~aasg/nixexprs

41487b640f220120d83bad03cfe6c2d349aefc40 — Aluísio Augusto Silva Gonçalves 7 days ago 8806388
bird-lg: remove

Moved to dn42.nix along with other dn42 services.
10 files changed, 0 insertions(+), 313 deletions(-)

M modules/default.nix
D modules/services/networking/monitoring/bird-lg-config.py
D modules/services/networking/monitoring/bird-lg.nix
D patches/bird-lg/default.nix
M patches/manifest.nix
M patches/overlay.nix
M pkgs/manifest.nix
M pkgs/overlay.nix
D pkgs/servers/monitoring/bird-lg/default.nix
D pkgs/servers/monitoring/bird-lg/run-wsgi.sh
M modules/default.nix => modules/default.nix +0 -1
@@ 1,5 1,4 @@
{
  bird-lg = ./services/networking/monitoring/bird-lg.nix;
  dma = ./programs/dma.nix;
  dyndnsc = ./services/networking/dyndnsc.nix;
  ipfs-cluster = ./services/cluster/ipfs-cluster.nix;

D modules/services/networking/monitoring/bird-lg-config.py => modules/services/networking/monitoring/bird-lg-config.py +0 -44
@@ 1,44 0,0 @@
# Put everything inside a function to avoid polluting the script's
# global namespace.
def _config_loader_main():
    """ Loads bird-lg and gunicorn config files. """
    import os

    def log_to_syslog():
        """ Configures the logging module to log everything to syslog. """
        from logging.config import dictConfig
        import socket

        dictConfig(
            {
                "version": 1,
                "formatters": {"msgonly": {"format": "%(message)s"}},
                "handlers": {
                    "syslog": {
                        "class": "logging.handlers.SysLogHandler",
                        "formatter": "msgonly",
                        "address": "/dev/log",
                        "socktype": socket.SOCK_DGRAM,
                    }
                },
                "root": {"handlers": ["syslog"]},
            }
        )

    def load_config_files():
        """ Loads JSON config files specified in the BIRD_LG_CONFIG_FILES environment variable. """
        import json

        for filename in os.environ["BIRD_LG_CONFIG_FILES"].split(os.pathsep):
            with open(filename, "r") as file:
                config = json.load(file)
                globals().update(config)

    if os.environ.get("BIRD_LG_SYSLOG"):
        log_to_syslog()
    if os.environ.get("BIRD_LG_CONFIG_FILES"):
        load_config_files()


_config_loader_main()
del _config_loader_main

D modules/services/networking/monitoring/bird-lg.nix => modules/services/networking/monitoring/bird-lg.nix +0 -175
@@ 1,175 0,0 @@
{ config, lib, pkgs, ... }:
let
  inherit (lib) concatStringsSep mkDefault mkEnableOption mkIf mkOption types;
  settingsFormat = pkgs.formats.json { };

  cfg = config.services.bird-lg;
in
{

  options = {
    services.bird-lg.server = {
      enable = mkEnableOption "BIRD looking glass server";

      logToSyslog = mkOption {
        description = "Whether to log to journald via syslog instead of writing to stderr.";
        type = types.bool;
        default = true;
      };

      appSettings = mkOption {
        description = "Configuration for bird-lg's server.";
        type = settingsFormat.type;
        default = { };
      };

      gunicornSettings = mkOption {
        description = "Configuration for the Gunicorn instance running bird-lg's server.";
        type = settingsFormat.type;
        default = { };
      };

      extraConfigFiles = mkOption {
        description = "Extra JSON files containing configuration, for example secrets.";
        type = types.listOf types.path;
        default = [ ];
      };
    };

    services.bird-lg.client = {
      enable = mkEnableOption "BIRD looking glass client proxy";

      logToSyslog = mkOption {
        description = "Whether to log to journald via syslog instead of writing to stderr.";
        type = types.bool;
        default = true;
      };

      appSettings = mkOption {
        description = "Configuration for bird-lg's client proxy.";
        type = settingsFormat.type;
        default = { };
      };

      gunicornSettings = mkOption {
        description = "Configuration for the Gunicorn instance running bird-lg's client proxy.";
        type = settingsFormat.type;
        default = { };
      };

      extraConfigFiles = mkOption {
        description = "Extra JSON files containing configuration, for example secrets.";
        type = types.listOf types.path;
        default = [ ];
      };
    };
  };

  config = {

    ################
    # Server setup #
    ################

    services.bird-lg.server.appSettings = {
      DEBUG = mkDefault true;
      LOG_LEVEL = mkDefault "WARNING";
      PROXY = mkDefault { };
      PROXY_TIMEOUT = mkDefault {
        bird = 10;
        traceroute = 60;
      };
      UNIFIED_DAEMON = mkDefault true;
    };

    services.bird-lg.server.gunicornSettings = mkIf cfg.server.logToSyslog {
      errorlog = mkDefault "/dev/null";
      syslog = mkDefault true;
      syslog_addr = mkDefault "unix:///dev/log";
    };

    systemd.services.bird-lg-server = mkIf cfg.server.enable {
      description = "BIRD looking glass web server";
      requires = [ "network-online.target" ];
      after = [ "bird.service" "bird6.service" "bird2.service" "network-online.target" ];
      wantedBy = [ "multi-user.target" ];
      environment = {
        BIRD_LG_CONFIG = ./bird-lg-config.py;
        BIRD_LG_CONFIG_FILES = concatStringsSep ":" ([
          (settingsFormat.generate "bird-lg-gunicorn.json" cfg.server.gunicornSettings)
          (settingsFormat.generate "bird-lg.json" cfg.server.appSettings)
        ] ++ cfg.server.extraConfigFiles);
        BIRD_LG_SYSLOG = toString cfg.server.logToSyslog;
      };
      serviceConfig = {
        Type = "simple";
        ExecStart = "${pkgs.bird-lg}/bin/bird-lg-webservice --config=\${BIRD_LG_CONFIG}";
        Restart = "on-failure";

        DynamicUser = true;
        NoNewPrivileges = true;
        ProtectSystem = "strict";
        ProtectHome = true;
        ProtectKernelLogs = true;
        ProtectKernelModules = true;
        ProtectKernelTunables = true;
        ProtectControlGroups = true;
        PrivateDevices = true;
        PrivateTmp = true;
        DevicePolicy = "closed";
        MemoryDenyWriteExecute = true;
      };
    };

    ######################
    # Client proxy setup #
    ######################

    services.bird-lg.client.appSettings = {
      DEBUG = mkDefault false;
      LOG_LEVEL = mkDefault "WARNING";
      BIRD_SOCKET = mkDefault "/run/bird.ctl";
      BIRD6_SOCKET = mkDefault "/run/bird6.ctl";
    };

    services.bird-lg.client.gunicornSettings = mkIf cfg.client.logToSyslog {
      errorlog = mkDefault "/dev/null";
      syslog = mkDefault true;
      syslog_addr = mkDefault "unix:///dev/log#dgram";
    };

    systemd.services.bird-lg-client = mkIf cfg.client.enable {
      description = "BIRD looking glass client proxy";
      requires = [ "network-online.target" ];
      after = [ "bird.service" "bird6.service" "bird2.service" "network-online.target" ];
      wantedBy = [ "multi-user.target" ];
      environment = {
        BIRD_LG_CONFIG = ./bird-lg-config.py;
        BIRD_LG_CONFIG_FILES = concatStringsSep ":" ([
          (settingsFormat.generate "bird-lgproxy-gunicorn.json" cfg.client.gunicornSettings)
          (settingsFormat.generate "bird-lgproxy.json" cfg.client.appSettings)
        ] ++ cfg.client.extraConfigFiles);
        BIRD_LG_SYSLOG = toString cfg.client.logToSyslog;
      };
      serviceConfig = {
        Type = "simple";
        ExecStart = "${pkgs.bird-lg}/bin/bird-lg-proxy --config=\${BIRD_LG_CONFIG}";
        Restart = "on-failure";

        DynamicUser = true;
        NoNewPrivileges = true;
        ProtectSystem = "strict";
        ProtectHome = true;
        ProtectKernelLogs = true;
        ProtectKernelModules = true;
        ProtectKernelTunables = true;
        ProtectControlGroups = true;
        PrivateDevices = true;
        PrivateTmp = true;
        DevicePolicy = "closed";
      };
    };

  };

}

D patches/bird-lg/default.nix => patches/bird-lg/default.nix +0 -17
@@ 1,17 0,0 @@
{ fetchpatch, bird-lg }:

bird-lg.overrideAttrs (oldAttrs: {
  patches = (oldAttrs.patches or [ ]) ++ [
    (fetchpatch {
      name = "bird-lg_dont_configure_log_file.patch";
      url = "https://github.com/AluisioASG/bird-lg/commit/e58112848e7160fb3cb71b5ca674ac3537e12b05.patch";
      sha256 = "0daqkql0a8slqap8pybngm4al96pcki69vai0807vck4gi4paw0z";
    })
  ];

  postPatch = ''
    # Replace the builtin config file with one given through an
    # environment variable.
    sed -i '/app\.config\.from_pyfile/c app.config.from_envvar("BIRD_LG_CONFIG")' lg.py lgproxy.py
  '';
})

M patches/manifest.nix => patches/manifest.nix +0 -1
@@ 1,5 1,4 @@
[
  [ "bird-lg" ]
  [ "haunt" ]
  [ "ipfs-cluster" ]
]

M patches/overlay.nix => patches/overlay.nix +0 -2
@@ 2,8 2,6 @@ final: prev:

{

  bird-lg = final.callPackage ./bird-lg { inherit (prev) bird-lg; };

  haunt = final.callPackage ./haunt { inherit (prev) haunt; };

  ipfs-cluster = final.callPackage ./ipfs-cluster { inherit (prev) ipfs-cluster; };

M pkgs/manifest.nix => pkgs/manifest.nix +0 -1
@@ 1,5 1,4 @@
[
  [ "bird-lg" ]
  [ "dma" ]
  [ "drep" ]
  [ "dyndnsc" ]

M pkgs/overlay.nix => pkgs/overlay.nix +0 -2
@@ 2,8 2,6 @@ final: prev:

{

  bird-lg = final.callPackage ./servers/monitoring/bird-lg { };

  dma = final.callPackage ./tools/networking/dma { };

  drep = final.callPackage ./tools/text/drep {

D pkgs/servers/monitoring/bird-lg/default.nix => pkgs/servers/monitoring/bird-lg/default.nix +0 -65
@@ 1,65 0,0 @@
{ stdenv, fetchFromGitHub, fetchpatch, graphviz, python3, traceroute, whois }:
let
  runtimeDeps = [
    (python3.withPackages (ps: with ps; [
      flask
      dnspython
      gunicorn
      pydot
      memcached
    ]))
    graphviz
    whois
    traceroute
  ];
in
stdenv.mkDerivation rec {
  pname = "bird-lg-burble";
  version = "2020-05-20-unstable";

  src = fetchFromGitHub {
    owner = "sesa-me";
    repo = "bird-lg";
    rev = "f3699a3b61f2d9f77cb17fb163bcf3c3ad722835"; # refs/head/burble-clean
    sha256 = "0gisi6mbfclw36kms3qy3b0wzcwdkd50p2a6xdwggln4fi5y6bh1";
  };

  patches = [
    (fetchpatch {
      name = "fix-bgpmap-generation.patch";
      url = "https://github.com/sesa-me/bird-lg/commit/db8fb829d51889fab61bfb5ffac89199442d3117.patch";
      sha256 = "1vwr7ck5v7w4fr78kbc4wxyj3licsw7h0772xkmmxsb8vp9vcihg";
    })
  ];

  WRAPPER_PATH = stdenv.lib.makeBinPath runtimeDeps;
  WRAPPER_PYTHONPATH = placeholder "out";

  installPhase = ''
    function wrapWSGI {
      set -e
      substitute ${./run-wsgi.sh} "$2" \
        --subst-var shell \
        --subst-var WRAPPER_PATH \
        --subst-var WRAPPER_PYTHONPATH \
        --subst-var-by SCRIPT "$1"
      chmod +x "$2"
    }

    runHook preInstall
    mkdir -p $out $out/bin
    cp -r * $out
    touch $out/__init__.py
    wrapWSGI lg:app $out/bin/bird-lg-webservice
    wrapWSGI lgproxy:app $out/bin/bird-lg-proxy
    runHook postInstall
  '';

  meta = with stdenv.lib; {
    description = "Looking glass for the BIRD Internet Routing Daemon";
    homepage = "https://github.com/sesa-me/bird-lg";
    license = licenses.gpl3Only;
    platforms = platforms.unix;
    maintainers = with maintainers; [ AluisioASG ];
  };
}

D pkgs/servers/monitoring/bird-lg/run-wsgi.sh => pkgs/servers/monitoring/bird-lg/run-wsgi.sh +0 -5
@@ 1,5 0,0 @@
#!@shell@
PATH=@WRAPPER_PATH@
PYTHONPATH=@WRAPPER_PYTHONPATH@
export PATH PYTHONPATH
exec python -m gunicorn.app.wsgiapp @SCRIPT@ "$@"