From d403cf223a677e998e8f119af7711bdcd4fb3245 Mon Sep 17 00:00:00 2001
From: Gabriel Ebner <gebner@gebner.org>
Date: Thu, 3 Oct 2019 19:19:07 +0200
Subject: [PATCH] mastus: add wstunnel

---
 mastus/configuration.nix |  1 +
 mastus/vmtest.nix        |  7 +++++-
 mastus/wstunnel.nix      | 26 ++++++++++++++++++++++
 pkgs/wstunnel.nix        | 47 ++++++++++++++++++++++++++++++++++++++++
 4 files changed, 80 insertions(+), 1 deletion(-)
 create mode 100644 mastus/wstunnel.nix
 create mode 100644 pkgs/wstunnel.nix

diff --git a/mastus/configuration.nix b/mastus/configuration.nix
index 6856067..89a5cb9 100644
--- a/mastus/configuration.nix
+++ b/mastus/configuration.nix
@@ -13,6 +13,7 @@
       ./gogs.nix
       ./letsencrypt.nix
       ./website.nix
+      ./wstunnel.nix
       ./radicale.nix
       ./ttrss.nix
       ./dns.nix
diff --git a/mastus/vmtest.nix b/mastus/vmtest.nix
index d2157e9..8cee5ad 100644
--- a/mastus/vmtest.nix
+++ b/mastus/vmtest.nix
@@ -21,7 +21,12 @@ let
       '';
     };
 
-    environment.systemPackages = with pkgs; [ elinks carddav-util fcgi ];
+    environment.systemPackages = with pkgs; [
+      elinks
+      carddav-util
+      fcgi
+      (haskell.lib.justStaticExecutables (haskellPackages.callPackage ../pkgs/wstunnel.nix {}))
+    ];
 
     networking.extraHosts = ''
       127.0.0.1 gebner.org www.gebner.org reader.gebner.org git.gebner.org mail.gebner.org radicale.gebner.org gabrielebner.at
diff --git a/mastus/wstunnel.nix b/mastus/wstunnel.nix
new file mode 100644
index 0000000..76cb69b
--- /dev/null
+++ b/mastus/wstunnel.nix
@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+let
+  wstunnel = with pkgs; haskell.lib.justStaticExecutables
+    (haskellPackages.callPackage ../pkgs/wstunnel.nix {});
+  port = 58613;
+in
+
+{
+
+  systemd.services.wstunnel = rec {
+    path = [ wstunnel ];
+    wantedBy = [ "nginx.service" ];
+    after = [ "network.target" ];
+    script = ''
+      wstunnel -v --server --restrictTo=htdf-gw.gebner.org:35869 ws://localhost:${toString port}
+    '';
+  };
+
+  services.nginx.virtualHosts."gebner.org".locations = {
+    "/wstunnel/udp/htdf-gw.gebner.org/35869" = {
+      proxyWebsockets = true;
+      proxyPass = "http://localhost:${toString port}";
+    };
+  };
+}
diff --git a/pkgs/wstunnel.nix b/pkgs/wstunnel.nix
new file mode 100644
index 0000000..7d0b1ef
--- /dev/null
+++ b/pkgs/wstunnel.nix
@@ -0,0 +1,47 @@
+{ mkDerivation, async, base, base64-bytestring, binary, bytestring
+, classy-prelude, cmdargs, connection, hslogger, mtl, network
+, network-conduit-tls, stdenv, streaming-commons, text
+, unordered-containers, websockets
+, lib, fetchFromGitHub, fetchpatch
+}:
+
+mkDerivation rec {
+  pname = "wstunnel";
+  version = "unstable-2019-01-28";
+
+  src = fetchFromGitHub {
+    owner = "erebe";
+    repo = pname;
+    rev = "78cc5a5f1aa4dbcb25fa9b0efc9cfef3640672e4";
+    sha256 = "17y3yn7qg1h7jx9xs041sw63g51vyns236f60d2m2mghi49lm9i2";
+  };
+
+  patches = [
+    # Support GHC 8.6   https://github.com/erebe/wstunnel/pull/18
+    (fetchpatch {
+      url = "https://github.com/erebe/wstunnel/commit/8f348fea4dbf75874d5d930334377843763335ab.patch";
+      sha256 = "0a66jx7k97j3iyr7j5npbyq1lkhzz74r81mkas4nig7z3hny1gn9";
+    })
+  ];
+
+  isLibrary = false;
+  isExecutable = true;
+
+  libraryHaskellDepends = [
+    async base base64-bytestring binary bytestring classy-prelude
+    connection hslogger mtl network network-conduit-tls
+    streaming-commons text unordered-containers websockets
+  ];
+
+  executableHaskellDepends = [
+    base bytestring classy-prelude cmdargs hslogger text
+  ];
+
+  testHaskellDepends = [ base text ];
+
+  homepage = "https://github.com/githubuser/wstunnel";
+  description = "UDP and TCP tunnelling over WebSocket";
+  maintainers = with lib.maintainers; [ gebner ];
+  license = lib.licenses.bsd3;
+
+}