From 7ecac99da7567f4f0e60c1c97678e85b997ffd89 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Thu, 27 Jul 2023 23:41:08 +0200 Subject: [PATCH] sslh: 1.22c -> 2.0.0 --- nixos/modules/services/networking/sslh.nix | 32 ++++++++++++++-------- pkgs/servers/sslh/default.nix | 9 +++--- 2 files changed, 25 insertions(+), 16 deletions(-) diff --git a/nixos/modules/services/networking/sslh.nix b/nixos/modules/services/networking/sslh.nix index 820c72924582..dd29db510020 100644 --- a/nixos/modules/services/networking/sslh.nix +++ b/nixos/modules/services/networking/sslh.nix @@ -16,8 +16,8 @@ in (mkRenamedOptionModule [ "services" "sslh" "timeout" ] [ "services" "sslh" "settings" "timeout" ]) (mkRenamedOptionModule [ "services" "sslh" "transparent" ] [ "services" "sslh" "settings" "transparent" ]) (mkRemovedOptionModule [ "services" "sslh" "appendConfig" ] "Use services.sslh.settings instead") - (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose" ] - (verbose: if verbose then 1 else 0)) + (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose-connections" ] + (config: if config.services.sslh.verbose then 1 else 0)) ]; meta.buildDocsInSandbox = false; @@ -26,7 +26,7 @@ in enable = mkEnableOption (lib.mdDoc "sslh, protocol demultiplexer"); method = mkOption { - type = types.enum [ "fork" "select" ]; + type = types.enum [ "fork" "select" "ev" ]; default = "fork"; description = lib.mdDoc '' The method to use for handling connections: @@ -38,6 +38,9 @@ in - `select` uses only one thread, which monitors all connections at once. It has lower overhead per connection, but if it stops, you'll lose all connections. + + - `ev` is implemented using libev, it's similar to `select` but + scales better to a large number of connections. ''; }; @@ -57,15 +60,6 @@ in type = types.submodule { freeformType = configFormat.type; - options.verbose = mkOption { - type = types.int; - default = 0; - example = 3; - description = lib.mdDoc '' - Logging verbosity: higher values for more information. - ''; - }; - options.timeout = mkOption { type = types.ints.unsigned; default = 2; @@ -82,6 +76,20 @@ in ''; }; + options.verbose-connections = mkOption { + type = types.ints.between 0 4; + default = 0; + description = lib.mdDoc '' + Where to log connections information. Possible values are: + + 0. don't log anything + 1. write log to stdout + 2. write log to syslog + 3. write log to both stdout and syslog + 4. write to a log file ({option}`sslh.settings.logfile`) + ''; + }; + options.numeric = mkOption { type = types.bool; default = true; diff --git a/pkgs/servers/sslh/default.nix b/pkgs/servers/sslh/default.nix index 25e40294747c..97ec06306fc4 100644 --- a/pkgs/servers/sslh/default.nix +++ b/pkgs/servers/sslh/default.nix @@ -1,19 +1,19 @@ -{ lib, stdenv, fetchFromGitHub, libcap, libconfig, perl, tcp_wrappers, pcre2, nixosTests }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, libcap, libev, libconfig, perl, tcp_wrappers, pcre2, nixosTests }: stdenv.mkDerivation rec { pname = "sslh"; - version = "1.22c"; + version = "2.0.0"; src = fetchFromGitHub { owner = "yrutschle"; repo = pname; rev = "v${version}"; - sha256 = "sha256-A+nUWiOPoz/T5afZUzt5In01e049TgHisTF8P5Vj180="; + hash = "sha256-KfNQWSmAf86AFoInKlNZoiSuSwVLaJVnfo7SjZVY/VU="; }; postPatch = "patchShebangs *.sh"; - buildInputs = [ libcap libconfig perl tcp_wrappers pcre2 ]; + buildInputs = [ libcap libev libconfig perl tcp_wrappers pcre2 ]; makeFlags = [ "USELIBCAP=1" "USELIBWRAP=1" ]; @@ -21,6 +21,7 @@ stdenv.mkDerivation rec { # install all flavours install -p sslh-fork "$out/sbin/sslh-fork" install -p sslh-select "$out/sbin/sslh-select" + install -p sslh-ev "$out/sbin/sslh-ev" ln -sf sslh-fork "$out/sbin/sslh" '';