sslh: added libwrap support + improved nixos module.
This commit is contained in:
parent
1439e72147
commit
cb153cfca3
@ -6,13 +6,13 @@ let
|
|||||||
cfg = config.services.sslh;
|
cfg = config.services.sslh;
|
||||||
configFile = pkgs.writeText "sslh.conf" ''
|
configFile = pkgs.writeText "sslh.conf" ''
|
||||||
verbose: ${if cfg.verbose then "true" else "false"};
|
verbose: ${if cfg.verbose then "true" else "false"};
|
||||||
foreground: false;
|
foreground: true;
|
||||||
inetd: false;
|
inetd: false;
|
||||||
numeric: false;
|
numeric: false;
|
||||||
transparent: false;
|
transparent: false;
|
||||||
timeout: "${toString cfg.timeout}";
|
timeout: "${toString cfg.timeout}";
|
||||||
user: "nobody";
|
user: "nobody";
|
||||||
pidfile: "/run/sslh.pid";
|
pidfile: "${cfg.pidfile}";
|
||||||
|
|
||||||
listen:
|
listen:
|
||||||
(
|
(
|
||||||
@ -50,6 +50,12 @@ in
|
|||||||
description = "Timeout in seconds.";
|
description = "Timeout in seconds.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
pidfile = mkOption {
|
||||||
|
type = types.path;
|
||||||
|
default = "/run/sslh.pid";
|
||||||
|
description = "PID file path for sslh daemon.";
|
||||||
|
};
|
||||||
|
|
||||||
host = mkOption {
|
host = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = config.networking.hostName;
|
default = config.networking.hostName;
|
||||||
@ -77,7 +83,7 @@ in
|
|||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F ${configFile}";
|
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F ${configFile}";
|
||||||
serviceConfig.KillMode = "process";
|
serviceConfig.KillMode = "process";
|
||||||
serviceConfig.PIDFile = "/run/sslh.pid";
|
serviceConfig.PIDFile = "${cfg.pidfile}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ stdenv, fetchurl, libcap, libconfig, perl }:
|
{ stdenv, fetchurl, libcap, libconfig, perl, tcp_wrappers }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "sslh-${version}";
|
name = "sslh-${version}";
|
||||||
@ -11,9 +11,9 @@ stdenv.mkDerivation rec {
|
|||||||
|
|
||||||
postPatch = "patchShebangs *.sh";
|
postPatch = "patchShebangs *.sh";
|
||||||
|
|
||||||
buildInputs = [ libcap libconfig perl ];
|
buildInputs = [ libcap libconfig perl tcp_wrappers ];
|
||||||
|
|
||||||
makeFlags = "USELIBCAP=1";
|
makeFlags = "USELIBCAP=1 USELIBWRAP=1";
|
||||||
|
|
||||||
installFlags = "PREFIX=$(out)";
|
installFlags = "PREFIX=$(out)";
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user