false;
|
||||
numeric: false;
|
||||
transparent: false;
|
||||
timeout: "${toString cfg.timeout}";
|
||||
user: "nobody";
|
||||
pidfile: "/run/sslh.pid";
|
||||
pidfile: "${cfg.pidfile}";
|
||||
|
||||
listen:
|
||||
(
|
||||
@ -50,6 +50,12 @@ in
|
||||
description = "Timeout in seconds.";
|
||||
};
|
||||
|
||||
pidfile = mkOption {
|
||||
type = types.path;
|
||||
default = "/run/sslh.pid";
|
||||
description = "PID file path for sslh daemon.";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = config.networking.hostName;
|
||||
@ -77,7 +83,7 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F ${configFile}";
|
||||
serviceConfig.KillMode = "process";
|
||||
serviceConfig.PIDFile = "/run/sslh.pid";
|
||||
serviceConfig.PIDFile = "${cfg.pidfile}";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, libcap, libconfig, perl }:
|
||||
{ stdenv, fetchurl, libcap, libconfig, perl, tcp_wrappers }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "sslh-${version}";
|
||||
@ -11,9 +11,9 @@ stdenv.mkDerivation rec {
|
||||
|
||||
postPatch = "patchShebangs *.sh";
|
||||
|
||||
buildInputs = [ libcap libconfig perl ];
|
||||
buildInputs = [ libcap libconfig perl tcp_wrappers ];
|
||||
|
||||
makeFlags = "USELIBCAP=1";
|
||||
makeFlags = "USELIBCAP=1 USELIBWRAP=1";
|
||||
|
||||
installFlags = "PREFIX=$(out)";
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user