From 3519bdcec4f03f408461c9d5db9ef21d467c7633 Mon Sep 17 00:00:00 2001 From: clerie Date: Sun, 18 Jun 2023 21:51:21 +0200 Subject: [PATCH] Add NixOS modules --- flake.nix | 21 ++++++ nix/modules/dhcp.nix | 141 +++++++++++++++++++++++++++++++++++ nix/modules/fieldpoc.nix | 156 +++++++++++++++++++++++++++++++++++++++ nix/modules/yate.nix | 56 ++++++++++++++ 4 files changed, 374 insertions(+) create mode 100644 nix/modules/dhcp.nix create mode 100644 nix/modules/fieldpoc.nix create mode 100644 nix/modules/yate.nix diff --git a/flake.nix b/flake.nix index 13b63d7..2ccc30c 100644 --- a/flake.nix +++ b/flake.nix @@ -100,7 +100,28 @@ pythonImportsCheck = [ "diffsync" ]; }; + yate = pkgs.yate.overrideAttrs (old: { + configureFlags = [ "--with-libpq=${pkgs.postgresql.withPackages (ps: [ ])}" ]; + }); + }; + nixosModules = { + fieldpoc = { ... }: { + imports = [ + ./nix/modules/dhcp.nix + ./nix/modules/fieldpoc.nix + ./nix/modules/yate.nix + ]; + + nixpkgs.overlays = [ + (_: _: { + inherit (self.packages."x86_64-linux") + fieldpoc + yate; + }) + ]; + }; + default = self.nixosModules.fieldpoc; }; hydraJobs = { diff --git a/nix/modules/dhcp.nix b/nix/modules/dhcp.nix new file mode 100644 index 0000000..22c7674 --- /dev/null +++ b/nix/modules/dhcp.nix @@ -0,0 +1,141 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.fieldpoc.dhcp; +in { + options.services.fieldpoc.dhcp = { + enable = mkEnableOption "fieldpoc-dhcp"; + interface = mkOption { + type = types.str; + }; + subnet = mkOption { + type = types.str; + }; + pool = mkOption { + type = types.str; + }; + router = mkOption { + type = types.str; + }; + dnsServers = mkOption { + type = types.str; + }; + omm = mkOption { + type = types.str; + }; + reservations = mkOption { + type = with types; listOf (submodule { + options = { + name = mkOption { + type = types.str; + }; + macAddress = mkOption { + type = types.str; + }; + ipAddress = mkOption { + type = types.str; + }; + }; + }); + default = []; + }; + }; + + config = mkIf cfg.enable { + services.kea.dhcp4 = { + enable = true; + settings = { + interfaces-config = { + interfaces = [ cfg.interface ]; + }; + option-def = [ + { + space = "dhcp4"; + name = "vendor-encapsulated-options"; + code = 43; + type = "empty"; + encapsulate = "sipdect"; + } + { + space = "sipdect"; + name = "ommip1"; + code = 10; + type = "ipv4-address"; + } + { + space = "sipdect"; + name = "ommip2"; + code = 19; + type = "ipv4-address"; + } + { + space = "sipdect"; + name = "syslogip"; + code = 14; + type = "ipv4-address"; + } + { + space = "sipdect"; + name = "syslogport"; + code = 15; + type = "int16"; + } + { + space = "dhcp4"; + name = "magic_str"; + code = 224; + type = "string"; + } + ]; + + subnet4 = [ + { + subnet = cfg.subnet; + pools = [ + { + pool = cfg.pool; + } + ]; + option-data = [ + { + name = "routers"; + data = cfg.router; + } + { + name = "domain-name-servers"; + data = cfg.dnsServers; + } + { + name = "vendor-encapsulated-options"; + } + { + space = "sipdect"; + name = "ommip1"; + data = cfg.omm; + } + { + name = "magic_str"; + data = "OpenMobilitySIP-DECT"; + } + ]; + + reservations = map (r: { + hostname = r.name; + hw-address = r.macAddress; + ip-address = r.ipAddress; + option-data = [ + { + name = "host-name"; + data = r.name; + } + ]; + }) cfg.reservations; + } + ]; + }; + }; + }; +} + diff --git a/nix/modules/fieldpoc.nix b/nix/modules/fieldpoc.nix new file mode 100644 index 0000000..58cfbd4 --- /dev/null +++ b/nix/modules/fieldpoc.nix @@ -0,0 +1,156 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.fieldpoc; +in { + options = { + services.fieldpoc = { + enable = mkEnableOption "fieldpoc"; + ommIp = mkOption { + type = types.str; + }; + ommUser = mkOption { + type = types.str; + }; + ommPasswordPath = mkOption { + type = types.path; + }; + sipsecretPath = mkOption { + type = types.path; + }; + }; + }; + + config = mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + fieldpoc + ]; + + systemd.services.fieldpoc = { + description = "Fieldpoc daemon"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" "yate.service" ]; + + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.fieldpoc}/bin/fieldpoc -c /run/fieldpoc/config.json --debug"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + User = "fieldpoc"; + Group = "fieldpoc"; + RuntimeDirectory = "fieldpoc"; + RuntimeDirectoryMode = "0755"; + ConfigurationDirectory = "fieldpoc"; + StateDirectory = "fieldpoc"; + StateDirectoryMode = "0700"; + }; + + preStart = let + cfgFile = pkgs.writeText "config.json" (lib.generators.toJSON { } { + extensions = { + file = "/var/lib/fieldpoc/extensions.json"; + }; + controller = { + host = "127.0.0.1"; + port = 9437; + }; + dect = { + host = cfg.ommIp; + username = cfg.ommUser; + password = "!!OMMPASSWORD!!"; + sipsecret = "!!SIPSECRET!!"; + }; + yate = { + host = "127.0.0.1"; + port = 5039; + }; + database = { + hostname = "127.0.0.1"; + username = "fieldpoc"; + password = "fieldpoc"; + database = "fieldpoc"; + }; + }); + in '' + ${pkgs.gnused}/bin/sed -e "s/!!OMMPASSWORD!!/$(cat ${cfg.ommPasswordPath})/g" -e "s/!!SIPSECRET!!/$(cat ${cfg.sipsecretPath})/g" ${cfgFile} > /run/fieldpoc/config.json + if [ ! -f "/var/lib/fieldpoc/extensions.json" ]; then + echo '{"extensions": {}}' > /var/lib/fieldpoc/extensions.json + fi + ''; + }; + + users.users.fieldpoc = { + isSystemUser = true; + group = "fieldpoc"; + }; + + users.groups.fieldpoc = { }; + + services.postgresql = { + enable = true; + initialScript = pkgs.writeText "backend-initScript" '' + CREATE ROLE fieldpoc WITH LOGIN PASSWORD 'fieldpoc' CREATEDB; + CREATE DATABASE fieldpoc; + GRANT ALL PRIVILEGES ON DATABASE fieldpoc TO fieldpoc; + ''; + }; + + services.yate = { + enable = true; + config = { + extmodule = { + "listener ywsd" = { + type = "tcp"; + addr = "127.0.0.1"; + port = "5039"; + }; + }; + cdrbuild = { + parameters = { + X-Eventphone-Id = "false"; + }; + }; + pgsqldb = { + default = { + host = "localhost"; + port = "5432"; + database = "fieldpoc"; + user = "fieldpoc"; + password = "fieldpoc"; + }; + }; + register = { + general = { + expires = 30; + "user.auth" = "yes"; + "user.register" = "yes"; + "user.unregister" = "yes"; + "engine.timer" = "yes"; + "call.cdr" = "yes"; + "linetracker" = "yes"; + }; + default = { + priority = 30; + account = "default"; + }; + "user.auth" = { + query = "SELECT password FROM users WHERE username='\${username}' AND password IS NOT NULL AND password<>'' AND type='user' LIMIT 1;"; + result = "password"; + }; + "user.register".query = "INSERT INTO registrations (username, location, oconnection_id, expires) VALUES ('\${username}', '\${data}', '\${oconnection_id}', NOW() + INTERVAL '\${expires} s') ON CONFLICT ON CONSTRAINT uniq_registrations DO UPDATE SET expires = NOW() + INTERVAL '\${expires} s'"; + "user.unregister".query = "DELETE FROM registrations WHERE (username = '\${username}' AND location = '\${data}' AND oconnection_id = '\${connection_id}') OR ('\${username}' = '' AND '\${data}' = '' AND oconnection_id = '\${connection_id}')"; + "engine.timer".query = "DELETE FROM registrations WHERE expires<=CURRENT_TIMESTAMP;"; + "call.cdr".critial = "no"; + "linetracker" = { + critical = "yes"; + initquery = "UPDATE users SET inuse=0 WHERE inuse is not NULL;DELETE from active_calls;"; + cdr_initialize = "UPDATE users SET inuse=inuse+1 WHERE username='\${external}';INSERT INTO active_calls SELECT username, x_eventphone_id FROM (SELECT '\${external}' as username, '\${X-Eventphone-Id}' as x_eventphone_id, '\${direction}' as direction) as active_call WHERE x_eventphone_id != '' AND x_eventphone_id IS NOT NULL and direction = 'outgoing';"; + cdr_finalize = "UPDATE users SET inuse=(CASE WHEN inuse>0 THEN inuse-1 ELSE 0 END) WHERE username='\${external}';DELETE FROM active_calls WHERE username = '\${external}' AND x_eventphone_id = '\${X-Eventphone-Id}' AND '\${direction}' = 'outgoing';"; + }; + }; + }; + }; + }; +} + diff --git a/nix/modules/yate.nix b/nix/modules/yate.nix new file mode 100644 index 0000000..3084a6b --- /dev/null +++ b/nix/modules/yate.nix @@ -0,0 +1,56 @@ + +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.yate; +in { + options = { + services.yate = { + enable = mkEnableOption "yate"; + config = mkOption { + type = with types; attrsOf anything; + default = { }; + }; + }; + }; + config = mkIf cfg.enable { + environment.etc = mapAttrs' (name: config: nameValuePair "yate/${name}.conf" { text = (if (isAttrs config) then generators.toINI {} config else config); }) cfg.config; + + systemd.services.yate = { + description = "YATE Telephony Server"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" "postgresql.service" ]; + + environment = { PWLIB_ASSERT_ACTION = "C"; }; + + serviceConfig = { + Type = "forking"; + ExecStart = + "${pkgs.yate}/bin/yate -d -p /run/yate/yate.pid -c /etc/yate -F -s -vvv -DF -r -l /var/lib/yate/yate.log"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + User = "yate"; + Group = "yate"; + AmbientCapabilities = "CAP_NET_BIND_SERVICE"; + RuntimeDirectory = "yate"; + RuntimeDirectoryMode = "0755"; + ConfigurationDirectory = "yate"; + StateDirectory = "yate"; + StateDirectoryMode = "0700"; + PIDFile = "/run/yate/yate.pid"; + TimeoutSec = 30; + }; + + reloadTriggers = map (name: config.environment.etc."yate/${name}.conf".source) (attrNames cfg.config); + }; + + users.users.yate = { + isSystemUser = true; + group = "yate"; + }; + + users.groups.yate = { }; + }; +} +