* gw6c: don't depend on the services tree.

svn path=/nixos/trunk/; revision=26995

modules/module-list.nix

@@ -101,7 +101,7 @@
   ./services/networking/git-daemon.nix
   ./services/networking/gnunet.nix
   ./services/networking/gvpe.nix
-  ./services/networking/gw6c.nix
+  ./services/networking/gw6c/default.nix
   ./services/networking/ifplugd.nix
   #./services/networking/ircd-hybrid.nix
   ./services/networking/nat.nix

modules/services/networking/gw6c/control.in

@@ -0,0 +1,42 @@
+#! @shell@ -e
+
+# Make sure that the environment is deterministic.
+export PATH=@coreutils@/bin
+export PATH=@coreutils@/bin:@gnugrep@/bin:@gnused@/bin:@iputils@/bin:@iputils@/sbin:@procps@/bin:@seccure@/bin
+export BASEDIR=$(dirname $(dirname $0))
+
+	mkdir /tmp/.gw6c || true
+	touch /tmp/.gw6c/gw6c.conf
+	chmod 0700 /tmp/.gw6c
+	chmod 0700 /tmp/.gw6c/gw6c.conf
+	seccure-decrypt -F @privkey@ -i $BASEDIR/conf/gw6c.conf > /tmp/.gw6c/gw6c.conf
+
+stop ()
+{
+	pkill gw6c
+}
+
+ln -s /dev/net/tun /dev/tun || true;
+
+if test "$1" = "start"; then
+	trap 'stop ; exit ' 15
+
+	if test -n "@pingBefore@"; then while ! @iputils@/bin/ping @gw6server@ -c1 -w1 ; do sleep 1; done; fi
+    cd /tmp/.gw6c
+        @coreutils@/bin/yes |       \
+    env - HOME=/tmp/.gw6c $extraEnv \
+	@gw6c@/bin/gw6c -f /tmp/.gw6c/gw6c.conf 2>&1 >/var/log/gw6c.out
+    while @procps@/bin/pgrep gw6c; do 
+	sleep @everPing@; 
+	@iputils@/sbin/traceroute6 $( @coreutils@/bin/cat /var/log/gw6c.log  |
+		 @gnugrep@/bin/grep peer |
+		 @gnused@/bin/sed -e 's/.*with //; s/ .*//' |
+		 @coreutils@/bin/head -1) &
+    done;
+	pkill gw6c; 
+	exit
+fi
+
+if test "$1" = "stop"; then
+	env - HOME=/homeless-shelter @procps@/bin/pkill gw6c;
+fi;

modules/services/networking/gw6c/default.nix

@@ -6,21 +6,37 @@ let
 
   cfg = config.services.gw6c;
 
-  # !!! Move this from the services tree to the nixos tree.
-  gw6cService = import /etc/nixos/services/gw6c {
-    inherit (pkgs) stdenv gw6c coreutils 
-      procps iputils gnused 
-      gnugrep seccure writeScript;
-    upstart = config.system.build.upstart;
-    username = cfg.username;
-    password = cfg.password;
-    server = cfg.server;
-    keepAlive = cfg.keepAlive;
-    everPing = cfg.everPing;
-    seccureKeys = config.security.seccureKeys;
-    waitPingableBroker = cfg.waitPingableBroker;
+  gw6cService = pkgs.stdenv.mkDerivation {
+    name = "gw6c-service";
+    inherit (pkgs) gw6c coreutils procps upstart iputils gnused gnugrep seccure;
+
+    inherit (cfg) username password keepAlive everPing;
+
+    gw6server = cfg.server;
+    authMethod = if cfg.username == "" then "anonymous" else "any";
+    gw6dir = pkgs.gw6c;
+
+    pingBefore = if cfg.waitPingableBroker then "true" else "";
+
+    pubkey = config.security.seccureKeys.public;
+    privkey = config.security.seccureKeys.private;
+
+    buildCommand =
+      ''
+        mkdir -p $out/bin $out/conf
+
+        mkdir conf
+        chmod 0700 conf
+        touch conf/raw
+        chmod 0700 conf/raw
+
+        substituteAll ${./gw6c.conf} conf/raw
+        $seccure/bin/seccure-encrypt "$(cat $pubkey)" -i conf/raw -o $out/conf/gw6c.conf
+        substituteAll ${./control.in} $out/bin/control
+        chmod a+x $out/bin/control
+      '';
   };
-  
+
 in
 
 {

modules/services/networking/gw6c/gw6c.conf

@@ -0,0 +1,338 @@
+#-----------------------------------------------------------------------------
+# $Id: gw6c.conf.in,v 1.5 2007/05/09 13:41:32 cnepveu Exp $
+#-----------------------------------------------------------------------------
+
+##########################      READ ME!      ################################
+#
+# Welcome to the Gateway6 Client configuration file.
+# In order to use the client, you need to modify the 'userid', 'passwd' and 
+# 'server' parameters below depending on which of these situations applies:
+# 
+# 1. If you created a Freenet6 account, enter your userid and password below. 
+#    Change the server name to "broker.freenet6.net" and auth_method to 'any'.
+# 2. If you would like to use Freenet6 without creating an account, 
+#    do not make any modifications and close this file. 
+# 3. If this software was provided by your ISP, enter the userid, password and 
+#    server name provided by your ISP below. 
+#
+
+
+########################## BASIC CONFIGURATION ################################
+
+#
+# User Identification and Password:
+#   Specify your user name and password as provided by your ISP or Freenet6.
+#   If you plan to connect anonymously, leave these values empty.
+#   NOTE: Change auth_method option if you are using a username/password.
+#
+#   userid=<your_userid>
+#   passwd=<your_password>
+#
+userid=@username@ 
+passwd=@password@ 
+
+
+#
+# Gateway6 Server:
+#   Specify a Gateway6 server name or IP address (provided by your ISP or 
+#   Freenet6). An optional port number can be added; the default port number 
+#   is 3653.
+#  
+#   Examples:
+#     server=hostname # FQDN
+#     server=A.B.C.D  # IPv4 address
+#     server=[X:X::X:X] # IPv6 address
+#     server=hostname:port_number  
+#     server=A.B.C.D:port_number
+#     server=[X:X::X:X]:port_number
+#
+#   Freenet6 account holders should enter broker.freenet6.net, otherwise use
+#   anon.freenet6.net. Your ISP may provide you with a different server name. 
+#
+#server=anon.freenet6.net
+#server=broker.freenet6.net
+#server=broker.aarnet.net.au
+server=@gw6server@
+
+#
+# Authentication Method:
+#
+#  auth_method=<{anonymous}|{any|passdss-3des-1|digest-md5|plain}>
+#
+#   anonymous:      Sends no username or password
+#
+#   any:            The most secure method will be used. 
+#   passdss-3des-1: The password is sent encrypted.
+#   digest-md5:     The password is sent encrypted.
+#   plain:          Both username and password are sent as plain text.
+#
+# Recommended values:
+#   - any:          If you are authenticating a username / password.
+#   - anonymous:    If you are connecting anonymously.
+#
+#auth_method=anonymous
+#auth_method=any
+auth_method=@authMethod@
+
+
+########################## ROUTING CONFIGURATION ##############################
+# Use these parameters when you wish the client to act as a router and provide 
+# IPv6 connectivity to IPv6-capable devices on your network.
+
+#
+# Local Host Type:
+#   Change this value to 'router' to enable IPv6 advertisements.
+#
+#   host_type=<host|router>
+#
+host_type=host
+
+#
+# Prefix Length:
+#   Length of the requested prefix. Valid values range between 0 and 64 when 
+#   using V6*V4 tunnel modes, and between 0 and 32 when using V4V6 tunnel mode.
+#
+#   prefixlen=<integer>
+#
+prefixlen=64
+
+#
+# Advertisement Interface Prefix:
+#   Name of the interface that will be configured to send router advertisements. 
+#   This is an interface index on Windows (ex: 4) and a name on Linux
+#   and BSD (ex: eth1 or fxp1). 
+#
+#   if_prefix=<interface name>
+#
+if_prefix=
+
+#
+# DNS Server: 
+#   A DNS server list to which the reverse prefix will be delegated. Servers
+#   are separated by the colon(:) delimiter.
+#
+#   Example: dns_server=ns1.domain:ns2.domain:ns3.domain
+#
+dns_server=
+
+
+######################### ADVANCED CONFIGURATION ##############################
+
+#
+# Gateway6 Client Installation Directory:
+#   Directory where the Gateway6 Client will be installed. This value has been 
+#   set during installation.
+#
+gw6_dir=@gw6dir@
+
+#
+# Auto-Retry Connect and Delay:
+#   The time lapse, in seconds, between each reconnection in the case of a 
+#   timeout.
+#
+#   auto_retry_connect=<yes|no>
+#   retry_delay=<integer>
+#
+#   Recommended values: "yes" and 30
+#
+auto_retry_connect=yes
+retry_delay=5
+
+#
+# Keepalive Feature and Message Interval:
+#   Indicates if and how often the client will send data to keep the tunnel 
+#   active.
+#
+#   keepalive=<yes|no>
+#   keepalive_interval=<integer>
+#
+#   Recommended values: "yes" and 30
+#
+keepalive=yes
+keepalive_interval=@keepAlive@
+
+#
+# Tunnel Encapsulation Mode:
+#   v6v4:    IPv6-in-IPv4 tunnel.
+#   v6udpv4: IPv6-in-UDP-in-IPv4 tunnel (for clients behind a NAT).
+#   v6anyv4: Lets the broker choose the best mode for IPv6 tunnel.
+#   v4v6:    IPv4-in-IPv6 tunnel.
+#
+#   Recommended value: v6anyv4
+#
+tunnel_mode=v6anyv4
+
+#
+# Tunnel Interface Name:
+#   The interface name assigned to the tunnel. This value is O/S dependent.
+#
+#   if_tunnel_v6v4 is the tunnel interface name for v6v4 encapsulation mode
+#   if_tunnel_v6udpv4 is the tunnel interface name for v6udpv4 encapsulate mode
+#   if_tunnel_v4v6 is the tunnel interface name for v4v6 encapsulation mode
+#
+#   Default values are set during installation.
+#
+if_tunnel_v6v4=sit1
+if_tunnel_v6udpv4=tun
+if_tunnel_v4v6=sit0
+
+#
+# Local IP Address of the Client:
+#   Allows you to set a specific address as the local tunnel endpoint.
+#
+#   client_v4=<auto|A.B.C.D (valid ipv4 address)>
+#   client_v6=<auto|X:X::X:X (valid ipv6 address)>
+#     auto: The Gateway6 Client will find the local IP address endpoint.
+#
+#   Recommended value: auto
+#
+client_v4=auto
+client_v6=auto
+
+#
+# Script Name:
+#   File name of the script to run to install the tunnel interface. The 
+#   scripts are located in the template directory under the client 
+#   installation directory. 
+#
+#   template=<checktunnel|freebsd|netbsd|openbsd|linux|windows|darwin|cisco|solaris>
+#
+#   Default value is set during installation.
+# 
+template=linux
+
+#
+# Proxy client: 
+#   Indicates that this client will request a tunnel for another endpoint, 
+#   such as a Cisco router. 
+#
+#   proxy_client=<yes|no>
+#
+#   NOTE: NAT traversal is not possible in proxy mode. 
+#
+proxy_client=no
+
+
+############################ BROKER REDIRECTION ###############################
+
+#
+# Broker List File Name:
+#   The 'broker_list' directive specifies the filename where the broker
+#   list received during broker redirection will be saved. 
+#
+#   broker_list=<file_name>
+#  
+broker_list=/tmp/tsp-broker-list.txt
+
+#
+# Last Server Used File Name:
+#   The 'last_server' directive specifies the filename where the address of
+#   the last broker to which a connection was successfully established will 
+#   be saved.
+#
+#   last_server=<file_name>
+#
+last_server=/tmp/tsp-last-server.txt
+
+#
+# Always Use Last Known Working Server:
+#   The value of the 'always_use_same_server' directive determines whether the 
+#   client should always try to connect to the broker found in the 
+#   'last_server' directive filename. 
+#
+#   always_use_same_server=<yes|no>
+#
+always_use_same_server=no
+
+
+#################################### LOGGING ##################################
+
+#
+# Log Verbosity Configuration:
+#   The format is 'log_<destination>=level', where possible values for 
+#   'destination' are:
+#
+#   - console  (logging to the console [AKA stdout])
+#   - stderr   (logging to standard error)
+#   - file     (logging to a file)
+#   - syslog   (logging to syslog [Unix only])
+#
+#   and 'level' is a digit between 0 and 3. A 'level' value of 0 disables 
+#   logging to the destination, while values 1 to 3 request increasing levels 
+#   of log verbosity and detail. If 'level' is not specified, a value of 1 is 
+#   assumed.
+#
+#   Example:
+#     log_file=3   (Maximal logging to a file)
+#     log_stderr=0 (Logging to standard error disabled)
+#     log_console= (Minimal logging to the console) 
+#
+#   - Default configuration on Windows platforms:
+#
+#     log_console=0
+#     log_stderr=0
+#     log_file=1
+#
+#   - Default configuration on Unix platforms:
+#
+#     log_console=0
+#     log_stderr=1
+#     log_file=0
+#     log_syslog=0
+#
+#log_console=
+#log_stderr=
+#log_file=
+#log_syslog=
+log_file=3
+
+#
+# Log File Name:
+#   When logging to file is requested using the 'log_file' directive, the name
+#   and path of the file to use may be specified using this directive.
+#
+#   log_filename=<file_name>
+#
+log_filename=/var/log/gw6c.log
+
+#
+# Log File Rotation:
+#   When logging to file is requested using the 'log_file' directive, log file 
+#   rotation may be enabled. When enabled, the contents of the log file will 
+#   be moved to a backup file just before it reaches the maximum log file size 
+#   specified via this directive.
+#
+#   The name of the backup file is the name of the original log file with 
+#   '.<timestamp>' inserted before the file extension. If the file does not 
+#   have an extension, '.<timestamp>' is appended to the name of the original
+#   log file. The timestamp specifies when the rotation occurred.
+#
+#   After the contents of the log file have been moved to the backup file, the 
+#   original file is cleared, and logging resumes at the beginning of the file. 
+#
+#   log_rotation=<yes|no>
+#
+log_rotation=yes
+
+#
+# Log File Rotation Size:
+#   The 'log_rotation_size' directive specifies the maximum size a log file may 
+#   reach before rotation occurs, if enabled. The value is expressed in 
+#   kilobytes.
+#
+#   log_rotation_size=<16|32|128|1024>
+#
+log_rotation_size=32
+
+#
+# Syslog Logging Facility [Unix Only]:
+#   When logging to syslog is requested using the 'log_syslog' directive, the 
+#   facility to use may be specified using this directive.
+#
+#   syslog_facility=<USER|LOCAL[0-7]>
+#
+syslog_facility=USER
+
+
+# end of gw6c.conf
+#------------------------------------------------------------------------------