2014-04-14 15:26:48 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
2013-10-05 22:07:22 +01:00
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
# TODO: This may file may need additional review, eg which configuartions to
|
|
|
|
# expose to the user.
|
|
|
|
#
|
|
|
|
# I only used it to access some simple databases.
|
|
|
|
|
|
|
|
# test:
|
|
|
|
# isql, then type the following commands:
|
|
|
|
# CREATE DATABASE '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
|
|
|
|
# CONNECT '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
|
|
|
|
# CREATE TABLE test ( text varchar(100) );
|
|
|
|
# DROP DATABASE;
|
|
|
|
#
|
|
|
|
# Be careful, virtuoso-opensource also provides a different isql command !
|
2013-10-05 22:07:22 +01:00
|
|
|
|
|
|
|
# There are at least two ways to run firebird. superserver has been choosen
|
|
|
|
# however there are no strong reasons to prefer this or the other one AFAIK
|
|
|
|
# Eg superserver is said to be most efficiently using resources according to
|
|
|
|
# http://www.firebirdsql.org/manual/qsg25-classic-or-super.html
|
|
|
|
|
2014-04-14 15:26:48 +01:00
|
|
|
with lib;
|
2013-10-05 22:07:22 +01:00
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
cfg = config.services.firebird;
|
|
|
|
|
|
|
|
firebird = cfg.package;
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
dataDir = "${cfg.baseDir}/data";
|
|
|
|
systemDir = "${cfg.baseDir}/system";
|
2013-10-05 22:07:22 +01:00
|
|
|
|
|
|
|
in
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
###### interface
|
|
|
|
|
|
|
|
options = {
|
|
|
|
|
|
|
|
services.firebird = {
|
|
|
|
|
|
|
|
enable = mkOption {
|
|
|
|
default = false;
|
2013-10-11 16:18:40 +01:00
|
|
|
description = ''
|
|
|
|
Whether to enable the Firebird super server.
|
|
|
|
'';
|
2013-10-05 22:07:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
package = mkOption {
|
|
|
|
default = pkgs.firebirdSuper;
|
2014-02-27 12:22:04 +00:00
|
|
|
type = types.package;
|
2013-10-05 22:07:22 +01:00
|
|
|
/*
|
|
|
|
Example: <code>package = pkgs.firebirdSuper.override { icu =
|
|
|
|
pkgs.icu; };</code> which is not recommended for compatibility
|
|
|
|
reasons. See comments at the firebirdSuper derivation
|
|
|
|
*/
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
description = ''
|
2013-10-05 22:07:22 +01:00
|
|
|
Which firebird derivation to use.
|
2013-10-11 16:18:40 +01:00
|
|
|
'';
|
2013-10-05 22:07:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
port = mkOption {
|
|
|
|
default = "3050";
|
2013-10-11 16:18:40 +01:00
|
|
|
description = ''
|
|
|
|
Port Firebird uses.
|
|
|
|
'';
|
2013-10-05 22:07:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
user = mkOption {
|
|
|
|
default = "firebird";
|
2013-10-11 16:18:40 +01:00
|
|
|
description = ''
|
|
|
|
User account under which firebird runs.
|
|
|
|
'';
|
2013-10-05 22:07:22 +01:00
|
|
|
};
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
baseDir = mkOption {
|
|
|
|
default = "/var/db/firebird"; # ubuntu is using /var/lib/firebird/2.1/data/.. ?
|
|
|
|
description = ''
|
|
|
|
Location containing data/ and system/ directories.
|
|
|
|
data/ stores the databases, system/ stores the password database security2.fdb.
|
|
|
|
'';
|
2013-10-05 22:07:22 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
###### implementation
|
|
|
|
|
|
|
|
config = mkIf config.services.firebird.enable {
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
environment.systemPackages = [cfg.package];
|
2013-10-05 22:07:22 +01:00
|
|
|
|
|
|
|
systemd.services.firebird =
|
2013-10-11 16:18:40 +01:00
|
|
|
{ description = "Firebird Super-Server";
|
2013-10-05 22:07:22 +01:00
|
|
|
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
|
|
|
|
# TODO: moving security2.fdb into the data directory works, maybe there
|
|
|
|
# is a better way
|
|
|
|
preStart =
|
|
|
|
''
|
|
|
|
mkdir -m 0700 -p \
|
2013-10-11 16:18:40 +01:00
|
|
|
"${dataDir}" \
|
|
|
|
"${systemDir}" \
|
|
|
|
/var/log/firebird
|
2013-10-05 22:07:22 +01:00
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
if ! test -e "${systemDir}/security2.fdb"; then
|
|
|
|
cp ${firebird}/security2.fdb "${systemDir}"
|
2013-10-05 22:07:22 +01:00
|
|
|
fi
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
chown -R ${cfg.user} "${dataDir}" "${systemDir}" /var/log/firebird
|
|
|
|
chmod -R 700 "${dataDir}" "${systemDir}" /var/log/firebird
|
2013-10-05 22:07:22 +01:00
|
|
|
'';
|
|
|
|
|
|
|
|
serviceConfig.PermissionsStartOnly = true; # preStart must be run as root
|
|
|
|
serviceConfig.User = cfg.user;
|
|
|
|
serviceConfig.ExecStart = ''${firebird}/bin/fbserver -d'';
|
|
|
|
|
|
|
|
# TODO think about shutdown
|
|
|
|
};
|
|
|
|
|
|
|
|
environment.etc."firebird/firebird.msg".source = "${firebird}/firebird.msg";
|
|
|
|
|
|
|
|
# think about this again - and eventually make it an option
|
|
|
|
environment.etc."firebird/firebird.conf".text = ''
|
2013-10-11 16:18:40 +01:00
|
|
|
# RootDirectory = Restrict ${dataDir}
|
|
|
|
DatabaseAccess = Restrict ${dataDir}
|
|
|
|
ExternalFileAccess = Restrict ${dataDir}
|
2013-10-05 22:07:22 +01:00
|
|
|
# what is this? is None allowed?
|
|
|
|
UdfAccess = None
|
|
|
|
# "Native" = traditional interbase/firebird, "mixed" is windows only
|
|
|
|
Authentication = Native
|
|
|
|
|
|
|
|
# defaults to -1 on non Win32
|
|
|
|
#MaxUnflushedWrites = 100
|
|
|
|
#MaxUnflushedWriteTime = 100
|
|
|
|
|
|
|
|
# show trace if trouble occurs (does this require debug build?)
|
|
|
|
# BugcheckAbort = 0
|
|
|
|
# ConnectionTimeout = 180
|
|
|
|
|
|
|
|
#RemoteServiceName = gds_db
|
|
|
|
RemoteServicePort = ${cfg.port}
|
|
|
|
|
|
|
|
# randomly choose port for server Event Notification
|
|
|
|
#RemoteAuxPort = 0
|
|
|
|
# rsetrict connections to a network card:
|
|
|
|
#RemoteBindAddress =
|
2013-10-11 16:18:40 +01:00
|
|
|
# there are some additional settings which should be reviewed
|
2013-10-05 22:07:22 +01:00
|
|
|
'';
|
|
|
|
|
2013-10-11 16:18:40 +01:00
|
|
|
users.extraUsers.firebird = {
|
2013-10-25 14:52:52 +01:00
|
|
|
description = "Firebird server user";
|
2013-10-11 16:18:40 +01:00
|
|
|
group = "firebird";
|
|
|
|
uid = config.ids.uids.firebird;
|
|
|
|
};
|
|
|
|
|
2013-10-25 14:52:52 +01:00
|
|
|
};
|
2013-10-05 22:07:22 +01:00
|
|
|
}
|