nixos/nebula-lighthouse-service: init module

- [dwl](https://codeberg.org/dwl/dwl), a compact, hackable compositor for Wayland based on wlroots. Available as [programs.dwl](#opt-programs.dwl.enable).

- [nebula-lighthouse-service](https://github.com/manuels/nebula-lighthouse-service), a public nebula lighthouse service. Avaliable as [services.nebula-lighthouse-service](#opt-services.nebula-lighthouse-service.enable).

- [angrr](https://github.com/linyinfeng/angrr), a service that automatically cleans up old auto GC roots. Available as [services.angrr](#opt-services.angrr.enable).

- [Sharkey](https://joinsharkey.org), a Sharkish microblogging platform. Available as [services.sharkey](#opt-services.sharkey.enable).

  ./services/networking/ncdns.nix

  ./services/networking/ncps.nix

  ./services/networking/ndppd.nix

  ./services/networking/nebula-lighthouse-service.nix

  ./services/networking/nebula.nix

  ./services/networking/netbird.nix

  ./services/networking/netbird/server.nix

{

  config,

  pkgs,

  lib,

  ...

}:

let

  cfg = config.services.nebula-lighthouse-service;

  settingsFormat = pkgs.formats.yaml { };

in

{

  options.services.nebula-lighthouse-service = {

    enable = lib.mkEnableOption ''If enabled, NixOS will enable a systemd unit for nebula-lighthouse-service'';

    settings = lib.mkOption {

      type = settingsFormat.type;

      default = { };

      description = ''

        Configuration for nebula-lighthouse-service.

      '';

      example = ''

        max-port = 65535;

        min-port = 49152;

        "webserver.ip" = "127.0.0.1";

        "webserver.port" = 8080;

      '';

    };

  };

  config = lib.mkIf cfg.enable {

    services.nebula-lighthouse-service.settings = {

      min-port = lib.mkDefault 49152;

      max-port = lib.mkDefault 65535;

      "webserver.port" = lib.mkDefault 8080;

      "webserver.ip" = lib.mkDefault "127.0.0.1";

    };

    environment.etc."nebula-lighthouse-service/config.yaml".source =

      settingsFormat.generate "nebula-lighthouse-service-config.yaml" cfg.settings;

    systemd.services.nebula-lighthouse-service = {

      description = "Run nebula-lighthouse-service";

      wants = [ "basic.target" ];

      after = [

        "basic.target"

        "network.target"

      ];

      wantedBy = [ "multi-user.target" ];

      serviceConfig = {

        Type = "exec";

        Restart = "always";

        ExecStart = "${pkgs.nebula-lighthouse-service}/bin/nebula-lighthouse-service";

        StateDirectory = "nebula-lighthouse-service";

      };

    };

  };

  meta.maintainers = with lib.maintainers; [

    bloominstrong

  ];

}

  ndppd = runTest ./ndppd.nix;

  nebula.connectivity = runTest ./nebula/connectivity.nix;

  nebula.reload = runTest ./nebula/reload.nix;

  nebula-lighthouse-service = runTest ./nebula-lighthouse-service.nix;

  neo4j = runTest ./neo4j.nix;

  netbird = runTest ./netbird.nix;

  netbox-upgrade = runTest ./web-apps/netbox-upgrade.nix;

{ pkgs, lib, ... }:

{

  name = "nebula-lighthouse-service";

  meta.maintainers = with lib.maintainers; [

    bloominstrong

  ];

  nodes.machine =

    { ... }:

    {

      environment.systemPackages = with pkgs; [

        nebula

      ];

      services.nebula-lighthouse-service.enable = true;

    };

  testScript = ''

    start_all()

    machine.succeed(

      'nebula-cert ca -duration $((10*365*24*60))m -name "NLS Test" -out-crt ca.crt -out-key ca.key',

      'nebula-cert sign -duration $((365*24*60))m -ca-crt ca.crt -ca-key ca.key -name "lighthouse" -groups "lighthouse" -ip "10.0.100.1/24" -out-crt lighthouse.crt -out-key lighthouse.key'

    )

    machine.wait_for_unit("nebula-lighthouse-service.service")

    machine.wait_for_open_port(8080)

    machine.succeed(

      'curl -X POST "http://127.0.0.1:8080/lighthouse/" -F ca_crt=@./ca.crt -F host_crt=@./lighthouse.crt -F host_key=@./lighthouse.key',

      'curl -X GET "http://127.0.0.1:8080/lighthouse/" -F ca_crt=@./ca.crt -F host_crt=@./lighthouse.crt -F host_key=@./lighthouse.key',

      'pgrep -x nebula'

    )

  '';

}