2016-11-03 16:49:36 +00:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
cfg = config.services.stanchion;
|
|
|
|
|
|
|
|
in
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
###### interface
|
|
|
|
|
|
|
|
options = {
|
|
|
|
|
|
|
|
services.stanchion = {
|
|
|
|
|
|
|
|
enable = mkEnableOption "stanchion";
|
|
|
|
|
|
|
|
package = mkOption {
|
|
|
|
type = types.package;
|
2016-11-21 11:35:08 +00:00
|
|
|
default = pkgs.stanchion;
|
2016-11-21 11:07:06 +00:00
|
|
|
defaultText = "pkgs.stanchion";
|
2016-11-03 16:49:36 +00:00
|
|
|
example = literalExample "pkgs.stanchion";
|
|
|
|
description = ''
|
|
|
|
Stanchion package to use.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
nodeName = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "stanchion@127.0.0.1";
|
|
|
|
description = ''
|
|
|
|
Name of the Erlang node.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
adminKey = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "";
|
|
|
|
description = ''
|
|
|
|
Name of admin user.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
adminSecret = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "";
|
|
|
|
description = ''
|
|
|
|
Name of admin secret
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
riakHost = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "127.0.0.1:8087";
|
|
|
|
description = ''
|
|
|
|
Name of riak hosting service.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
listener = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "127.0.0.1:8085";
|
|
|
|
description = ''
|
|
|
|
Name of Riak CS listening service.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
stanchionHost = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "127.0.0.1:8085";
|
|
|
|
description = ''
|
|
|
|
Name of stanchion hosting service.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
stanchionSsl = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
default = true;
|
|
|
|
description = ''
|
|
|
|
Tell stanchion to use SSL.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
distributedCookie = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "riak";
|
|
|
|
description = ''
|
|
|
|
Cookie for distributed node communication. All nodes in the
|
|
|
|
same cluster should use the same cookie or they will not be able to
|
|
|
|
communicate.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
dataDir = mkOption {
|
|
|
|
type = types.path;
|
|
|
|
default = "/var/db/stanchion";
|
|
|
|
description = ''
|
|
|
|
Data directory for Stanchion.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
logDir = mkOption {
|
|
|
|
type = types.path;
|
|
|
|
default = "/var/log/stanchion";
|
|
|
|
description = ''
|
|
|
|
Log directory for Stanchino.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
extraConfig = mkOption {
|
|
|
|
type = types.lines;
|
|
|
|
default = "";
|
|
|
|
description = ''
|
|
|
|
Additional text to be appended to <filename>stanchion.conf</filename>.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
###### implementation
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
|
|
|
environment.systemPackages = [ cfg.package ];
|
|
|
|
|
|
|
|
environment.etc."stanchion/advanced.config".text = ''
|
|
|
|
[{stanchion, []}].
|
|
|
|
'';
|
|
|
|
|
|
|
|
environment.etc."stanchion/stanchion.conf".text = ''
|
|
|
|
listener = ${cfg.listener}
|
|
|
|
|
|
|
|
riak_host = ${cfg.riakHost}
|
|
|
|
|
|
|
|
${optionalString (cfg.adminKey == "") "#"} admin.key=${optionalString (cfg.adminKey != "") cfg.adminKey}
|
|
|
|
${optionalString (cfg.adminSecret == "") "#"} admin.secret=${optionalString (cfg.adminSecret != "") cfg.adminSecret}
|
|
|
|
|
|
|
|
platform_bin_dir = ${pkgs.stanchion}/bin
|
|
|
|
platform_data_dir = ${cfg.dataDir}
|
|
|
|
platform_etc_dir = /etc/stanchion
|
|
|
|
platform_lib_dir = ${pkgs.stanchion}/lib
|
|
|
|
platform_log_dir = ${cfg.logDir}
|
|
|
|
|
|
|
|
nodename = ${cfg.nodeName}
|
|
|
|
|
|
|
|
distributed_cookie = ${cfg.distributedCookie}
|
|
|
|
|
|
|
|
stanchion_ssl=${if cfg.stanchionSsl then "on" else "off"}
|
|
|
|
|
|
|
|
${cfg.extraConfig}
|
|
|
|
'';
|
|
|
|
|
|
|
|
users.extraUsers.stanchion = {
|
|
|
|
name = "stanchion";
|
|
|
|
uid = config.ids.uids.stanchion;
|
|
|
|
group = "stanchion";
|
|
|
|
description = "Stanchion server user";
|
|
|
|
};
|
|
|
|
|
|
|
|
users.extraGroups.stanchion.gid = config.ids.gids.stanchion;
|
|
|
|
|
|
|
|
systemd.services.stanchion = {
|
|
|
|
description = "Stanchion Server";
|
|
|
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
after = [ "network.target" ];
|
|
|
|
|
|
|
|
path = [
|
|
|
|
pkgs.utillinux # for `logger`
|
|
|
|
pkgs.bash
|
|
|
|
];
|
|
|
|
|
|
|
|
environment.HOME = "${cfg.dataDir}";
|
|
|
|
environment.STANCHION_DATA_DIR = "${cfg.dataDir}";
|
|
|
|
environment.STANCHION_LOG_DIR = "${cfg.logDir}";
|
|
|
|
environment.STANCHION_ETC_DIR = "/etc/stanchion";
|
|
|
|
|
|
|
|
preStart = ''
|
|
|
|
if ! test -e ${cfg.logDir}; then
|
|
|
|
mkdir -m 0755 -p ${cfg.logDir}
|
|
|
|
chown -R stanchion:stanchion ${cfg.logDir}
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! test -e ${cfg.dataDir}; then
|
|
|
|
mkdir -m 0700 -p ${cfg.dataDir}
|
|
|
|
chown -R stanchion:stanchion ${cfg.dataDir}
|
|
|
|
fi
|
|
|
|
'';
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
ExecStart = "${cfg.package}/bin/stanchion console";
|
|
|
|
ExecStop = "${cfg.package}/bin/stanchion stop";
|
|
|
|
StandardInput = "tty";
|
|
|
|
User = "stanchion";
|
|
|
|
Group = "stanchion";
|
|
|
|
PermissionsStartOnly = true;
|
|
|
|
# Give Stanchion a decent amount of time to clean up.
|
|
|
|
TimeoutStopSec = 120;
|
|
|
|
LimitNOFILE = 65536;
|
|
|
|
};
|
|
|
|
|
|
|
|
unitConfig.RequiresMountsFor = [
|
|
|
|
"${cfg.dataDir}"
|
|
|
|
"${cfg.logDir}"
|
|
|
|
"/etc/stanchion"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|