927aaecbcb
When iodined tries to start before any interface other than loopback has an ip, iodined fails. Wait for ip-up.target The above is because of the following: in iodined's code: src/common.c line 157 the flag AI_ADDRCONFIG is passed as a flag to getaddrinfo. Iodine uses the function get_addr(char *host, int port, int addr_family, int flags, struct sockaddr_storage *out); to get address information via getaddrinfo(). Within get_addr, the flag AI_ADDRCONFIG is forced. What this flag does, is cause getaddrinfo to return "Name or service not known" as an error explicitly if no ip has been assigned to the computer. see getaddrinfo(3) Wait for an ip before starting iodined.
87 lines
2.0 KiB
Nix
87 lines
2.0 KiB
Nix
# NixOS module for iodine, ip over dns daemon
|
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.iodined;
|
|
|
|
iodinedUser = "iodined";
|
|
|
|
in
|
|
|
|
{
|
|
|
|
### configuration
|
|
|
|
options = {
|
|
|
|
services.iodined = {
|
|
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = "Enable iodine, ip over dns daemon";
|
|
};
|
|
|
|
client = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = "Start iodine in client mode";
|
|
};
|
|
|
|
ip = mkOption {
|
|
type = types.str;
|
|
default = "";
|
|
description = "Assigned ip address or ip range";
|
|
example = "172.16.10.1/24";
|
|
};
|
|
|
|
domain = mkOption {
|
|
type = types.str;
|
|
default = "";
|
|
description = "Domain or subdomain of which nameservers point to us";
|
|
example = "tunnel.mydomain.com";
|
|
};
|
|
|
|
extraConfig = mkOption {
|
|
type = types.str;
|
|
default = "";
|
|
description = "Additional command line parameters";
|
|
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
### implementation
|
|
|
|
config = mkIf cfg.enable {
|
|
environment.systemPackages = [ pkgs.iodine ];
|
|
boot.kernelModules = [ "tun" ];
|
|
|
|
systemd.services.iodined = {
|
|
description = "iodine, ip over dns daemon";
|
|
wantedBy = [ "ip-up.target" ];
|
|
serviceConfig.ExecStart = "${pkgs.iodine}/sbin/iodined -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.ip} ${cfg.domain}";
|
|
};
|
|
|
|
|
|
users.extraUsers = singleton {
|
|
name = iodinedUser;
|
|
uid = config.ids.uids.iodined;
|
|
description = "Iodine daemon user";
|
|
};
|
|
users.extraGroups.iodined.gid = config.ids.gids.iodined;
|
|
|
|
assertions = [{ assertion = if !cfg.client then cfg.ip != "" else true;
|
|
message = "cannot start iodined without ip set";}
|
|
{ assertion = cfg.domain != "";
|
|
message = "cannot start iodined without domain name set";}];
|
|
|
|
};
|
|
|
|
}
|