From 091d8637108df06b11a06928984734bcd5ca66b8 Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Wed, 4 Sep 2024 00:12:26 +0100 Subject: [PATCH] extract pppoe/l2tp common code --- modules/ppp/common.nix | 83 ++++++++++++++++++++++++++++++++++++++++++ modules/ppp/l2tp.nix | 74 ++++--------------------------------- modules/ppp/pppoe.nix | 76 ++++---------------------------------- 3 files changed, 99 insertions(+), 134 deletions(-) create mode 100644 modules/ppp/common.nix diff --git a/modules/ppp/common.nix b/modules/ppp/common.nix new file mode 100644 index 0000000..33f79ef --- /dev/null +++ b/modules/ppp/common.nix @@ -0,0 +1,83 @@ +{ writeAshScript, liminix, svc, lib, serviceFns, output-template }: +{ + command, + name, + debug +, username, + password, + lcpEcho, + ppp-options, + dependencies ? [] +} : +let + inherit (lib) optional optionals escapeShellArgs concatStringsSep; + inherit (liminix.services) longrun; + inherit (builtins) toJSON toString typeOf; + + ip-up = writeAshScript "ip-up" {} '' + . ${serviceFns} + (in_outputs ${name} + echo $1 > ifname + echo $2 > tty + echo $3 > speed + echo $4 > address + echo $5 > peer-address + echo $DNS1 > ns1 + echo $DNS2 > ns2 + ) + echo >/proc/self/fd/10 + ''; + ip6-up = writeAshScript "ip6-up" {} '' + . ${serviceFns} + (in_outputs ${name} + echo $4 > ipv6-address + echo $5 > ipv6-peer-address + ) + echo >/proc/self/fd/10 + ''; + literal_or_output = + let v = o: ({ + string = toJSON; + int = toJSON; + lambda = (o: "output(${toJSON (o "service")}, ${toJSON (o "path")})"); + }.${typeOf o}) o; + in o: "{{ ${v o} }}"; + + ppp-options' = + ["+ipv6" "noauth"] + ++ optional debug "debug" + ++ optionals (username != null) ["name" (literal_or_output username)] + ++ optionals (password != null) ["password" (literal_or_output password)] + ++ optional lcpEcho.adaptive "lcp-echo-adaptive" + ++ optionals (lcpEcho.interval != null) + ["lcp-echo-interval" (toString lcpEcho.interval)] + ++ optionals (lcpEcho.failure != null) + ["lcp-echo-failure" (toString lcpEcho.failure)] + ++ ppp-options + ++ ["ip-up-script" ip-up + "ipv6-up-script" ip6-up + "ipparam" name + "nodetach" + "usepeerdns" + "nodefaultroute" + "logfd" "2" + ]; + service = longrun { + inherit name; + run = '' + mkdir -p /run/${name} + chmod 0700 /run/${name} + in_outputs ${name} + echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options + ${command} + ''; + notification-fd = 10; + timeout-up = if lcpEcho.failure != null + then (10 + lcpEcho.failure * lcpEcho.interval) * 1000 + else 60 * 1000; + inherit dependencies; + }; +in svc.secrets.subscriber.build { + watch = [ username password ]; + inherit service; +} diff --git a/modules/ppp/l2tp.nix b/modules/ppp/l2tp.nix index 5f37e8b..d6b71c8 100644 --- a/modules/ppp/l2tp.nix +++ b/modules/ppp/l2tp.nix @@ -7,6 +7,7 @@ writeAshScript, writeText, xl2tpd, + callPackage } : { lns, ppp-options, @@ -16,58 +17,8 @@ debug }: let - inherit (liminix.services) longrun; - inherit (lib) optional optionals escapeShellArgs concatStringsSep; name = "${lns}.l2tp"; - ip-up = writeAshScript "ip-up" {} '' - . ${serviceFns} - (in_outputs ${name} - echo $1 > ifname - echo $2 > tty - echo $3 > speed - echo $4 > address - echo $5 > peer-address - echo $DNS1 > ns1 - echo $DNS2 > ns2 - ) - echo >/proc/self/fd/10 - ''; - ip6-up = writeAshScript "ip6-up" {} '' - . ${serviceFns} - (in_outputs ${name} - echo $4 > ipv6-address - echo $5 > ipv6-peer-address - ) - echo >/proc/self/fd/10 - ''; - - literal_or_output = - let v = o: ({ - string = builtins.toJSON; - int = builtins.toJSON; - lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})"); - }.${builtins.typeOf o}) o; - in o: "{{ ${v o} }}"; - - ppp-options' = - ["+ipv6" "noauth"] - ++ optional debug "debug" - ++ optionals (username != null) ["name" (literal_or_output username)] - ++ optionals (password != null) ["password" (literal_or_output password)] - ++ optional lcpEcho.adaptive "lcp-echo-adaptive" - ++ optionals (lcpEcho.interval != null) - ["lcp-echo-interval" (builtins.toString lcpEcho.interval)] - ++ optionals (lcpEcho.failure != null) - ["lcp-echo-failure" (builtins.toString lcpEcho.failure)] - ++ ppp-options - ++ ["ip-up-script" ip-up - "ipv6-up-script" ip6-up - "ipparam" name - "nodetach" - "usepeerdns" - "nodefaultroute" - "logfd" "2" - ]; + common = callPackage ./common.nix { inherit svc; }; conf = writeText "xl2tpd.conf" '' [lac upstream] @@ -80,19 +31,10 @@ let max redials = 2 # this gives 1 actual retry, as xl2tpd can't count ''; control = "/run/${name}/control"; - service = longrun { - inherit name; - run = '' - mkdir -p /run/${name} - chmod 0700 /run/${name} - touch ${control} - in_outputs ${name} - echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options - exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} - ''; - notification-fd = 10; - }; -in svc.secrets.subscriber.build { - watch = [ username password ]; - inherit service; +in common { + inherit name debug username password lcpEcho ppp-options; + command = '' + touch ${control} + exec ${xl2tpd}/bin/xl2tpd -D -p /run/${name}/${name}.pid -c ${conf} -C ${control} + ''; } diff --git a/modules/ppp/pppoe.nix b/modules/ppp/pppoe.nix index d966927..61957b9 100644 --- a/modules/ppp/pppoe.nix +++ b/modules/ppp/pppoe.nix @@ -7,6 +7,7 @@ serviceFns, svc, writeAshScript, + callPackage } : { interface, ppp-options, @@ -16,75 +17,14 @@ debug }: let - inherit (liminix.services) longrun; - inherit (lib) optional optionals escapeShellArgs concatStringsSep; name = "${interface.name}.pppoe"; - ip-up = writeAshScript "ip-up" {} '' - . ${serviceFns} - (in_outputs ${name} - echo $1 > ifname - echo $2 > tty - echo $3 > speed - echo $4 > address - echo $5 > peer-address - echo $DNS1 > ns1 - echo $DNS2 > ns2 - ) - echo >/proc/self/fd/10 - ''; - ip6-up = writeAshScript "ip6-up" {} '' - . ${serviceFns} - (in_outputs ${name} - echo $4 > ipv6-address - echo $5 > ipv6-peer-address - ) - echo >/proc/self/fd/10 - ''; + common = callPackage ./common.nix { inherit svc; }; - literal_or_output = - let v = o: ({ - string = builtins.toJSON; - int = builtins.toJSON; - lambda = (o: "output(${builtins.toJSON (o "service")}, ${builtins.toJSON (o "path")})"); - }.${builtins.typeOf o}) o; - in o: "{{ ${v o} }}"; - - ppp-options' = - ["+ipv6" "noauth"] - ++ optional debug "debug" - ++ optionals (username != null) ["name" (literal_or_output username)] - ++ optionals (password != null) ["password" (literal_or_output password)] - ++ optional lcpEcho.adaptive "lcp-echo-adaptive" - ++ optionals (lcpEcho.interval != null) - ["lcp-echo-interval" (builtins.toString lcpEcho.interval)] - ++ optionals (lcpEcho.failure != null) - ["lcp-echo-failure" (builtins.toString lcpEcho.failure)] - ++ ppp-options - ++ ["ip-up-script" ip-up - "ipv6-up-script" ip6-up - "ipparam" name - "nodetach" - "usepeerdns" - "nodefaultroute" - "logfd" "2" - ]; timeoutOpt = if lcpEcho.interval != null then "-T ${builtins.toString (4 * lcpEcho.interval)}" else ""; - service = longrun { - inherit name; - run = '' - mkdir -p /run/${name} - chmod 0700 /run/${name} - in_outputs ${name} - echo ${escapeShellArgs ppp-options'} | ${output-template}/bin/output-template '{{' '}}' > /run/${name}/ppp-options - exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/ppp-options - ''; - notification-fd = 10; - timeout-up = if lcpEcho.failure != null - then (10 + lcpEcho.failure * lcpEcho.interval) * 1000 - else 60 * 1000; - dependencies = [ interface ]; - }; -in svc.secrets.subscriber.build { - watch = [ username password ]; - inherit service; +in common { + inherit name debug username password lcpEcho ppp-options; + command = '' + exec ${ppp}/bin/pppd pty "${pppoe}/bin/pppoe ${timeoutOpt} -I $(output ${interface} ifname)" file /run/${name}/ppp-options + ''; + dependencies = [ interface ]; }