M modules/default.nix => modules/default.nix +0 -1
@@ 1,5 1,4 @@
{
- bird-lg = ./services/networking/monitoring/bird-lg.nix;
dma = ./programs/dma.nix;
dyndnsc = ./services/networking/dyndnsc.nix;
ipfs-cluster = ./services/cluster/ipfs-cluster.nix;
D modules/services/networking/monitoring/bird-lg-config.py => modules/services/networking/monitoring/bird-lg-config.py +0 -44
@@ 1,44 0,0 @@
-# Put everything inside a function to avoid polluting the script's
-# global namespace.
-def _config_loader_main():
- """ Loads bird-lg and gunicorn config files. """
- import os
-
- def log_to_syslog():
- """ Configures the logging module to log everything to syslog. """
- from logging.config import dictConfig
- import socket
-
- dictConfig(
- {
- "version": 1,
- "formatters": {"msgonly": {"format": "%(message)s"}},
- "handlers": {
- "syslog": {
- "class": "logging.handlers.SysLogHandler",
- "formatter": "msgonly",
- "address": "/dev/log",
- "socktype": socket.SOCK_DGRAM,
- }
- },
- "root": {"handlers": ["syslog"]},
- }
- )
-
- def load_config_files():
- """ Loads JSON config files specified in the BIRD_LG_CONFIG_FILES environment variable. """
- import json
-
- for filename in os.environ["BIRD_LG_CONFIG_FILES"].split(os.pathsep):
- with open(filename, "r") as file:
- config = json.load(file)
- globals().update(config)
-
- if os.environ.get("BIRD_LG_SYSLOG"):
- log_to_syslog()
- if os.environ.get("BIRD_LG_CONFIG_FILES"):
- load_config_files()
-
-
-_config_loader_main()
-del _config_loader_main
D modules/services/networking/monitoring/bird-lg.nix => modules/services/networking/monitoring/bird-lg.nix +0 -175
@@ 1,175 0,0 @@
-{ config, lib, pkgs, ... }:
-let
- inherit (lib) concatStringsSep mkDefault mkEnableOption mkIf mkOption types;
- settingsFormat = pkgs.formats.json { };
-
- cfg = config.services.bird-lg;
-in
-{
-
- options = {
- services.bird-lg.server = {
- enable = mkEnableOption "BIRD looking glass server";
-
- logToSyslog = mkOption {
- description = "Whether to log to journald via syslog instead of writing to stderr.";
- type = types.bool;
- default = true;
- };
-
- appSettings = mkOption {
- description = "Configuration for bird-lg's server.";
- type = settingsFormat.type;
- default = { };
- };
-
- gunicornSettings = mkOption {
- description = "Configuration for the Gunicorn instance running bird-lg's server.";
- type = settingsFormat.type;
- default = { };
- };
-
- extraConfigFiles = mkOption {
- description = "Extra JSON files containing configuration, for example secrets.";
- type = types.listOf types.path;
- default = [ ];
- };
- };
-
- services.bird-lg.client = {
- enable = mkEnableOption "BIRD looking glass client proxy";
-
- logToSyslog = mkOption {
- description = "Whether to log to journald via syslog instead of writing to stderr.";
- type = types.bool;
- default = true;
- };
-
- appSettings = mkOption {
- description = "Configuration for bird-lg's client proxy.";
- type = settingsFormat.type;
- default = { };
- };
-
- gunicornSettings = mkOption {
- description = "Configuration for the Gunicorn instance running bird-lg's client proxy.";
- type = settingsFormat.type;
- default = { };
- };
-
- extraConfigFiles = mkOption {
- description = "Extra JSON files containing configuration, for example secrets.";
- type = types.listOf types.path;
- default = [ ];
- };
- };
- };
-
- config = {
-
- ################
- # Server setup #
- ################
-
- services.bird-lg.server.appSettings = {
- DEBUG = mkDefault true;
- LOG_LEVEL = mkDefault "WARNING";
- PROXY = mkDefault { };
- PROXY_TIMEOUT = mkDefault {
- bird = 10;
- traceroute = 60;
- };
- UNIFIED_DAEMON = mkDefault true;
- };
-
- services.bird-lg.server.gunicornSettings = mkIf cfg.server.logToSyslog {
- errorlog = mkDefault "/dev/null";
- syslog = mkDefault true;
- syslog_addr = mkDefault "unix:///dev/log";
- };
-
- systemd.services.bird-lg-server = mkIf cfg.server.enable {
- description = "BIRD looking glass web server";
- requires = [ "network-online.target" ];
- after = [ "bird.service" "bird6.service" "bird2.service" "network-online.target" ];
- wantedBy = [ "multi-user.target" ];
- environment = {
- BIRD_LG_CONFIG = ./bird-lg-config.py;
- BIRD_LG_CONFIG_FILES = concatStringsSep ":" ([
- (settingsFormat.generate "bird-lg-gunicorn.json" cfg.server.gunicornSettings)
- (settingsFormat.generate "bird-lg.json" cfg.server.appSettings)
- ] ++ cfg.server.extraConfigFiles);
- BIRD_LG_SYSLOG = toString cfg.server.logToSyslog;
- };
- serviceConfig = {
- Type = "simple";
- ExecStart = "${pkgs.bird-lg}/bin/bird-lg-webservice --config=\${BIRD_LG_CONFIG}";
- Restart = "on-failure";
-
- DynamicUser = true;
- NoNewPrivileges = true;
- ProtectSystem = "strict";
- ProtectHome = true;
- ProtectKernelLogs = true;
- ProtectKernelModules = true;
- ProtectKernelTunables = true;
- ProtectControlGroups = true;
- PrivateDevices = true;
- PrivateTmp = true;
- DevicePolicy = "closed";
- MemoryDenyWriteExecute = true;
- };
- };
-
- ######################
- # Client proxy setup #
- ######################
-
- services.bird-lg.client.appSettings = {
- DEBUG = mkDefault false;
- LOG_LEVEL = mkDefault "WARNING";
- BIRD_SOCKET = mkDefault "/run/bird.ctl";
- BIRD6_SOCKET = mkDefault "/run/bird6.ctl";
- };
-
- services.bird-lg.client.gunicornSettings = mkIf cfg.client.logToSyslog {
- errorlog = mkDefault "/dev/null";
- syslog = mkDefault true;
- syslog_addr = mkDefault "unix:///dev/log#dgram";
- };
-
- systemd.services.bird-lg-client = mkIf cfg.client.enable {
- description = "BIRD looking glass client proxy";
- requires = [ "network-online.target" ];
- after = [ "bird.service" "bird6.service" "bird2.service" "network-online.target" ];
- wantedBy = [ "multi-user.target" ];
- environment = {
- BIRD_LG_CONFIG = ./bird-lg-config.py;
- BIRD_LG_CONFIG_FILES = concatStringsSep ":" ([
- (settingsFormat.generate "bird-lgproxy-gunicorn.json" cfg.client.gunicornSettings)
- (settingsFormat.generate "bird-lgproxy.json" cfg.client.appSettings)
- ] ++ cfg.client.extraConfigFiles);
- BIRD_LG_SYSLOG = toString cfg.client.logToSyslog;
- };
- serviceConfig = {
- Type = "simple";
- ExecStart = "${pkgs.bird-lg}/bin/bird-lg-proxy --config=\${BIRD_LG_CONFIG}";
- Restart = "on-failure";
-
- DynamicUser = true;
- NoNewPrivileges = true;
- ProtectSystem = "strict";
- ProtectHome = true;
- ProtectKernelLogs = true;
- ProtectKernelModules = true;
- ProtectKernelTunables = true;
- ProtectControlGroups = true;
- PrivateDevices = true;
- PrivateTmp = true;
- DevicePolicy = "closed";
- };
- };
-
- };
-
-}
D patches/bird-lg/default.nix => patches/bird-lg/default.nix +0 -17
@@ 1,17 0,0 @@
-{ fetchpatch, bird-lg }:
-
-bird-lg.overrideAttrs (oldAttrs: {
- patches = (oldAttrs.patches or [ ]) ++ [
- (fetchpatch {
- name = "bird-lg_dont_configure_log_file.patch";
- url = "https://github.com/AluisioASG/bird-lg/commit/e58112848e7160fb3cb71b5ca674ac3537e12b05.patch";
- sha256 = "0daqkql0a8slqap8pybngm4al96pcki69vai0807vck4gi4paw0z";
- })
- ];
-
- postPatch = ''
- # Replace the builtin config file with one given through an
- # environment variable.
- sed -i '/app\.config\.from_pyfile/c app.config.from_envvar("BIRD_LG_CONFIG")' lg.py lgproxy.py
- '';
-})
M patches/manifest.nix => patches/manifest.nix +0 -1
@@ 1,5 1,4 @@
[
- [ "bird-lg" ]
[ "haunt" ]
[ "ipfs-cluster" ]
]
M patches/overlay.nix => patches/overlay.nix +0 -2
@@ 2,8 2,6 @@ final: prev:
{
- bird-lg = final.callPackage ./bird-lg { inherit (prev) bird-lg; };
-
haunt = final.callPackage ./haunt { inherit (prev) haunt; };
ipfs-cluster = final.callPackage ./ipfs-cluster { inherit (prev) ipfs-cluster; };
M pkgs/manifest.nix => pkgs/manifest.nix +0 -1
@@ 1,5 1,4 @@
[
- [ "bird-lg" ]
[ "dma" ]
[ "drep" ]
[ "dyndnsc" ]
M pkgs/overlay.nix => pkgs/overlay.nix +0 -2
@@ 2,8 2,6 @@ final: prev:
{
- bird-lg = final.callPackage ./servers/monitoring/bird-lg { };
-
dma = final.callPackage ./tools/networking/dma { };
drep = final.callPackage ./tools/text/drep {
D pkgs/servers/monitoring/bird-lg/default.nix => pkgs/servers/monitoring/bird-lg/default.nix +0 -65
@@ 1,65 0,0 @@
-{ stdenv, fetchFromGitHub, fetchpatch, graphviz, python3, traceroute, whois }:
-let
- runtimeDeps = [
- (python3.withPackages (ps: with ps; [
- flask
- dnspython
- gunicorn
- pydot
- memcached
- ]))
- graphviz
- whois
- traceroute
- ];
-in
-stdenv.mkDerivation rec {
- pname = "bird-lg-burble";
- version = "2020-05-20-unstable";
-
- src = fetchFromGitHub {
- owner = "sesa-me";
- repo = "bird-lg";
- rev = "f3699a3b61f2d9f77cb17fb163bcf3c3ad722835"; # refs/head/burble-clean
- sha256 = "0gisi6mbfclw36kms3qy3b0wzcwdkd50p2a6xdwggln4fi5y6bh1";
- };
-
- patches = [
- (fetchpatch {
- name = "fix-bgpmap-generation.patch";
- url = "https://github.com/sesa-me/bird-lg/commit/db8fb829d51889fab61bfb5ffac89199442d3117.patch";
- sha256 = "1vwr7ck5v7w4fr78kbc4wxyj3licsw7h0772xkmmxsb8vp9vcihg";
- })
- ];
-
- WRAPPER_PATH = stdenv.lib.makeBinPath runtimeDeps;
- WRAPPER_PYTHONPATH = placeholder "out";
-
- installPhase = ''
- function wrapWSGI {
- set -e
- substitute ${./run-wsgi.sh} "$2" \
- --subst-var shell \
- --subst-var WRAPPER_PATH \
- --subst-var WRAPPER_PYTHONPATH \
- --subst-var-by SCRIPT "$1"
- chmod +x "$2"
- }
-
- runHook preInstall
- mkdir -p $out $out/bin
- cp -r * $out
- touch $out/__init__.py
- wrapWSGI lg:app $out/bin/bird-lg-webservice
- wrapWSGI lgproxy:app $out/bin/bird-lg-proxy
- runHook postInstall
- '';
-
- meta = with stdenv.lib; {
- description = "Looking glass for the BIRD Internet Routing Daemon";
- homepage = "https://github.com/sesa-me/bird-lg";
- license = licenses.gpl3Only;
- platforms = platforms.unix;
- maintainers = with maintainers; [ AluisioASG ];
- };
-}
D pkgs/servers/monitoring/bird-lg/run-wsgi.sh => pkgs/servers/monitoring/bird-lg/run-wsgi.sh +0 -5
@@ 1,5 0,0 @@
-#!@shell@
-PATH=@WRAPPER_PATH@
-PYTHONPATH=@WRAPPER_PYTHONPATH@
-export PATH PYTHONPATH
-exec python -m gunicorn.app.wsgiapp @SCRIPT@ "$@"