stockholm/krebs/4lib/types.nix

226 lines
5.5 KiB
Nix
Raw Normal View History

2015-07-24 10:23:52 +00:00
{ lib, ... }:
with builtins;
2015-07-24 10:23:52 +00:00
with lib;
with types;
types // rec {
host = submodule ({ config, ... }: {
2015-07-24 10:23:52 +00:00
options = {
name = mkOption {
type = label;
default = config._module.args.name;
2015-07-24 10:23:52 +00:00
};
cores = mkOption {
type = positive;
};
nets = mkOption {
type = attrsOf net;
default = {};
2015-07-24 10:23:52 +00:00
};
2015-08-13 10:03:59 +00:00
2015-08-13 20:28:21 +00:00
extraZones = mkOption {
default = {};
# TODO: string is either MX, NS, A or AAAA
type = with types; attrsOf string;
};
2015-09-26 22:22:50 +00:00
infest = {
addr = mkOption {
type = str;
apply = trace "Obsolete option `krebs.hosts.${config.name}.infest.addr' is used. It was replaced by the `target' argument to `make` or `get`. See Makefile for more information.";
2015-09-26 22:22:50 +00:00
};
port = mkOption {
type = int;
default = 22;
# TODO replacement: allow target with port, SSH-style: [lol]:666
apply = trace "Obsolete option `krebs.hosts.${config.name}.infest.port' is used. It's gone without replacement.";
2015-09-26 22:22:50 +00:00
};
};
2015-08-13 20:28:21 +00:00
2015-07-24 16:36:16 +00:00
secure = mkOption {
type = bool;
default = false;
description = ''
If true, then the host is capable of keeping secret information.
TODO define minimum requirements for secure hosts
'';
};
ssh.pubkey = mkOption {
type = nullOr str;
default = null;
apply = x:
if x != null
then x
else trace "The option `krebs.hosts.${config.name}.ssh.pubkey' is unused." null;
};
ssh.privkey = mkOption {
type = nullOr (submodule {
options = {
bits = mkOption {
type = nullOr (enum ["4096"]);
default = null;
};
path = mkOption {
type = either path str;
apply = x: {
path = toString x;
string = x;
}.${typeOf x};
};
type = mkOption {
type = enum ["rsa" "ed25519"];
default = "ed25519";
};
};
});
default = null;
};
2015-07-24 10:23:52 +00:00
};
});
2015-07-24 10:23:52 +00:00
net = submodule ({ config, ... }: {
options = {
via = mkOption {
type = nullOr net;
default = null;
};
addrs = mkOption {
type = listOf addr;
default = config.addrs4 ++ config.addrs6;
# TODO only default addrs make sense
2015-07-24 10:23:52 +00:00
};
addrs4 = mkOption {
type = listOf addr4;
default = [];
};
addrs6 = mkOption {
type = listOf addr6;
default = [];
};
aliases = mkOption {
# TODO nonEmptyListOf hostname
type = listOf hostname;
default = [];
};
ssh = mkOption {
type = submodule {
options = {
port = mkOption {
type = nullOr int;
default = null;
};
};
};
default = {};
2015-07-24 10:23:52 +00:00
};
tinc = mkOption {
type = let net = config; in nullOr (submodule ({ config, ... }: {
2015-07-24 10:23:52 +00:00
options = {
config = mkOption {
type = str;
default = concatStringsSep "\n" (
(optionals (net.via != null)
(map (a: "Address = ${a}") net.via.addrs))
++
(map (a: "Subnet = ${a}") net.addrs)
++
[config.pubkey]
);
2015-07-24 10:23:52 +00:00
};
pubkey = mkOption {
type = str;
};
};
2015-07-27 00:45:03 +00:00
}));
default = null;
2015-07-24 10:23:52 +00:00
};
};
});
positive = mkOptionType {
name = "positive integer";
check = x: isInt x && x > 0;
merge = mergeOneOption;
};
2015-10-09 12:07:29 +00:00
suffixed-str = suffs:
mkOptionType {
name = "string suffixed by ${concatStringsSep ", " suffs}";
check = x: isString x && any (flip hasSuffix x) suffs;
merge = mergeOneOption;
};
user = submodule ({ config, ... }: {
2015-07-24 18:48:00 +00:00
options = {
2015-07-24 23:05:14 +00:00
mail = mkOption {
type = str; # TODO retiolum mail address
};
2015-07-24 18:48:00 +00:00
name = mkOption {
2016-02-06 18:37:14 +00:00
type = username;
default = config._module.args.name;
2015-07-24 18:48:00 +00:00
};
pubkey = mkOption {
type = str;
};
};
});
2015-07-24 18:48:00 +00:00
2015-07-24 10:23:52 +00:00
# TODO
addr = str;
addr4 = str;
addr6 = str;
2015-12-28 18:43:31 +00:00
krebs.file-location = types.submodule {
options = {
# TODO user
host = mkOption {
type = host;
};
# TODO merge with ssl.privkey.path
path = mkOption {
type = types.either types.path types.str;
apply = x: {
path = toString x;
string = x;
}.${typeOf x};
};
};
};
2016-02-06 18:37:14 +00:00
# RFC952, B. Lexical grammar, <hname>
hostname = mkOptionType {
name = "hostname";
check = x: all label.check (splitString "." x);
merge = mergeOneOption;
};
# RFC952, B. Lexical grammar, <name>
# RFC1123, 2.1 Host Names and Numbers
label = mkOptionType {
name = "label";
# TODO case-insensitive labels
check = x: match "[0-9A-Za-z]([0-9A-Za-z-]*[0-9A-Za-z])?" x != null;
merge = mergeOneOption;
};
2016-02-06 18:37:14 +00:00
# POSIX.12013, 3.278 Portable Filename Character Set
filename = mkOptionType {
name = "POSIX filename";
check = let
filename-chars = stringToCharacters
"-.0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
in s: all (flip elem filename-chars) (stringToCharacters s);
merge = mergeOneOption;
};
# POSIX.1-2013, 3.431 User Name
username = mkOptionType {
name = "POSIX username";
check = s: filename.check s && substring 0 1 s != "-";
};
2015-07-24 10:23:52 +00:00
}