sslh: 1.22c -> 2.0.0

2023-07-27 23:41:08 +02:00 · 2023-07-27 23:41:08 +02:00 · 7ecac99da7
commit 7ecac99da7
parent 3728338d40
2 changed files with 25 additions and 16 deletions
--- a/nixos/modules/services/networking/sslh.nix
+++ b/nixos/modules/services/networking/sslh.nix
@ -16,8 +16,8 @@ in
    (mkRenamedOptionModule [ "services" "sslh" "timeout" ] [ "services" "sslh" "settings" "timeout" ])
    (mkRenamedOptionModule [ "services" "sslh" "transparent" ] [ "services" "sslh" "settings" "transparent" ])
    (mkRemovedOptionModule [ "services" "sslh" "appendConfig" ] "Use services.sslh.settings instead")
-    (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose" ]
-      (verbose: if verbose then 1 else 0))
+    (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose-connections" ]
+      (config: if config.services.sslh.verbose then 1 else 0))
  ];

  meta.buildDocsInSandbox = false;
@ -26,7 +26,7 @@ in
    enable = mkEnableOption (lib.mdDoc "sslh, protocol demultiplexer");

    method = mkOption {
-      type = types.enum [ "fork" "select" ];
+      type = types.enum [ "fork" "select" "ev" ];
      default = "fork";
      description = lib.mdDoc ''
        The method to use for handling connections:
@ -38,6 +38,9 @@ in
          - `select` uses only one thread, which monitors all connections at once.
          It has lower overhead per connection, but if it stops, you'll lose all
          connections.
+
+          - `ev` is implemented using libev, it's similar to `select` but
+            scales better to a large number of connections.
      '';
    };

@ -57,15 +60,6 @@ in
      type = types.submodule {
        freeformType = configFormat.type;

-        options.verbose = mkOption {
-          type = types.int;
-          default = 0;
-          example = 3;
-          description = lib.mdDoc ''
-            Logging verbosity: higher values for more information.
-          '';
-        };
-
        options.timeout = mkOption {
          type = types.ints.unsigned;
          default = 2;
@ -82,6 +76,20 @@ in
          '';
        };

+        options.verbose-connections = mkOption {
+          type = types.ints.between 0 4;
+          default = 0;
+          description = lib.mdDoc ''
+            Where to log connections information. Possible values are:
+
+             0. don't log anything
+             1. write log to stdout
+             2. write log to syslog
+             3. write log to both stdout and syslog
+             4. write to a log file ({option}`sslh.settings.logfile`)
+          '';
+        };
+
        options.numeric = mkOption {
          type = types.bool;
          default = true;
--- a/pkgs/servers/sslh/default.nix
+++ b/pkgs/servers/sslh/default.nix
@ -1,19 +1,19 @@
-{ lib, stdenv, fetchFromGitHub, libcap, libconfig, perl, tcp_wrappers, pcre2, nixosTests }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, libcap, libev, libconfig, perl, tcp_wrappers, pcre2, nixosTests }:

 stdenv.mkDerivation rec {
  pname = "sslh";
-  version = "1.22c";
+  version = "2.0.0";

  src = fetchFromGitHub {
    owner = "yrutschle";
    repo = pname;
    rev = "v${version}";
-    sha256 = "sha256-A+nUWiOPoz/T5afZUzt5In01e049TgHisTF8P5Vj180=";
+    hash = "sha256-KfNQWSmAf86AFoInKlNZoiSuSwVLaJVnfo7SjZVY/VU=";
  };

  postPatch = "patchShebangs *.sh";

-  buildInputs = [ libcap libconfig perl tcp_wrappers pcre2 ];
+  buildInputs = [ libcap libev libconfig perl tcp_wrappers pcre2 ];

  makeFlags = [ "USELIBCAP=1" "USELIBWRAP=1" ];

@ -21,6 +21,7 @@ stdenv.mkDerivation rec {
    # install all flavours
    install -p sslh-fork "$out/sbin/sslh-fork"
    install -p sslh-select "$out/sbin/sslh-select"
+    install -p sslh-ev "$out/sbin/sslh-ev"
    ln -sf sslh-fork "$out/sbin/sslh"
  '';