add netbird server

trontech-link · Nov 17, 2023 · 644e3a4 · 644e3a4
1 parent da48e25
commit 644e3a4
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 59 deletions.
diff --git a/default.nix b/default.nix
@@ -19,31 +19,6 @@ let
   allPkgs = my-pkgs // pkgs // { inherit source sourcee; };
   callPackage = lib.callPackageWith allPkgs;
   my-pkgs = rec {
-    # example-docker =
-    #   pkgs.dockerTools.buildImage {
-    #     name = "hello-docker";
-    #     tag = "latest";
-    #     created = "now";
-    #     runAsRoot = ''
-    #       mkdir /data
-    #     '';
-    #     copyToRoot = pkgs.buildEnv {
-    #       name = "image-root";
-    #       paths = [
-    #         pkgs.coreutils
-    #         pkgs.bash
-    #         pkgs.vim
-    #       ];
-    #       pathsToLink = [ "/bin" ];
-    #     };
-
-    #     config = {
-    #       WorkingDir = "/data";
-    #       Env = [ "PATH=${pkgs.coreutils}/bin/" ];
-    #       Cmd = [ "${pkgs.coreutils}/bin/cat" "${my-pkgs.example-package}" ];
-    #     };
-    #   };
-
     launch = stdenv.mkDerivation (source.launch // {
       installPhase = ''
         mkdir -p $out;
@@ -63,8 +38,6 @@ let
 
     discourse-hb = callPackage ./pkgs/discourse { };
 
-    # gitops = callPackage ./pkgs/gitops { };
-
     my2sql = callPackage ./pkgs/my2sql { };
 
     # delivery = callPackage ./pkgs/delivery { };
@@ -87,8 +60,6 @@ let
 
     newsapi-python = callPackage ./pkgs/python3/newsapi-python { };
 
-    # chatgpt-wrapper = callPackage ./pkgs/python3/chatgpt-wrapper { };
-
     copilot-el = callPackage ./pkgs/emacs/copilot { };
 
     ligature = callPackage ./pkgs/emacs/ligature { };
@@ -119,33 +90,6 @@ let
 
     tron-eventquery = callPackage ./pkgs/tron-eventquery { };
 
-    # my-ferretdb = callPackage ./pkgs/ferretdb { };
-
-    # gptcommit = callPackage ./pkgs/gptcommit { };
-
-    # vbox = nixos-generators.nixosGenerate {
-
-    #   inherit system;
-    #   format = "virtualbox";
-    # };
-    # amazon = nixos-generators.nixosGenerate {
-    #   system = "x86_64-linux";
-    #   format = "amazon";
-    # };
-
-    # tat = callPackage ./tat { };
-
-    # dotfiles = with pkgs;
-    #   stdenv.mkDerivation {
-    #     pname = "dotfiles";
-    #     version = "0.1.0";
-    #     src = ./.;
-    #     installPhase = ''
-    #       mkdir -p $out/etc;
-    #       cp -r . $out/etc;
-    #     '';
-    #   };
-
     ldap-passthrough-conf = callPackage ./pkgs/ldap-passthrough-conf { };
 
     ldap-extra-schemas = callPackage ./pkgs/ldap-extra-schemas { };

diff --git a/flake.lock b/flake.lock
diff --git a/modules/default.nix b/modules/default.nix
@@ -11,4 +11,5 @@
   java-tron = import ./java-tron;
   chainlink = import ./chainlink;
   binbash = import ./binbash;
+  netbird = import ./netbird;
 }
diff --git a/modules/netbird/default.nix b/modules/netbird/default.nix
@@ -0,0 +1,83 @@
+{ pkgs, config, lib, ... }:
+with lib;
+let
+  file-path = builtins.split "/" (toString ./.);
+  serviceName = lib.last file-path;
+  cfg = config.services."${serviceName}-server";
+in {
+  options.services = {
+    "${serviceName}-server" = {
+      enable = mkEnableOption "Enables ${serviceName} service";
+      mgmtConfig = mkOption {
+        type = types.path;
+        description = "Path to management config file";
+      };
+      signalPort = mkOption {
+        default = 8080;
+        type = types.int;
+        description = "Port for signal service";
+      };
+      mgmtPort = mkOption {
+        default = 8081;
+        type = types.int;
+        description = "Port for management service";
+      };
+    };
+  };
+  config = mkIf cfg.enable {
+    systemd = {
+      services = {
+        "netbird-signal" = {
+          wantedBy = [ "multi-user.target" ];
+          after = [ "networking.target" ];
+          startLimitIntervalSec = 500;
+          startLimitBurst = 5;
+          preStart = "";
+          onSuccess = [ ];
+          onFailure = [ ];
+          serviceConfig = {
+            User = serviceName;
+            RestartSec = "5s";
+            WorkingDirectory = "/var/lib/${serviceName}";
+            StateDirectory = serviceName;
+            RuntimeDirectory = serviceName;
+            CacheDirectory = serviceName;
+            Type = "simple";
+          };
+          script = "${pkgs.netbird}/bin/netbird-signal run --port ${
+              toString cfg.signalPort
+            } --log-file console --log-level debug";
+        };
+        "netbird-mgmt" = {
+          wantedBy = [ "multi-user.target" ];
+          after = [ "networking.target" ];
+          startLimitIntervalSec = 500;
+          startLimitBurst = 5;
+          preStart = "";
+          onSuccess = [ ];
+          onFailure = [ ];
+          serviceConfig = {
+            User = serviceName;
+            RestartSec = "5s";
+            WorkingDirectory = "/var/lib/${serviceName}";
+            StateDirectory = serviceName;
+            RuntimeDirectory = serviceName;
+            CacheDirectory = serviceName;
+            Type = "simple";
+          };
+          script =
+            "${pkgs.netbird}/bin/netbird-mgmt management --config ${cfg.mgmtConfig} --port ${
+              toString cfg.mgmtPort
+            } --log-file console --log-level debug --single-account-mode-domain=netbird.trontech.link";
+        };
+      };
+    };
+    users.users."${serviceName}" = {
+      description = "${serviceName} user";
+      isSystemUser = true;
+      group = serviceName;
+      createHome = true;
+    };
+    users.groups."${serviceName}" = { };
+  };
+}