Add Firefox Sync server module.

This commit is contained in:
Nicolas B. Pierron 2014-12-11 23:48:15 +01:00
parent 0a0678cf5a
commit 01886aef22
2 changed files with 136 additions and 0 deletions

View File

@ -232,6 +232,7 @@
./services/networking/dnscrypt-proxy.nix
./services/networking/dnsmasq.nix
./services/networking/ejabberd.nix
./services/networking/firefox/sync-server.nix
./services/networking/firewall.nix
./services/networking/flashpolicyd.nix
./services/networking/freenet.nix

View File

@ -0,0 +1,135 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.firefox.syncserver;
syncServerSecretFile = "/etc/firefox/syncserver-secret.ini";
syncServerIni = pkgs.writeText "syncserver.ini" ''
[DEFAULT]
overrides = ${cfg.privateConfig} ${syncServerSecretFile}
[server:main]
use = egg:Paste#http
host = ${cfg.listen.address}
port = ${toString cfg.listen.port}
[app:main]
use = egg:syncserver
[syncserver]
public_url = ${cfg.publicUrl}
${optionalString (cfg.sqlUri != "") "sqluri = ${cfg.sqlUri}"}
allow_new_users = ${if cfg.allowNewUsers then "true" else "false"}
[browserid]
backend = tokenserver.verifiers.LocalVerifier
audiences = ${removeSuffix "/" cfg.publicUrl}
'';
in
{
options = {
services.firefox.syncserver = {
enable = mkOption {
type = types.bool;
default = false;
example = true;
description = ''
Whether to enable a Firefox Sync Server, this give the opportunity to
Firefox users to store all synchronized data on their own server. To use this
server, Firefox users should visit the <option>about:config</option>, and
replicate the following change
<screen>
services.sync.tokenServerURI: http://localhost:5000/token/1.0/sync/1.5</screen>
where <option>http://localhost:5000/</option> corresponds to the
public url of the server.
'';
};
listen.address = mkOption {
type = types.str;
default = "0.0.0.0";
description = ''
Address on which the sync server listen to.
'';
};
listen.port = mkOption {
type = types.int;
default = 5000;
description = ''
Port on which the sync server listen to.
'';
};
publicUrl = mkOption {
type = types.str;
default = "http://localhost:5000/";
example = "http://sync.example.com/";
description = ''
Public URL with which firefox users can use to access the sync server.
'';
};
allowNewUsers = mkOption {
type = types.bool;
default = true;
example = false;
description = ''
Whether to allow new-user signups on the server. Only request by
existing accounts will be honored.
'';
};
sqlUri = mkOption {
type = types.str;
default = "sqlite:////var/db/firefox-sync-server.db";
example = "postgresql://scott:tiger@localhost/test";
description = ''
The location of the database. This URL is composed of
<option>dialect[+driver]://user:password@host/dbname[?key=value..]</option>,
where <option>dialect</option> is a database name such as
<option>mysql</option>, <option>oracle</option>, <option>postgresql</option>,
etc., and <option>driver</option> the name of a DBAPI, such as
<option>psycopg2</option>, <option>pyodbc</option>, <option>cx_oracle</option>,
etc.
'';
};
privateConfig = mkOption {
type = types.separatedString " ";
default = "";
description = ''
If defined, this file would be used to set all fields which were omitted in the
generated ini files used for configuring the syncserver. This file is useful
for storing secrets, such as the syncserver.secret or the syncserver.sqluri
'';
};
};
};
config = {
systemd.services.syncserver = {
after = [ "network.target" ];
description = "Firefox Sync Server";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.pythonPackages.pasteScript pkgs.coreutils ];
environment.PYTHONPATH = "${pkgs.pythonPackages.syncserver}/lib/${pkgs.pythonPackages.python.libPrefix}/site-packages";
preStart = ''
if ! test -e ${syncServerSecretFile}; then
mkdir -p $(dirname ${syncServerSecretFile})
echo > ${syncServerSecretFile} '[syncserver]'
echo >> ${syncServerSecretFile} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
fi
'';
serviceConfig.ExecStart = "paster serve ${syncServerIni}";
serviceConfig.User = "deluge";
serviceConfig.Group = "deluge";
};
};
}