colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

modemmanager: fix so it's active on boot

Browse Source
This commit is contained in:
Colin
2024-04-27 11:54:08 +00:00
parent 7e8a014f37
commit 35c7527946
2 changed files with 34 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
hosts/common/programs/modemmanager.nix
View File

@@ -3,16 +3,33 @@ let
cfg = config.sane.programs.modemmanager; cfg = config.sane.programs.modemmanager;
in in
{ {
sane.programs.modemmanager = {}; sane.programs.modemmanager = {
# mmcli needs /run/current-system/sw/share/dbus-1 files to function
enableFor.system = lib.mkIf (builtins.any (en: en) (builtins.attrValues cfg.enableFor.user)) true;
};
systemd.services.ModemManager = lib.mkIf cfg.enabled { systemd.services.ModemManager = lib.mkIf cfg.enabled {
aliases = [ "dbus-org.freedesktop.ModemManager1.service" ];
after = [ "polkit.service" ];
requires = [ "polkit.service" ];
wantedBy = [ "network.target" ];
serviceConfig = { serviceConfig = {
Type = "dbus";
BusName = "org.freedesktop.ModemManager1";
# only if started with `--debug` does mmcli let us issue AT commands like # only if started with `--debug` does mmcli let us issue AT commands like
# `mmcli --modem any --command=<AT_CMD>` # `mmcli --modem any --command=<AT_CMD>`
# N.B.: the extra "" in ExecStart serves to force upstream ExecStart to be ignored ExecStart = "${cfg.package}/bin/ModemManager --debug";
ExecStart = [ "" "${pkgs.modemmanager}/bin/ModemManager --debug" ];
# --debug sets DEBUG level logging: so reset # --debug sets DEBUG level logging: so reset
ExecStartPost = [ "${pkgs.modemmanager}/bin/mmcli --set-logging=INFO" ]; ExecStartPost = "${cfg.package}/bin/mmcli --set-logging=INFO";
Restart = "on-abort";
StandardError = "null";
CapabilityBoundingSet = "CAP_SYS_ADMIN CAP_NET_ADMIN";
ProtectSystem = true;
ProtectHome = true;
PrivateTmp = true;
RestrictAddressFamilies = "AF_NETLINK AF_UNIX AF_QIPCRTR";
NoNewPrivileges = true;
}; };
}; };
} }

16
hosts/common/programs/networkmanager.nix
View File

@@ -14,7 +14,8 @@ in
enableFor.system = lib.mkIf (builtins.any (en: en) (builtins.attrValues cfg.enableFor.user)) true; enableFor.system = lib.mkIf (builtins.any (en: en) (builtins.attrValues cfg.enableFor.user)) true;
}; };
# these aren't the complete services, but just the fields Nix needs to manually set/override from the package's official service file # add to systemd.packages so we get the service file it ships, then override what we need to customize (taken from nixpkgs)
systemd.packages = lib.mkIf cfg.enabled [ cfg.package ];
systemd.services.NetworkManager = lib.mkIf cfg.enabled { systemd.services.NetworkManager = lib.mkIf cfg.enabled {
wantedBy = [ "network.target" ]; wantedBy = [ "network.target" ];
aliases = [ "dbus-org.freedesktop.NetworkManager.service" ]; aliases = [ "dbus-org.freedesktop.NetworkManager.service" ];
@@ -61,8 +62,17 @@ in
networkmanager.gid = config.ids.gids.networkmanager; networkmanager.gid = config.ids.gids.networkmanager;
}; };
services.udev.packages = lib.mkIf cfg.enabled [ cfg.package ]; services.udev.packages = lib.mkIf cfg.enabled [ cfg.package ];
# add to systemd.packages so we get the service file it ships security.polkit.enable = lib.mkIf cfg.enabled true;
systemd.packages = lib.mkIf cfg.enabled [ cfg.package ]; security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (
subject.isInGroup("networkmanager")
&& (action.id.indexOf("org.freedesktop.NetworkManager.") == 0
|| action.id.indexOf("org.freedesktop.ModemManager") == 0
))
{ return polkit.Result.YES; }
});
'';
boot.kernelModules = [ "ctr" ]; #< TODO: needed (what even is this)? boot.kernelModules = [ "ctr" ]; #< TODO: needed (what even is this)?
# TODO: polkit? # TODO: polkit?