@ -1,10 +1,8 @@
# Avahi daemon.
{ config , lib , pkgs , . . . }:
with lib ;
let
cfg = config . services . avahi ;
yesNo = yes : if yes then " y e s " else " n o " ;
@ -39,215 +37,245 @@ let
enable-reflector = $ { yesNo reflector }
$ { extraConfig }
'' ;
in
{
options . services . avahi = {
enable = mkOption {
type = types . bool ;
default = false ;
description = ''
Whether to run the Avahi daemon , which allows Avahi clients
to use Avahi's service discovery facilities and also allows
the local machine to advertise its presence and services
( through the mDNS responder implemented by ` avahi-daemon' ) .
'' ;
} ;
###### interface
hostName = mkOption {
type = types . str ;
default = config . networking . hostName ;
defaultText = literalExample " c o n f i g . n e t w o r k i n g . h o s t N a m e " ;
description = ''
Host name advertised on the LAN . If not set , avahi will use the value
of <option> config . networking . hostName < /option > .
'' ;
} ;
options = {
domainName = mkOption {
type = types . str ;
default = " l o c a l " ;
description = ''
Domain name for all advertisements .
'' ;
} ;
services . avahi = {
browseDomains = mkOption {
type = types . listOf types . str ;
default = [ ] ;
example = [ " 0 p o i n t e r . d e " " z e r o c o n f . o r g " ] ;
description = ''
List of non-local DNS domains to be browsed .
'' ;
} ;
enable = mkOption {
default = false ;
description = ''
Whether to run the Avahi daemon , which allows Avahi clients
to use Avahi's service discovery facilities and also allows
the local machine to advertise its presence and services
( through the mDNS responder implemented by ` avahi-daemon' ) .
'' ;
} ;
ipv4 = mkOption {
type = types . bool ;
default = true ;
description = " W h e t h e r t o u s e I P v 4 . " ;
} ;
hostName = mkOption {
type = types . str ;
description = ''
Host name advertised on the LAN . If not set , avahi will use the value
of config . networking . hostName .
'' ;
} ;
ipv6 = mkOption {
type = types . bool ;
default = false ;
description = " W h e t h e r t o u s e I P v 6 . " ;
} ;
domainName = mkOption {
type = types . str ;
default = " l o c a l " ;
description = ''
Domain name for all advertisements .
'' ;
} ;
interfaces = mkOption {
type = types . nullOr ( types . listOf types . str ) ;
default = null ;
description = ''
List of network interfaces that should be used by the <command> avahi-daemon < /command > .
Other interfaces will be ignored . If <literal> null < /literal > , all local interfaces
except loopback and point-to-point will be used .
'' ;
} ;
browseDomains = mkOption {
default = [ ] ;
example = [ " 0 p o i n t e r . d e " " z e r o c o n f . o r g " ] ;
description = ''
List of non-local DNS domains to be browsed .
'' ;
} ;
openFirewall = mkOption {
type = types . bool ;
default = true ;
description = ''
Whether to open the firewall for UDP port 5353 .
'' ;
} ;
ipv4 = mkOption {
default = true ;
description = '' W h e t h e r t o u s e I P v 4 '' ;
} ;
allowPointToPoint = mkOption {
type = types . bool ;
default = false ;
description = ''
Whether to use POINTTOPOINT interfaces . Might make mDNS unreliable due to usually large
latencies with such links and opens a potential security hole by allowing mDNS access from Internet
connections .
'' ;
} ;
ipv6 = mkOption {
default = false ;
description = '' W h e t h e r t o u s e I P v 6 '' ;
} ;
wideArea = mkOption {
type = types . bool ;
default = true ;
description = " W h e t h e r t o e n a b l e w i d e - a r e a s e r v i c e d i s c o v e r y . " ;
} ;
interfaces = mkOption {
type = types . nullOr ( types . listOf types . str ) ;
default = null ;
description = ''
List of network interfaces that should be used by the <command> avahi-daemon < /command > .
Other interfaces will be ignored . If <literal> null < /literal > all local interfaces
except loopback and point-to-point will be used .
'' ;
} ;
reflector = mkOption {
type = types . bool ;
default = false ;
description = " R e f l e c t i n c o m i n g m D N S r e q u e s t s t o a l l a l l o w e d n e t w o r k i n t e r f a c e s . " ;
} ;
allowPointToPoint = mkOption {
default = false ;
description = ''
Whether to use POINTTOPOINT interfaces . Might make mDNS unreliable due to usually large
latencies with such links and opens a potential security hole by allowing mDNS access from Internet
connections . Use with care and YMMV !
'' ;
} ;
extraServiceFiles = mkOption {
type = with types ; attrsOf ( either str path ) ;
default = { } ;
example = literalExample ''
{
ssh = " ' ' ${ pkgs . avahi } / e t c / a v a h i / s e r v i c e s / s s h . s e r v i c e " ;
smb = '' '
< ? xml version = " 1 . 0 " standalone = ' no' ? > < ! - - * - nxml- * - ->
< ! DOCTYPE service-group SYSTEM " a v a h i - s e r v i c e . d t d " >
<service-group>
< name replace-wildcards = " y e s " > % h < /name >
<service>
<type> _smb . _tcp < /type >
<port> 445 < /port >
< /service >
< /service-group >
'' ' ;
}
'' ;
description = ''
Specify custom service definitions which are placed in the avahi service directory .
See the <citerefentry> <refentrytitle> avahi . service < /refentrytitle >
<manvolnum> 5 < /manvolnum > < /citerefentry > manpage for detailed information .
'' ;
} ;
wideArea = mkOption {
default = true ;
description = '' W h e t h e r t o e n a b l e w i d e - a r e a s e r v i c e d i s c o v e r y . '' ;
publish = {
enable = mkOption {
type = types . bool ;
default = false ;
description = " W h e t h e r t o a l l o w p u b l i s h i n g i n g e n e r a l . " ;
} ;
reflector = mkOption {
userServices = mkOption {
type = types . bool ;
default = false ;
description = '' R e f l e c t i n c o m i n g m D N S r e q u e s t s t o a l l a l l o w e d n e t w o r k i n t e r f a c e s . '' ;
description = " W h e t h e r t o p u b l i s h u s e r s e r v i c e s . W i l l s e t < l i t e r a l > a d d r e s s e s = t r u e < / l i t e r a l > . " ;
} ;
publish = {
enable = mkOption {
default = false ;
description = '' W h e t h e r t o a l l o w p u b l i s h i n g i n g e n e r a l . '' ;
} ;
userServices = mkOption {
default = false ;
description = '' W h e t h e r t o p u b l i s h u s e r s e r v i c e s . W i l l s e t < l i t e r a l > a d d r e s s e s = t r u e < / l i t e r a l > . '' ;
} ;
addresses = mkOption {
default = false ;
description = '' W h e t h e r t o r e g i s t e r m D N S a d d r e s s r e c o r d s f o r a l l l o c a l I P a d d r e s s e s . '' ;
} ;
hinfo = mkOption {
default = false ;
description = ''
Whether to register an mDNS HINFO record which contains information about the
local operating system and CPU .
'' ;
} ;
workstation = mkOption {
default = false ;
description = '' W h e t h e r t o r e g i s t e r a s e r v i c e o f t y p e " _ w o r k s t a t i o n . _ t c p " o n t h e l o c a l L A N . '' ;
} ;
domain = mkOption {
default = false ;
description = '' W h e t h e r t o a n n o u n c e t h e l o c a l l y u s e d d o m a i n n a m e f o r b r o w s i n g b y o t h e r h o s t s . '' ;
} ;
addresses = mkOption {
type = types . bool ;
default = false ;
description = " W h e t h e r t o r e g i s t e r m D N S a d d r e s s r e c o r d s f o r a l l l o c a l I P a d d r e s s e s . " ;
} ;
nssmdns = mkOption {
hinfo = mkOption {
type = types . bool ;
default = false ;
description = ''
Whether to enable the mDNS NSS ( Name Service Switch ) plug-in .
Enabling it allows applications to resolve names in the ` . local'
domain by transparently querying the Avahi daemon .
Whether to register a mDNS HINFO record which contains information about the
local operating system and CPU .
'' ;
} ;
cacheEntriesMax = mkOption {
default = nul l;
type = types . nullOr types . int ;
workstation = mkOption {
type = types . bool ;
default = false ;
description = ''
Number of resource records to be cached per interface . Use 0 to
disable caching . Avahi daemon defaults to 4096 if not set .
Whether to register a service of type " _ w o r k s t a t i o n . _ t c p " on the local LAN .
'' ;
} ;
extraConfig = mkOption {
default = " " ;
type = types . lines ;
description = ''
Extra config to append to avahi-daemon . conf .
'' ;
domain = mkOption {
type = types . bool ;
default = false ;
description = " W h e t h e r t o a n n o u n c e t h e l o c a l l y u s e d d o m a i n n a m e f o r b r o w s i n g b y o t h e r h o s t s . " ;
} ;
} ;
} ;
nssmdns = mkOption {
type = types . bool ;
default = false ;
description = ''
Whether to enable the mDNS NSS ( Name Service Switch ) plug-in .
Enabling it allows applications to resolve names in the ` . local'
domain by transparently querying the Avahi daemon .
'' ;
} ;
cacheEntriesMax = mkOption {
type = types . nullOr types . int ;
default = null ;
description = ''
Number of resource records to be cached per interface . Use 0 to
disable caching . Avahi daemon defaults to 4096 if not set .
'' ;
} ;
###### implementation
extraConfig = mkOption {
type = types . lines ;
default = " " ;
description = ''
Extra config to append to avahi-daemon . conf .
'' ;
} ;
} ;
config = mkIf cfg . enable {
users . users . avahi = {
description = " a v a h i - d a e m o n p r i v i l e g e s e p a r a t i o n u s e r " ;
home = " / v a r / e m p t y " ;
group = " a v a h i " ;
isSystemUser = true ;
} ;
services . avahi . hostName = mkDefault config . networking . hostName ;
users . users = singleton
{ name = " a v a h i " ;
uid = config . ids . uids . avahi ;
description = " ` a v a h i - d a e m o n ' p r i v i l e g e s e p a r a t i o n u s e r " ;
home = " / v a r / e m p t y " ;
} ;
users . groups = singleton
{ name = " a v a h i " ;
gid = config . ids . gids . avahi ;
} ;
users . groups . avahi = { } ;
system . nssModules = optional cfg . nssmdns pkgs . nssmdns ;
environment . systemPackages = [ pkgs . avahi ] ;
systemd . sockets . avahi-daemon =
{ description = " A v a h i m D N S / D N S - S D S t a c k A c t i v a t i o n S o c k e t " ;
listenStreams = [ " / r u n / a v a h i - d a e m o n / s o c k e t " ] ;
wantedBy = [ " s o c k e t s . t a r g e t " ] ;
} ;
environment . etc = ( mapAttrs' ( n : v : nameValuePair
" a v a h i / s e r v i c e s / ${ n } . s e r v i c e "
{ ${ if types . path . check v then " s o u r c e " else " t e x t " } = v ; }
) cfg . extraServiceFiles ) ;
systemd . services . avahi-daemon =
{ description = " A v a h i m D N S / D N S - S D S t a c k " ;
wantedBy = [ " m u l t i - u s e r . t a r g e t " ] ;
requires = [ " a v a h i - d a e m o n . s o c k e t " ] ;
systemd . sockets . avahi-daemon = {
description = " A v a h i m D N S / D N S - S D S t a c k A c t i v a t i o n S o c k e t " ;
listenStreams = [ " / r u n / a v a h i - d a e m o n / s o c k e t " ] ;
wantedBy = [ " s o c k e t s . t a r g e t " ] ;
} ;
serviceConfig . " N o t i f y A c c e s s " = " m a i n " ;
serviceConfig . " B u s N a m e " = " o r g . f r e e d e s k t o p . A v a h i " ;
serviceConfig . " T y p e " = " d b u s " ;
systemd . tmpfiles . rules = [ " d / r u n / a v a h i - d a e m o n - a v a h i a v a h i - " ] ;
path = [ pkgs . coreutils pkgs . avahi ] ;
systemd . services . avahi-daemon = {
description = " A v a h i m D N S / D N S - S D S t a c k " ;
wantedBy = [ " m u l t i - u s e r . t a r g e t " ] ;
requires = [ " a v a h i - d a e m o n . s o c k e t " ] ;
preStart = " m k d i r - p / r u n / a v a h i - d a e m o n " ;
# Make NSS modules visible so that `avahi_nss_support ()' can
# return a sensible value.
environment . LD_LIBRARY_PATH = config . system . nssModules . path ;
script =
''
# Make NSS modules visible so that `avahi_nss_support ()' can
# return a sensible value.
export LD_LIBRARY_PATH = " ${ config . system . nssModules . path } "
path = [ pkgs . coreutils pkgs . avahi ] ;
exec $ { pkgs . avahi } /sbin/avahi-daemon - - syslog - f " ${ avahiDaemonConf } "
'' ;
serviceConfig = {
NotifyAccess = " m a i n " ;
BusName = " o r g . f r e e d e s k t o p . A v a h i " ;
Type = " d b u s " ;
ExecStart = " ${ pkgs . avahi } / s b i n / a v a h i - d a e m o n - - s y s l o g - f ${ avahiDaemonConf } " ;
} ;
} ;
services . dbus . enable = true ;
services . dbus . packages = [ pkgs . avahi ] ;
# Enabling Avahi without exposing it in the firewall doesn't make
# sense.
networking . firewall . allowedUDPPorts = [ 5353 ] ;
networking . firewall . allowedUDPPorts = mkIf cfg . openFirewall [ 5353 ] ;
} ;
}