tobias/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-11-18 13:45:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/services/networking/scion/scion-control.nix
Matthew Croughan d76ad79b4d
nixos/scion: use RuntimeDirectory instead of StateDirectory (#323200) 
It was wrong to use StateDirectory to keep the scion-control and
scion-router runtime databases on disk for the next run. I observed that
doing this means a reboot, or power outage can corrupt the temporary
runtime databases for the next service start, leading scion ping and
other functionality to stop working permanently, since those files are
not managed in an atomic manner by the golang code.
2024-06-28 22:16:36 +02:00

70 lines
1.9 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.scion.scion-control;
toml = pkgs.formats.toml { };
defaultConfig = {
general = {
id = "cs";
config_dir = "/etc/scion";
reconnect_to_dispatcher = true;
};
beacon_db = {
connection = "/run/scion-control/control.beacon.db";
};
path_db = {
connection = "/run/scion-control/control.path.db";
};
trust_db = {
connection = "/run/scion-control/control.trust.db";
};
log.console = {
level = "info";
};
};
configFile = toml.generate "scion-control.toml" (recursiveUpdate defaultConfig cfg.settings);
in
{
options.services.scion.scion-control = {
enable = mkEnableOption "the scion-control service";
settings = mkOption {
default = { };
type = toml.type;
example = literalExpression ''
{
path_db = {
connection = "/run/scion-control/control.path.db";
};
log.console = {
level = "info";
};
}
'';
description = ''
scion-control configuration. Refer to
<https://docs.scion.org/en/latest/manuals/common.html>
for details on supported values.
'';
};
};
config = mkIf cfg.enable {
systemd.services.scion-control = {
description = "SCION Control Service";
after = [ "network-online.target" "scion-dispatcher.service" ];
wants = [ "network-online.target" "scion-dispatcher.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
Group = if (config.services.scion.scion-dispatcher.enable == true) then "scion" else null;
ExecStart = "${pkgs.scion}/bin/scion-control --config ${configFile}";
DynamicUser = true;
Restart = "on-failure";
BindPaths = [ "/dev/shm:/run/shm" ];
RuntimeDirectory = "scion-control";
};
};
};
}
Reference in a new issue View git blame Copy permalink