6afb255d97
these changes were generated with nixq 0.0.2, by running nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix two mentions of the mdDoc function remain in nixos/, both of which are inside of comments. Since lib.mdDoc is already defined as just id, this commit is a no-op as far as Nix (and the built manual) is concerned.
40 lines
1.2 KiB
Nix
40 lines
1.2 KiB
Nix
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.services.scion;
|
|
in
|
|
{
|
|
options.services.scion = {
|
|
enable = mkEnableOption "all of the scion components and services";
|
|
bypassBootstrapWarning = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
bypass Nix warning about SCION PKI bootstrapping
|
|
'';
|
|
};
|
|
};
|
|
config = mkIf cfg.enable {
|
|
services.scion = {
|
|
scion-dispatcher.enable = true;
|
|
scion-daemon.enable = true;
|
|
scion-router.enable = true;
|
|
scion-control.enable = true;
|
|
};
|
|
assertions = [
|
|
{ assertion = cfg.bypassBootstrapWarning == true;
|
|
message = ''
|
|
SCION is a routing protocol and requires bootstrapping with a manual, imperative key signing ceremony. You may want to join an existing Isolation Domain (ISD) such as scionlab.org, or bootstrap your own. If you have completed and configured the public key infrastructure for SCION and are sure this process is complete, then add the following to your configuration:
|
|
|
|
services.scion.bypassBootstrapWarning = true;
|
|
|
|
refer to docs.scion.org for more information
|
|
'';
|
|
}
|
|
];
|
|
};
|
|
}
|
|
|