Unverified Commit 637577f1 authored by Peder Bergebakken Sundt's avatar Peder Bergebakken Sundt Committed by GitHub
Browse files

Merge pull request #261704 from baloo/baloo/dublin-traceroute/init 

dublin-traceroute: init at 2023.04.12
parents c4b427e1 070bcf9d

nixos/modules/module-list.nix

+1 −0
Original line number Diff line number Diff line
@@ -167,6 +167,7 @@ 
  ./programs/direnv.nix

  ./programs/dmrconfig.nix

  ./programs/droidcam.nix

  ./programs/dublin-traceroute.nix

  ./programs/ecryptfs.nix

  ./programs/environment.nix

  ./programs/evince.nix

nixos/modules/programs/dublin-traceroute.nix

0 → 100644
+31 −0
Original line number Diff line number Diff line 
{ config, lib, pkgs, ... }:



with lib;



let

  cfg = config.programs.dublin-traceroute;



in {

  meta.maintainers = pkgs.dublin-traceroute.meta.maintainers;



  options = {

    programs.dublin-traceroute = {

      enable = mkEnableOption (mdDoc ''

      dublin-traceroute, add it to the global environment and configure a setcap wrapper for it.

      '');



      package = mkPackageOption pkgs "dublin-traceroute" { };

    };

  };



  config = mkIf cfg.enable {

    environment.systemPackages = [ cfg.package ];



    security.wrappers.dublin-traceroute = {

      owner = "root";

      group = "root";

      capabilities = "cap_net_raw+p";

      source = getExe cfg.package;

    };

  };

}

nixos/tests/all-tests.nix

+1 −0
Original line number Diff line number Diff line
@@ -253,6 +253,7 @@ in { 
  domination = handleTest ./domination.nix {};

  dovecot = handleTest ./dovecot.nix {};

  drbd = handleTest ./drbd.nix {};

  dublin-traceroute = handleTest ./dublin-traceroute.nix {};

  earlyoom = handleTestOn ["x86_64-linux"] ./earlyoom.nix {};

  early-mount-options = handleTest ./early-mount-options.nix {};

  ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};

nixos/tests/dublin-traceroute.nix

0 → 100644
+63 −0
Original line number Diff line number Diff line 
# This is a simple distributed test involving a topology with two

# separate virtual networks - the "inside" and the "outside" - with a

# client on the inside network, a server on the outside network, and a

# router connected to both that performs Network Address Translation

# for the client.

import ./make-test-python.nix ({ pkgs, lib, ... }:

  let

    routerBase =

      lib.mkMerge [

        { virtualisation.vlans = [ 2 1 ];

          networking.nftables.enable = true;

          networking.nat.internalIPs = [ "192.168.1.0/24" ];

          networking.nat.externalInterface = "eth1";

        }

      ];

  in

  {

    name = "dublin-traceroute";

    meta = with pkgs.lib.maintainers; {

      maintainers = [ baloo ];

    };



    nodes.client = { nodes, ... }: {

      imports = [ ./common/user-account.nix ];

      virtualisation.vlans = [ 1 ];



      networking.defaultGateway =

        (builtins.head nodes.router.networking.interfaces.eth2.ipv4.addresses).address;

      networking.nftables.enable = true;



      programs.dublin-traceroute.enable = true;

    };



    nodes.router = { ... }: {

      virtualisation.vlans = [ 2 1 ];

      networking.nftables.enable = true;

      networking.nat.internalIPs = [ "192.168.1.0/24" ];

      networking.nat.externalInterface = "eth1";

      networking.nat.enable = true;

    };



    nodes.server = { ... }: {

      virtualisation.vlans = [ 2 ];

      networking.firewall.enable = false;

      services.httpd.enable = true;

      services.httpd.adminAddr = "foo@example.org";

      services.vsftpd.enable = true;

      services.vsftpd.anonymousUser = true;

    };



    testScript = ''

      client.start()

      router.start()

      server.start()



      server.wait_for_unit("network.target")

      router.wait_for_unit("network.target")

      client.wait_for_unit("network.target")



      # Make sure we can trace from an unprivileged user

      client.succeed("sudo -u alice dublin-traceroute server")

    '';

  })

pkgs/by-name/du/dublin-traceroute/package.nix

0 → 100644
+41 −0
Original line number Diff line number Diff line 
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, jsoncpp, libtins, libpcap, openssl, unstableGitUpdater, nixosTests }:



stdenv.mkDerivation {

  pname = "dublin-traceroute";

  version = "0.4.2-unstable-2023-04-12";



  src = fetchFromGitHub {

    owner = "insomniacslk";

    repo = "dublin-traceroute";

    rev = "2fb78ea05596dfdf8f7764b497eb8d3a812cb695";

    hash = "sha256-E1HYMd0wDTfAZ0TamQFazh8CPhMa2lNIbF4aEBf5qhk=";

  };



  nativeBuildInputs = [ cmake pkg-config ];



  buildInputs = [ jsoncpp libtins libpcap openssl ];



  outputs = [

    "out"

    "lib"

    "dev"

  ];



  passthru = {

    # 0.4.2 was tagged in 2017

    updateScript = unstableGitUpdater { };



    tests = {

      inherit (nixosTests) dublin-traceroute;

    };

  };



  meta = with lib; {

    description = "NAT-aware multipath traceroute tool";

    homepage = "https://dublin-traceroute.net/";

    license = licenses.bsd2;

    maintainers = with maintainers; [ baloo ];

    platforms = platforms.unix;

    mainProgram = "dublin-traceroute";

  };

}