liminix/modules/hostapd/service.nix

{
  liminix
, svc
, hostapd
, output-template
, writeText
, lib
}:
{ interface, params} :
let
  inherit (liminix.services) longrun;
  inherit (lib) concatStringsSep mapAttrsToList;

  # This is not a friendly interface to configuring a wireless AP: it
  # just passes everything straight through to the hostapd config.
  # When we've worked out what the sensible options are to expose,
  # we'll add them as top-level attributes and rename params to
  # extraParams

  name = "${interface.name}.hostapd";
  defaults =  {
    driver = "nl80211";
    logger_syslog = "-1";
    logger_syslog_level = 1;
    ctrl_interface = "/run/${name}";
    ctrl_interface_group = 0;
  };
  attrs = defaults // params ;
  literal_or_output = o: ({
    string = builtins.toJSON;
    int = builtins.toJSON;
    set = (o: "output(${builtins.toJSON o.service}, ${builtins.toJSON o.path})");
  }.${builtins.typeOf o}) o;
  format_value = n : v:
    "${n}={{ ${literal_or_output v} }}";
  conf =
    (writeText "hostapd.conf.in"
      ((concatStringsSep
        "\n"
        (mapAttrsToList
          format_value
          attrs)) + "\n"));
  service = longrun {
    inherit name;
    dependencies = [ interface ];
    run = ''
      mkdir -p /run/${name}
      chmod 0700 /run/${name}
      ${output-template}/bin/output-template '{{' '}}'  < ${conf}  > /run/${name}/hostapd.conf
      exec ${hostapd}/bin/hostapd -i $(output ${interface} ifname)  -P /run/${name}/hostapd.pid -S /run/${name}/hostapd.conf
    '';
  };
in svc.secrets.subscriber.build {
  watch = {
    service = attrs.wpa_passphrase.service;
    paths = ["wpa_passphrase"];
  };
  inherit service;
  action = "restart-all";
}
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`{`
			`liminix`
add secrets-subscriber service, make hostapd use it 2024-08-15 22:00:41 +00:00			`, svc`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`, hostapd`
first pass at outboard secrets - a module to fetch them with http(s) - a service using templating to consume them - update an example to use it needs service restarts needs other services to use the template mechanism needs tidying up 2024-08-12 21:57:21 +00:00			`, output-template`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`, writeText`
use module-based-service for hostapd 2023-07-16 16:50:06 +00:00			`, lib`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`}:`
update hostapd to "build" syntax 2023-08-05 11:21:18 +00:00			`{ interface, params} :`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`let`
			`inherit (liminix.services) longrun;`
			`inherit (lib) concatStringsSep mapAttrsToList;`
use module-based-service for hostapd 2023-07-16 16:50:06 +00:00
			`# This is not a friendly interface to configuring a wireless AP: it`
			`# just passes everything straight through to the hostapd config.`
			`# When we've worked out what the sensible options are to expose,`
			`# we'll add them as top-level attributes and rename params to`
			`# extraParams`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00
remove interface.device build-time uses can mostly be replaced with interface.name for runtime uses, switch to $(output ${interface} name) 2023-08-27 22:20:58 +00:00			`name = "${interface.name}.hostapd";`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`defaults = {`
			`driver = "nl80211";`
			`logger_syslog = "-1";`
			`logger_syslog_level = 1;`
hostapd set permissions on dir in /run/ 2024-08-14 21:57:02 +00:00			`ctrl_interface = "/run/${name}";`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`ctrl_interface_group = 0;`
			`};`
first pass at outboard secrets - a module to fetch them with http(s) - a service using templating to consume them - update an example to use it needs service restarts needs other services to use the template mechanism needs tidying up 2024-08-12 21:57:21 +00:00			`attrs = defaults // params ;`
hostapd literal_or_output use an attrset for dispatch 2024-08-14 21:56:01 +00:00			`literal_or_output = o: ({`
			`string = builtins.toJSON;`
			`int = builtins.toJSON;`
			`set = (o: "output(${builtins.toJSON o.service}, ${builtins.toJSON o.path})");`
			`}.${builtins.typeOf o}) o;`
first pass at outboard secrets - a module to fetch them with http(s) - a service using templating to consume them - update an example to use it needs service restarts needs other services to use the template mechanism needs tidying up 2024-08-12 21:57:21 +00:00			`format_value = n : v:`
			`"${n}={{ ${literal_or_output v} }}";`
			`conf =`
			`(writeText "hostapd.conf.in"`
			`((concatStringsSep`
			`"\n"`
			`(mapAttrsToList`
			`format_value`
			`attrs)) + "\n"));`
add secrets-subscriber service, make hostapd use it 2024-08-15 22:00:41 +00:00			`service = longrun {`
			`inherit name;`
			`dependencies = [ interface ];`
			`run = ''`
			`mkdir -p /run/${name}`
			`chmod 0700 /run/${name}`
			`${output-template}/bin/output-template '{{' '}}' < ${conf} > /run/${name}/hostapd.conf`
			`exec ${hostapd}/bin/hostapd -i $(output ${interface} ifname) -P /run/${name}/hostapd.pid -S /run/${name}/hostapd.conf`
			`'';`
			`};`
			`in svc.secrets.subscriber.build {`
			`watch = {`
			`service = attrs.wpa_passphrase.service;`
			`paths = ["wpa_passphrase"];`
			`};`
			`inherit service;`
			`action = "restart-all";`
first pass at a hostapd service, rough around the edges 2022-10-01 17:53:20 +00:00			`}`