sslh: 1.22c -> 2.0.0

khaneliman · Oct 29, 2023 · 7ecac99 · 7ecac99
1 parent 3728338
commit 7ecac99
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 16 deletions.
diff --git a/nixos/modules/services/networking/sslh.nix b/nixos/modules/services/networking/sslh.nix
@@ -16,8 +16,8 @@ in
     (mkRenamedOptionModule [ "services" "sslh" "timeout" ] [ "services" "sslh" "settings" "timeout" ])
     (mkRenamedOptionModule [ "services" "sslh" "transparent" ] [ "services" "sslh" "settings" "transparent" ])
     (mkRemovedOptionModule [ "services" "sslh" "appendConfig" ] "Use services.sslh.settings instead")
-    (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose" ]
-      (verbose: if verbose then 1 else 0))
+    (mkChangedOptionModule [ "services" "sslh" "verbose" ] [ "services" "sslh" "settings" "verbose-connections" ]
+      (config: if config.services.sslh.verbose then 1 else 0))
   ];
 
   meta.buildDocsInSandbox = false;
@@ -26,7 +26,7 @@ in
     enable = mkEnableOption (lib.mdDoc "sslh, protocol demultiplexer");
 
     method = mkOption {
-      type = types.enum [ "fork" "select" ];
+      type = types.enum [ "fork" "select" "ev" ];
       default = "fork";
       description = lib.mdDoc ''
         The method to use for handling connections:
@@ -38,6 +38,9 @@ in
           - `select` uses only one thread, which monitors all connections at once.
           It has lower overhead per connection, but if it stops, you'll lose all
           connections.
+
+          - `ev` is implemented using libev, it's similar to `select` but
+            scales better to a large number of connections.
       '';
     };
 
@@ -57,15 +60,6 @@ in
       type = types.submodule {
         freeformType = configFormat.type;
 
-        options.verbose = mkOption {
-          type = types.int;
-          default = 0;
-          example = 3;
-          description = lib.mdDoc ''
-            Logging verbosity: higher values for more information.
-          '';
-        };
-
         options.timeout = mkOption {
           type = types.ints.unsigned;
           default = 2;
@@ -82,6 +76,20 @@ in
           '';
         };
 
+        options.verbose-connections = mkOption {
+          type = types.ints.between 0 4;
+          default = 0;
+          description = lib.mdDoc ''
+            Where to log connections information. Possible values are:
+
+             0. don't log anything
+             1. write log to stdout
+             2. write log to syslog
+             3. write log to both stdout and syslog
+             4. write to a log file ({option}`sslh.settings.logfile`)
+          '';
+        };
+
         options.numeric = mkOption {
           type = types.bool;
           default = true;

diff --git a/pkgs/servers/sslh/default.nix b/pkgs/servers/sslh/default.nix
@@ -1,26 +1,27 @@
-{ lib, stdenv, fetchFromGitHub, libcap, libconfig, perl, tcp_wrappers, pcre2, nixosTests }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, libcap, libev, libconfig, perl, tcp_wrappers, pcre2, nixosTests }:
 
 stdenv.mkDerivation rec {
   pname = "sslh";
-  version = "1.22c";
+  version = "2.0.0";
 
   src = fetchFromGitHub {
     owner = "yrutschle";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-A+nUWiOPoz/T5afZUzt5In01e049TgHisTF8P5Vj180=";
+    hash = "sha256-KfNQWSmAf86AFoInKlNZoiSuSwVLaJVnfo7SjZVY/VU=";
   };
 
   postPatch = "patchShebangs *.sh";
 
-  buildInputs = [ libcap libconfig perl tcp_wrappers pcre2 ];
+  buildInputs = [ libcap libev libconfig perl tcp_wrappers pcre2 ];
 
   makeFlags = [ "USELIBCAP=1" "USELIBWRAP=1" ];
 
   postInstall = ''
     # install all flavours
     install -p sslh-fork "$out/sbin/sslh-fork"
     install -p sslh-select "$out/sbin/sslh-select"
+    install -p sslh-ev "$out/sbin/sslh-ev"
     ln -sf sslh-fork "$out/sbin/sslh"
   '';