JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jobs -> systemd.services

Browse Source
This commit is contained in:
Robin Gloster 2016-01-06 06:50:18 +00:00
parent af50b03f50
commit 88292fdf09
49 changed files with 772 additions and 1224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix
View File

@ -149,8 +149,7 @@ in
# not be started by default on the installation CD because the
# default root password is empty.
services.openssh.enable = true;
jobs.openssh.startOn = lib.mkOverride 50 "";
systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
boot.loader.grub.enable = false;
boot.loader.generationsDir.enable = false;

2
nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
View File

@ -164,7 +164,7 @@ in
# not be started by default on the installation CD because the
# default root password is empty.
services.openssh.enable = true;
jobs.openssh.startOn = lib.mkOverride 50 "";
systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
# cpufrequtils fails to build on non-pc
powerManagement.enable = false;

1
nixos/modules/module-list.nix
View File

@ -475,7 +475,6 @@
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/etc/etc.nix
./system/upstart/upstart.nix
./tasks/bcache.nix
./tasks/cpu-freq.nix
./tasks/encrypted-devices.nix

8
nixos/modules/services/databases/4store-endpoint.nix
View File

@ -60,11 +60,9 @@ with lib;
services.avahi.enable = true;
jobs.fourStoreEndpoint = {
name = "4store-endpoint";
startOn = "ip-up";
exec = ''
systemd.services."4store-endpoint" = {
wantedBy = [ "ip-up.target" ];
script = ''
${run} '${pkgs.rdf4store}/bin/4s-httpd -D ${cfg.options} ${if cfg.listenAddress!=null then "-H ${cfg.listenAddress}" else "" } -p ${toString cfg.port} ${cfg.database}'
'';
};

9
nixos/modules/services/databases/4store.nix
View File

@ -52,9 +52,8 @@ with lib;
services.avahi.enable = true;
jobs.fourStore = {
name = "4store";
startOn = "ip-up";
systemd.services."4store" = {
wantedBy = [ "ip-up.target" ];
preStart = ''
mkdir -p ${stateDir}/
@ -64,11 +63,9 @@ with lib;
fi
'';
exec = ''
script = ''
${run} -c '${pkgs.rdf4store}/bin/4s-backend -D ${cfg.options} ${cfg.database}'
'';
};
};
}

25
nixos/modules/services/databases/virtuoso.nix
View File

@ -29,20 +29,20 @@ with lib;
};
listenAddress = mkOption {
default = "1111";
example = "myserver:1323";
default = "1111";
example = "myserver:1323";
description = "ip:port or port to listen on.";
};
httpListenAddress = mkOption {
default = null;
example = "myserver:8080";
default = null;
example = "myserver:8080";
description = "ip:port or port for Virtuoso HTTP server to listen on.";
};
dirsAllowed = mkOption {
default = null;
example = "/www, /home/";
default = null;
example = "/www, /home/";
description = "A list of directories Virtuoso is allowed to access";
};
};
@ -61,18 +61,17 @@ with lib;
home = stateDir;
};
jobs.virtuoso = {
name = "virtuoso";
startOn = "ip-up";
systemd.services.virtuoso = {
wantedBy = [ "ip-up.target" ];
preStart = ''
mkdir -p ${stateDir}
chown ${virtuosoUser} ${stateDir}
mkdir -p ${stateDir}
chown ${virtuosoUser} ${stateDir}
'';
script = ''
cd ${stateDir}
${pkgs.virtuoso}/bin/virtuoso-t +foreground +configfile ${pkgs.writeText "virtuoso.ini" cfg.config}
cd ${stateDir}
${pkgs.virtuoso}/bin/virtuoso-t +foreground +configfile ${pkgs.writeText "virtuoso.ini" cfg.config}
'';
};

4
nixos/modules/services/games/ghost-one.nix
View File

@ -78,8 +78,8 @@ in
bot_replaypath = replays
'';
jobs.ghostOne = {
name = "ghost-one";
systemd.services."ghost-one" = {
wantedBy = [ "multi-user.target" ];
script = ''
mkdir -p ${stateDir}
cd ${stateDir}

26
nixos/modules/services/hardware/acpid.nix
View File

@ -98,22 +98,26 @@ in
config = mkIf config.services.acpid.enable {
jobs.acpid =
{ description = "ACPI Daemon";
systemd.services.acpid = {
description = "ACPI Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "systemd-udev-settle.service" ];
wantedBy = [ "multi-user.target" ];
after = [ "systemd-udev-settle.service" ];
path = [ pkgs.acpid ];
path = [ pkgs.acpid ];
daemonType = "fork";
exec = "acpid --confdir ${acpiConfDir}";
unitConfig.ConditionVirtualization = "!systemd-nspawn";
unitConfig.ConditionPathExists = [ "/proc/acpi" ];
serviceConfig = {
Type = "forking";
};
unitConfig = {
ConditionVirtualization = "!systemd-nspawn";
ConditionPathExists = [ "/proc/acpi" ];
};
script = "acpid --confdir ${acpiConfDir}";
};
};
}

15
nixos/modules/services/hardware/pommed.nix
View File

@ -35,18 +35,13 @@ with lib;
services.dbus.packages = [ pkgs.pommed ];
jobs.pommed = { name = "pommed";
systemd.services.pommed = {
description = "Pommed hotkey management";
startOn = "started dbus";
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ];
postStop = "rm -f /var/run/pommed.pid";
exec = "${pkgs.pommed}/bin/pommed";
daemonType = "fork";
script = "${pkgs.pommed}/bin/pommed";
serviceConfig.Type = "forking";
path = [ pkgs.eject ];
};
};

25
nixos/modules/services/logging/klogd.nix
View File

@ -24,21 +24,14 @@ with lib;
###### implementation
config = mkIf config.services.klogd.enable {
jobs.klogd =
{ description = "Kernel Log Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.sysklogd ];
unitConfig.ConditionVirtualization = "!systemd-nspawn";
exec =
"klogd -c 1 -2 -n " +
"-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map";
};
systemd.services.klogd = {
description = "Kernel Log Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.sysklogd ];
unitConfig.ConditionVirtualization = "!systemd-nspawn";
script =
"klogd -c 1 -2 -n " +
"-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map";
};
};
}

17
nixos/modules/services/mail/freepops.nix
View File

@ -72,15 +72,16 @@ in
};
config = mkIf cfg.enable {
jobs.freepopsd = {
systemd.services.freepopsd = {
description = "Freepopsd (webmail over POP3)";
startOn = "ip-up";
exec = ''${pkgs.freepops}/bin/freepopsd \
-p ${toString cfg.port} \
-t ${toString cfg.threads} \
-b ${cfg.bind} \
-vv -l ${cfg.logFile} \
-s ${cfg.suid.user}.${cfg.suid.group}
wantedBy = [ "ip-up.target" ];
script = ''
${pkgs.freepops}/bin/freepopsd \
-p ${toString cfg.port} \
-t ${toString cfg.threads} \
-b ${cfg.bind} \
-vv -l ${cfg.logFile} \
-s ${cfg.suid.user}.${cfg.suid.group}
'';
};
};

6
nixos/modules/services/mail/spamassassin.nix
View File

@ -50,15 +50,13 @@ in
gid = config.ids.gids.spamd;
};
jobs.spamd = {
systemd.services.spamd = {
description = "Spam Assassin Server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
exec = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --nouser-config --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/var/run/spamd.pid";
script = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --nouser-config --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/var/run/spamd.pid";
};
};
}

15
nixos/modules/services/misc/dictd.nix
View File

@ -51,13 +51,12 @@ with lib;
gid = config.ids.gids.dictd;
};
jobs.dictd =
{ description = "DICT.org Dictionary Server";
startOn = "startup";
environment = { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; };
daemonType = "fork";
exec = "${pkgs.dict}/sbin/dictd -s -c ${dictdb}/share/dictd/dictd.conf --locale en_US.UTF-8";
};
systemd.services.dictd = {
description = "DICT.org Dictionary Server";
wantedBy = [ "multi-user.target" ];
environment = { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; };
serviceConfig.Type = "forking";
script = "${pkgs.dict}/sbin/dictd -s -c ${dictdb}/share/dictd/dictd.conf --locale en_US.UTF-8";
};
};
}

104
nixos/modules/services/misc/disnix.nix
View File

@ -91,7 +91,7 @@ in
( { hostname = config.networking.hostName;
#targetHost = config.deployment.targetHost;
system = if config.nixpkgs.system == "" then builtins.currentSystem else config.nixpkgs.system;
supportedTypes = (import "${pkgs.stdenv.mkDerivation {
name = "supportedtypes";
buildCommand = ''
@ -117,63 +117,61 @@ in
services.disnix.publishInfrastructure.enable = cfg.publishAvahi;
jobs = {
disnix =
{ description = "Disnix server";
wants = [ "dysnomia.target" ];
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ]
++ optional config.services.httpd.enable "httpd.service"
++ optional config.services.mysql.enable "mysql.service"
++ optional config.services.postgresql.enable "postgresql.service"
++ optional config.services.tomcat.enable "tomcat.service"
++ optional config.services.svnserve.enable "svnserve.service"
++ optional config.services.mongodb.enable "mongodb.service";
systemd.services = {
disnix = {
description = "Disnix server";
wants = [ "dysnomia.target" ];
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ]
++ optional config.services.httpd.enable "httpd.service"
++ optional config.services.mysql.enable "mysql.service"
++ optional config.services.postgresql.enable "postgresql.service"
++ optional config.services.tomcat.enable "tomcat.service"
++ optional config.services.svnserve.enable "svnserve.service"
++ optional config.services.mongodb.enable "mongodb.service";
restartIfChanged = false;
path = [ pkgs.nix pkgs.disnix dysnomia "/run/current-system/sw" ];
environment = {
HOME = "/root";
};
preStart = ''
mkdir -p /etc/systemd-mutable/system
if [ ! -f /etc/systemd-mutable/system/dysnomia.target ]
then
( echo "[Unit]"
echo "Description=Services that are activated and deactivated by Dysnomia"
echo "After=final.target"
) > /etc/systemd-mutable/system/dysnomia.target
fi
'';
restartIfChanged = false;
exec = "disnix-service";
path = [ pkgs.nix pkgs.disnix dysnomia "/run/current-system/sw" ];
environment = {
HOME = "/root";
};
preStart = ''
mkdir -p /etc/systemd-mutable/system
if [ ! -f /etc/systemd-mutable/system/dysnomia.target ]
then
( echo "[Unit]"
echo "Description=Services that are activated and deactivated by Dysnomia"
echo "After=final.target"
) > /etc/systemd-mutable/system/dysnomia.target
fi
'';
script = "disnix-service";
};
} // optionalAttrs cfg.publishAvahi {
disnixAvahi =
{ description = "Disnix Avahi publisher";
disnixAvahi = {
description = "Disnix Avahi publisher";
wants = [ "avahi-daemon.service" ];
wantedBy = [ "multi-user.target" ];
startOn = "started avahi-daemon";
exec =
''
${pkgs.avahi}/bin/avahi-publish-service disnix-${config.networking.hostName} _disnix._tcp 22 \
"mem=$(grep 'MemTotal:' /proc/meminfo | sed -e 's/kB//' -e 's/MemTotal://' -e 's/ //g')" \
${concatMapStrings (infrastructureAttrName:
let infrastructureAttrValue = getAttr infrastructureAttrName (cfg.infrastructure);
in
if isInt infrastructureAttrValue then
''${infrastructureAttrName}=${toString infrastructureAttrValue} \
''
else
''${infrastructureAttrName}=\"${infrastructureAttrValue}\" \
''
) (attrNames (cfg.infrastructure))}
'';
};
script = ''
${pkgs.avahi}/bin/avahi-publish-service disnix-${config.networking.hostName} _disnix._tcp 22 \
"mem=$(grep 'MemTotal:' /proc/meminfo | sed -e 's/kB//' -e 's/MemTotal://' -e 's/ //g')" \
${concatMapStrings (infrastructureAttrName:
let infrastructureAttrValue = getAttr infrastructureAttrName (cfg.infrastructure);
in
if isInt infrastructureAttrValue then
''${infrastructureAttrName}=${toString infrastructureAttrValue} \
''
else
''${infrastructureAttrName}=\"${infrastructureAttrValue}\" \
''
) (attrNames (cfg.infrastructure))}
'';
};
};
};
}

83
nixos/modules/services/misc/felix.nix
View File

@ -57,54 +57,51 @@ in
home = "/homeless-shelter";
};
jobs.felix =
{ description = "Felix server";
systemd.services.felix = {
description = "Felix server";
wantedBy = [ "multi-user.target" ];
preStart =
''
# Initialise felix instance on first startup
if [ ! -d /var/felix ]
then
# Symlink system files
preStart = ''
# Initialise felix instance on first startup
if [ ! -d /var/felix ]
then
# Symlink system files
mkdir -p /var/felix
chown ${cfg.user}:${cfg.group} /var/felix
mkdir -p /var/felix
chown ${cfg.user}:${cfg.group} /var/felix
for i in ${pkgs.felix}/*
do
if [ "$i" != "${pkgs.felix}/bundle" ]
then
ln -sfn $i /var/felix/$(basename $i)
fi
done
for i in ${pkgs.felix}/*
do
if [ "$i" != "${pkgs.felix}/bundle" ]
then
ln -sfn $i /var/felix/$(basename $i)
fi
done
# Symlink bundles
mkdir -p /var/felix/bundle
chown ${cfg.user}:${cfg.group} /var/felix/bundle
# Symlink bundles
mkdir -p /var/felix/bundle
chown ${cfg.user}:${cfg.group} /var/felix/bundle
for i in ${pkgs.felix}/bundle/* ${toString cfg.bundles}
do
if [ -f $i ]
then
ln -sfn $i /var/felix/bundle/$(basename $i)
elif [ -d $i ]
then
for j in $i/bundle/*
do
ln -sfn $j /var/felix/bundle/$(basename $j)
done
fi
done
fi
'';
script =
''
cd /var/felix
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c '${pkgs.jre}/bin/java -jar bin/felix.jar'
'';
};
for i in ${pkgs.felix}/bundle/* ${toString cfg.bundles}
do
if [ -f $i ]
then
ln -sfn $i /var/felix/bundle/$(basename $i)
elif [ -d $i ]
then
for j in $i/bundle/*
do
ln -sfn $j /var/felix/bundle/$(basename $j)
done
fi
done
fi
'';
script = ''
cd /var/felix
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c '${pkgs.jre}/bin/java -jar bin/felix.jar'
'';
};
};
}

32
nixos/modules/services/misc/folding-at-home.nix
View File

@ -49,26 +49,20 @@ in {
home = stateDir;
};
jobs.foldingAtHome =
{ name = "foldingathome";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${fahUser} ${stateDir}
cp -f ${pkgs.writeText "client.cfg" cfg.config} ${stateDir}/client.cfg
'';
exec = "${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${fahUser} -c 'cd ${stateDir}; ${pkgs.foldingathome}/bin/fah6'";
};
services.foldingAtHome.config = ''
[settings]
username=${cfg.nickname}
systemd.services.foldingathome = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fahUser} ${stateDir}
cp -f ${pkgs.writeText "client.cfg" cfg.config} ${stateDir}/client.cfg
'';
script = "${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${fahUser} -c 'cd ${stateDir}; ${pkgs.foldingathome}/bin/fah6'";
};
services.foldingAtHome.config = ''
[settings]
username=${cfg.nickname}
'';
};
}

10
nixos/modules/services/misc/svnserve.nix
View File

@ -34,13 +34,11 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.svnserve = {
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
systemd.services.svnserve = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = "mkdir -p ${cfg.svnBaseDir}";
exec = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
script = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
};
};
}

16
nixos/modules/services/monitoring/monit.nix
View File

@ -19,10 +19,6 @@ in
default = "";
description = "monit.conf content";
};
startOn = mkOption {
default = "started network-interfaces";
description = "What Monit supposes to be already present";
};
};
};
@ -39,14 +35,12 @@ in
}
];
jobs.monit = {
systemd.services.monit = {
description = "Monit system watcher";
startOn = config.services.monit.startOn;
exec = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf";
respawn = true;
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf";
serviceConfig.Restart = "always";
};
};
}

29
nixos/modules/services/monitoring/ups.nix
View File

@ -180,31 +180,36 @@ in
environment.systemPackages = [ pkgs.nut ];
jobs.upsmon = {
systemd.services.upsmon = {
description = "Uninterruptible Power Supplies (Monitor)";
startOn = "ip-up";
daemonType = "fork";
exec = ''${pkgs.nut}/sbin/upsmon'';
wantedBy = [ "ip-up.target" ];
serviceConfig.Type = "forking";
script = "${pkgs.nut}/sbin/upsmon";
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};
jobs.upsd = {
systemd.services.upsd = {
description = "Uninterruptible Power Supplies (Daemon)";
startOn = "started network-interfaces and started upsmon";
daemonType = "fork";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" "upsmon.service" ];
serviceConfig.Type = "forking";
# TODO: replace 'root' by another username.
exec = ''${pkgs.nut}/sbin/upsd -u root'';
script = "${pkgs.nut}/sbin/upsd -u root";
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};
jobs.upsdrv = {
systemd.services.upsdrv = {
description = "Uninterruptible Power Supplies (Register all UPS)";
startOn = "started upsd";
wantedBy = [ "multi-user.target" ];
after = [ "upsd.service" ];
# TODO: replace 'root' by another username.
exec = ''${pkgs.nut}/bin/upsdrvctl -u root start'';
task = true;
script = ''${pkgs.nut}/bin/upsdrvctl -u root start'';
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};

38
nixos/modules/services/network-filesystems/drbd.nix
View File

@ -31,13 +31,13 @@ let cfg = config.services.drbd; in
};
###### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.drbd ];
services.udev.packages = [ pkgs.drbd ];
boot.kernelModules = [ "drbd" ];
@ -52,26 +52,16 @@ let cfg = config.services.drbd; in
target = "drbd.conf";
};
jobs.drbd_up =
{ name = "drbd-up";
startOn = "stopped udevtrigger or ip-up";
task = true;
script =
''
${pkgs.drbd}/sbin/drbdadm up all
'';
};
jobs.drbd_down =
{ name = "drbd-down";
startOn = "starting shutdown";
task = true;
script =
''
${pkgs.drbd}/sbin/drbdadm down all
'';
};
systemd.services.drbd = {
after = [ "systemd-udev.settle.service" ];
wants = [ "systemd-udev.settle.service" ];
wantedBy = [ "ip-up.target" ];
script = ''
${pkgs.drbd}/sbin/drbdadm up all
'';
serviceConfig.ExecStop = ''
${pkgs.drbd}/sbin/drbdadm down all
'';
};
};
}

48
nixos/modules/services/network-filesystems/openafs-client/default.nix
View File

@ -72,34 +72,28 @@ in
}
];
jobs.openafsClient =
{ name = "afsd";
systemd.services.afsd = {
description = "AFS client";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
description = "AFS client";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart = ''
mkdir -p -m 0755 /afs
mkdir -m 0700 -p ${cfg.cacheDirectory}
${pkgs.module_init_tools}/sbin/insmod ${openafsPkgs}/lib/openafs/libafs-*.ko || true
${openafsPkgs}/sbin/afsd -confdir ${afsConfig} -cachedir ${cfg.cacheDirectory} ${if cfg.sparse then "-dynroot-sparse" else "-dynroot"} -fakestat -afsdb
${openafsPkgs}/bin/fs setcrypt ${if cfg.crypt then "on" else "off"}
'';
# Doing this in preStop, because after these commands AFS is basically
# stopped, so systemd has nothing to do, just noticing it. If done in
# postStop, then we get a hang + kernel oops, because AFS can't be
# stopped simply by sending signals to processes.
preStop = ''
${pkgs.utillinux}/bin/umount /afs
${openafsPkgs}/sbin/afsd -shutdown
${pkgs.module_init_tools}/sbin/rmmod libafs
'';
};
preStart = ''
mkdir -p -m 0755 /afs
mkdir -m 0700 -p ${cfg.cacheDirectory}
${pkgs.module_init_tools}/sbin/insmod ${openafsPkgs}/lib/openafs/libafs-*.ko || true
${openafsPkgs}/sbin/afsd -confdir ${afsConfig} -cachedir ${cfg.cacheDirectory} ${if cfg.sparse then "-dynroot-sparse" else "-dynroot"} -fakestat -afsdb
${openafsPkgs}/bin/fs setcrypt ${if cfg.crypt then "on" else "off"}
'';
# Doing this in preStop, because after these commands AFS is basically
# stopped, so systemd has nothing to do, just noticing it. If done in
# postStop, then we get a hang + kernel oops, because AFS can't be
# stopped simply by sending signals to processes.
preStop = ''
${pkgs.utillinux}/bin/umount /afs
${openafsPkgs}/sbin/afsd -shutdown
${pkgs.module_init_tools}/sbin/rmmod libafs
'';
};
};
}

27
nixos/modules/services/networking/amuled.nix
View File

@ -57,22 +57,19 @@ in
gid = config.ids.gids.amule;
} ];
jobs.amuled =
{ description = "AMule daemon";
systemd.services.amuled = {
description = "AMule daemon";
wantedBy = [ "ip-up.target" ];
startOn = "ip-up";
preStart = ''
mkdir -p ${cfg.dataDir}
chown ${user} ${cfg.dataDir}
'';
exec = ''
${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${user} \
-c 'HOME="${cfg.dataDir}" ${pkgs.amuleDaemon}/bin/amuled'
'';
};
preStart = ''
mkdir -p ${cfg.dataDir}
chown ${user} ${cfg.dataDir}
'';
script = ''
${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${user} \
-c 'HOME="${cfg.dataDir}" ${pkgs.amuleDaemon}/bin/amuled'
'';
};
};
}

23
nixos/modules/services/networking/bind.nix
View File

@ -142,20 +142,17 @@ in
description = "BIND daemon user";
};
jobs.bind =
{ description = "BIND name server job";
systemd.services.bind = {
description = "BIND name server job";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
startOn = "started network-interfaces";
preStart =
''
${pkgs.coreutils}/bin/mkdir -p /var/run/named
chown ${bindUser} /var/run/named
'';
exec = "${pkgs.bind}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
};
preStart = ''
${pkgs.coreutils}/bin/mkdir -p /var/run/named
chown ${bindUser} /var/run/named
'';
script = "${pkgs.bind}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
};
};
}

128
nixos/modules/services/networking/ejabberd.nix
View File

@ -56,81 +56,73 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.ejabberd ];
jobs.ejabberd =
{ description = "EJabberd server";
systemd.services.ejabberd = {
description = "EJabberd server";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ ejabberd coreutils bash gnused ];
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart = ''
# Initialise state data
mkdir -p ${cfg.logsDir}
environment = {
PATH = "$PATH:${pkgs.ejabberd}/sbin:${pkgs.ejabberd}/bin:${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.gnused}/bin";
};
if ! test -d ${cfg.spoolDir}
then
initialize=1
cp -av ${pkgs.ejabberd}/var/lib/ejabberd /var/lib
fi
preStart =
if ! test -d ${cfg.confDir}
then
mkdir -p ${cfg.confDir}
cp ${pkgs.ejabberd}/etc/ejabberd/* ${cfg.confDir}
sed -e 's|{hosts, \["localhost"\]}.|{hosts, \[${cfg.virtualHosts}\]}.|' ${pkgs.ejabberd}/etc/ejabberd/ejabberd.cfg > ${cfg.confDir}/ejabberd.cfg
fi
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} start
${if cfg.loadDumps == [] then "" else
''
PATH="$PATH:${pkgs.ejabberd}/sbin:${pkgs.ejabberd}/bin:${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.gnused}/bin";
# Initialise state data
mkdir -p ${cfg.logsDir}
if ! test -d ${cfg.spoolDir}
if [ "$initialize" = "1" ]
then
initialize=1
cp -av ${pkgs.ejabberd}/var/lib/ejabberd /var/lib
# Wait until the ejabberd server is available for use
count=0
while ! ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} status
do
if [ $count -eq 30 ]
then
echo "Tried 30 times, giving up..."
exit 1
fi
echo "Ejabberd daemon not yet started. Waiting for 1 second..."
count=$((count++))
sleep 1
done
${concatMapStrings (dump:
''
echo "Importing dump: ${dump}"
if [ -f ${dump} ]
then
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load ${dump}
elif [ -d ${dump} ]
then
for i in ${dump}/ejabberd-dump/*
do
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load $i
done
fi
'') cfg.loadDumps}
fi
''}
'';
if ! test -d ${cfg.confDir}
then
mkdir -p ${cfg.confDir}
cp ${pkgs.ejabberd}/etc/ejabberd/* ${cfg.confDir}
sed -e 's|{hosts, \["localhost"\]}.|{hosts, \[${cfg.virtualHosts}\]}.|' ${pkgs.ejabberd}/etc/ejabberd/ejabberd.cfg > ${cfg.confDir}/ejabberd.cfg
fi
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} start
${if cfg.loadDumps == [] then "" else
''
if [ "$initialize" = "1" ]
then
# Wait until the ejabberd server is available for use
count=0
while ! ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} status
do
if [ $count -eq 30 ]
then
echo "Tried 30 times, giving up..."
exit 1
fi
echo "Ejabberd daemon not yet started. Waiting for 1 second..."
count=$((count++))
sleep 1
done
${concatMapStrings (dump:
''
echo "Importing dump: ${dump}"
if [ -f ${dump} ]
then
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load ${dump}
elif [ -d ${dump} ]
then
for i in ${dump}/ejabberd-dump/*
do
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load $i
done
fi
'') cfg.loadDumps}
fi
''}
'';
postStop =
''
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} stop
'';
};
postStop = ''
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} stop
'';
};
security.pam.services.ejabberd = {};

9
nixos/modules/services/networking/git-daemon.nix
View File

@ -16,7 +16,7 @@ in
type = types.bool;
default = false;
description = ''
Enable Git daemon, which allows public hosting of git repositories
Enable Git daemon, which allows public hosting of git repositories
without any access controls. This is mostly intended for read-only access.
You can allow write access by setting daemon.receivepack configuration
@ -115,10 +115,9 @@ in
gid = config.ids.gids.git;
};
jobs.gitDaemon = {
name = "git-daemon";
startOn = "ip-up";
exec = "${pkgs.git}/bin/git daemon --reuseaddr "
systemd.services."git-daemon" = {
wantedBy = [ "ip-up.target" ];
script = "${pkgs.git}/bin/git daemon --reuseaddr "
+ (optionalString (cfg.basePath != "") "--base-path=${cfg.basePath} ")
+ (optionalString (cfg.listenAddress != "") "--listen=${cfg.listenAddress} ")
+ "--port=${toString cfg.port} --user=${cfg.user} --group=${cfg.group} ${cfg.options} "

32
nixos/modules/services/networking/gvpe.nix
View File

@ -37,13 +37,6 @@ let
'';
executable = true;
});
exec = "${pkgs.gvpe}/sbin/gvpe -c /var/gvpe -D ${cfg.nodename} "
+ " ${cfg.nodename}.pid-file=/var/gvpe/gvpe.pid"
+ " ${cfg.nodename}.if-up=if-up"
+ " &> /var/log/gvpe";
inherit (cfg) startOn stopOn;
in
{
@ -55,18 +48,6 @@ in
Whether to run gvpe
'';
};
startOn = mkOption {
default = "started network-interfaces";
description = ''
Condition to start GVPE
'';
};
stopOn = mkOption {
default = "stopping network-interfaces";
description = ''
Condition to stop GVPE
'';
};
nodename = mkOption {
default = null;
description =''
@ -122,10 +103,10 @@ in
};
};
config = mkIf cfg.enable {
jobs.gvpe = {
systemd.services.gvpe = {
description = "GNU Virtual Private Ethernet node";
inherit startOn stopOn;
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p /var/gvpe
@ -136,9 +117,12 @@ in
cp ${ifupScript} /var/gvpe/if-up
'';
inherit exec;
script = "${pkgs.gvpe}/sbin/gvpe -c /var/gvpe -D ${cfg.nodename} "
+ " ${cfg.nodename}.pid-file=/var/gvpe/gvpe.pid"
+ " ${cfg.nodename}.if-up=if-up"
+ " &> /var/log/gvpe";
respawn = true;
serviceConfig.Restart = "always";
};
};
}

26
nixos/modules/services/networking/ifplugd.nix
View File

@ -66,23 +66,17 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.ifplugd =
{ description = "Network interface connectivity monitor";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
exec =
''
${ifplugd}/sbin/ifplugd --no-daemon --no-startup --no-shutdown \
${if config.networking.interfaceMonitor.beep then "" else "--no-beep"} \
--run ${plugScript}
'';
};
systemd.services.ifplugd = {
description = "Network interface connectivity monitor";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
${ifplugd}/sbin/ifplugd --no-daemon --no-startup --no-shutdown \
${if config.networking.interfaceMonitor.beep then "" else "--no-beep"} \
--run ${plugScript}
'';
};
environment.systemPackages = [ ifplugd ];
};
}

18
nixos/modules/services/networking/ircd-hybrid/default.nix
View File

@ -121,17 +121,11 @@ in
users.extraGroups.ircd.gid = config.ids.gids.ircd;
jobs.ircd_hybrid =
{ name = "ircd-hybrid";
description = "IRCD Hybrid server";
startOn = "started networking";
stopOn = "stopping networking";
exec = "${ircdService}/bin/control start";
};
systemd.services."ircd-hybrid" = {
description = "IRCD Hybrid server";
after = [ "started networking" ];
wantedBy = [ "multi-user.target" ];
script = "${ircdService}/bin/control start";
};
};
}

17
nixos/modules/services/networking/oidentd.nix
View File

@ -20,18 +20,17 @@ with lib;
};
###### implementation
config = mkIf config.services.oidentd.enable {
jobs.oidentd =
{ startOn = "started network-interfaces";
daemonType = "fork";
exec = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" +
optionalString config.networking.enableIPv6 " -a ::"
;
};
systemd.services.oidentd = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "forking";
script = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" +
optionalString config.networking.enableIPv6 " -a ::";
};
users.extraUsers.oidentd = {
description = "Ident Protocol daemon user";

48
nixos/modules/services/networking/openfire.nix
View File

@ -2,17 +2,7 @@
with lib;
let
inherit (pkgs) jre openfire coreutils which gnugrep gawk gnused;
extraStartDependency =
if config.services.openfire.usePostgreSQL then "and started postgresql" else "";
in
{
###### interface
options = {
@ -47,26 +37,24 @@ in
message = "OpenFire assertion failed.";
};
jobs.openfire =
{ description = "OpenFire XMPP server";
startOn = "started networking ${extraStartDependency}";
script =
''
export PATH=${jre}/bin:${openfire}/bin:${coreutils}/bin:${which}/bin:${gnugrep}/bin:${gawk}/bin:${gnused}/bin
export HOME=/tmp
mkdir /var/log/openfire || true
mkdir /etc/openfire || true
for i in ${openfire}/conf.inst/*; do
if ! test -f /etc/openfire/$(basename $i); then
cp $i /etc/openfire/
fi
done
openfire start
''; # */
};
systemd.services.openfire = {
description = "OpenFire XMPP server";
wantedBy = [ "multi-user.target" ];
after = [ "networking.target" ] ++
optional config.services.openfire.usePostgreSQL "postgresql.service";
path = with pkgs; [ jre openfire coreutils which gnugrep gawk gnused ];
script = ''
export HOME=/tmp
mkdir /var/log/openfire || true
mkdir /etc/openfire || true
for i in ${openfire}/conf.inst/*; do
if ! test -f /etc/openfire/$(basename $i); then
cp $i /etc/openfire/
fi
done
openfire start
''; # */
};
};
}

25
nixos/modules/services/networking/prayer.nix
View File

@ -83,21 +83,14 @@ in
gid = config.ids.gids.prayer;
};
jobs.prayer =
{ name = "prayer";
startOn = "startup";
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${prayerUser}.${prayerGroup} ${stateDir}
'';
daemonType = "daemon";
exec = "${prayer}/sbin/prayer --config-file=${prayerCfg}";
};
systemd.services.prayer = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "forking";
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${prayerUser}.${prayerGroup} ${stateDir}
'';
script = "${prayer}/sbin/prayer --config-file=${prayerCfg}";
};
};
}

12
nixos/modules/services/networking/radicale.nix
View File

@ -33,16 +33,14 @@ in
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.pythonPackages.radicale ];
jobs.radicale = {
systemd.services.radicale = {
description = "A Simple Calendar and Contact Server";
startOn = "started network-interfaces";
exec = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d";
daemonType = "fork";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d";
serviceConfig.Type = "forking";
};
};
}

6
nixos/modules/services/networking/softether.nix
View File

@ -61,9 +61,10 @@ in
dataDir = cfg.dataDir;
}))
];
jobs.softether = {
systemd.services.softether = {
description = "SoftEther VPN services initial job";
startOn = "started network-interfaces";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
for d in vpnserver vpnbridge vpnclient vpncmd; do
if ! test -e ${cfg.dataDir}/$d; then
@ -74,7 +75,6 @@ in
rm -rf ${cfg.dataDir}/vpncmd/vpncmd
ln -s ${pkg}${cfg.dataDir}/vpncmd/vpncmd ${cfg.dataDir}/vpncmd/vpncmd
'';
exec = "true";
};
}

100
nixos/modules/services/networking/ssh/lshd.nix
View File

@ -117,62 +117,60 @@ in
services.lshd.subsystems = [ ["sftp" "${pkgs.lsh}/sbin/sftp-server"] ];
jobs.lshd =
{ description = "GNU lshd SSH2 daemon";
systemd.services.lshd = {
description = "GNU lshd SSH2 daemon";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
after = [ "network-interfaces.target" ];
environment =
{ LD_LIBRARY_PATH = config.system.nssModules.path; };
wantedBy = [ "multi-user.target" ];
preStart =
''
test -d /etc/lsh || mkdir -m 0755 -p /etc/lsh
test -d /var/spool/lsh || mkdir -m 0755 -p /var/spool/lsh
if ! test -f /var/spool/lsh/yarrow-seed-file
then
# XXX: It would be nice to provide feedback to the
# user when this fails, so that they can retry it
# manually.
${lsh}/bin/lsh-make-seed --sloppy \
-o /var/spool/lsh/yarrow-seed-file
fi
if ! test -f "${cfg.hostKey}"
then
${lsh}/bin/lsh-keygen --server | \
${lsh}/bin/lsh-writekey --server -o "${cfg.hostKey}"
fi
'';
exec = with cfg;
''
${lsh}/sbin/lshd --daemonic \
--password-helper="${lsh}/sbin/lsh-pam-checkpw" \
-p ${toString portNumber} \
${if interfaces == [] then ""
else (concatStrings (map (i: "--interface=\"${i}\"")
interfaces))} \
-h "${hostKey}" \
${if !syslog then "--no-syslog" else ""} \
${if passwordAuthentication then "--password" else "--no-password" } \
${if publicKeyAuthentication then "--publickey" else "--no-publickey" } \
${if rootLogin then "--root-login" else "--no-root-login" } \
${if loginShell != null then "--login-shell=\"${loginShell}\"" else "" } \
${if srpKeyExchange then "--srp-keyexchange" else "--no-srp-keyexchange" } \
${if !tcpForwarding then "--no-tcpip-forward" else "--tcpip-forward"} \
${if x11Forwarding then "--x11-forward" else "--no-x11-forward" } \
--subsystems=${concatStringsSep ","
(map (pair: (head pair) + "=" +
(head (tail pair)))
subsystems)}
'';
environment = {
LD_LIBRARY_PATH = config.system.nssModules.path;
};
preStart = ''
test -d /etc/lsh || mkdir -m 0755 -p /etc/lsh
test -d /var/spool/lsh || mkdir -m 0755 -p /var/spool/lsh
if ! test -f /var/spool/lsh/yarrow-seed-file
then
# XXX: It would be nice to provide feedback to the
# user when this fails, so that they can retry it
# manually.
${lsh}/bin/lsh-make-seed --sloppy \
-o /var/spool/lsh/yarrow-seed-file
fi
if ! test -f "${cfg.hostKey}"
then
${lsh}/bin/lsh-keygen --server | \
${lsh}/bin/lsh-writekey --server -o "${cfg.hostKey}"
fi
'';
script = with cfg; ''
${lsh}/sbin/lshd --daemonic \
--password-helper="${lsh}/sbin/lsh-pam-checkpw" \
-p ${toString portNumber} \
${if interfaces == [] then ""
else (concatStrings (map (i: "--interface=\"${i}\"")
interfaces))} \
-h "${hostKey}" \
${if !syslog then "--no-syslog" else ""} \
${if passwordAuthentication then "--password" else "--no-password" } \
${if publicKeyAuthentication then "--publickey" else "--no-publickey" } \
${if rootLogin then "--root-login" else "--no-root-login" } \
${if loginShell != null then "--login-shell=\"${loginShell}\"" else "" } \
${if srpKeyExchange then "--srp-keyexchange" else "--no-srp-keyexchange" } \
${if !tcpForwarding then "--no-tcpip-forward" else "--tcpip-forward"} \
${if x11Forwarding then "--x11-forward" else "--no-x11-forward" } \
--subsystems=${concatStringsSep ","
(map (pair: (head pair) + "=" +
(head (tail pair)))
subsystems)}
'';
};
security.pam.services.lshd = {};
};
}

8
nixos/modules/services/networking/tcpcrypt.nix
View File

@ -35,11 +35,11 @@ in
description = "tcpcrypt daemon user";
};
jobs.tcpcrypt = {
systemd.services.tcpcrypt = {
description = "tcpcrypt";
wantedBy = ["multi-user.target"];
after = ["network-interfaces.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
@ -58,7 +58,7 @@ in
iptables -t mangle -I POSTROUTING -j nixos-tcpcrypt
'';
exec = "tcpcryptd -x 0x10";
script = "tcpcryptd -x 0x10";
postStop = ''
if [ -f /run/pre-tcpcrypt-ecn-state ]; then

14
nixos/modules/services/networking/wicd.nix
View File

@ -25,17 +25,13 @@ with lib;
environment.systemPackages = [pkgs.wicd];
jobs.wicd =
{ startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
script =
"${pkgs.wicd}/sbin/wicd -f";
};
systemd.services.wicd = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.wicd}/sbin/wicd -f";
};
services.dbus.enable = true;
services.dbus.packages = [pkgs.wicd];
};
}

22
nixos/modules/services/networking/xinetd.nix
View File

@ -6,8 +6,6 @@ let
cfg = config.services.xinetd;
inherit (pkgs) xinetd;
configFile = pkgs.writeText "xinetd.conf"
''
defaults
@ -141,18 +139,12 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.xinetd =
{ description = "xinetd server";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
path = [ xinetd ];
exec = "xinetd -syslog daemon -dontfork -stayalive -f ${configFile}";
};
systemd.services.xinetd = {
description = "xinetd server";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.xinetd ];
script = "xinetd -syslog daemon -dontfork -stayalive -f ${configFile}";
};
};
}

74
nixos/modules/services/scheduling/atd.nix
View File

@ -66,49 +66,47 @@ in
gid = config.ids.gids.atd;
};
jobs.atd =
{ description = "Job Execution Daemon (atd)";
systemd.services.atd = {
description = "Job Execution Daemon (atd)";
after = [ "systemd-udev-settle.service" ];
wants = [ "systemd-udev-settle.service" ];
wantedBy = [ "multi-user.target" ];
startOn = "stopped udevtrigger";
path = [ at ];
path = [ at ];
preStart = ''
# Snippets taken and adapted from the original `install' rule of
# the makefile.
preStart =
''
# Snippets taken and adapted from the original `install' rule of
# the makefile.
# We assume these values are those actually used in Nixpkgs for
# `at'.
spooldir=/var/spool/atspool
jobdir=/var/spool/atjobs
etcdir=/etc/at
# We assume these values are those actually used in Nixpkgs for
# `at'.
spooldir=/var/spool/atspool
jobdir=/var/spool/atjobs
etcdir=/etc/at
for dir in "$spooldir" "$jobdir" "$etcdir"; do
if [ ! -d "$dir" ]; then
mkdir -p "$dir"
chown atd:atd "$dir"
fi
done
chmod 1770 "$spooldir" "$jobdir"
${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
if [ ! -f "$etcdir"/at.deny ]; then
touch "$etcdir"/at.deny
chown root:atd "$etcdir"/at.deny
chmod 640 "$etcdir"/at.deny
fi
if [ ! -f "$jobdir"/.SEQ ]; then
touch "$jobdir"/.SEQ
chown atd:atd "$jobdir"/.SEQ
chmod 600 "$jobdir"/.SEQ
fi
'';
for dir in "$spooldir" "$jobdir" "$etcdir"; do
if [ ! -d "$dir" ]; then
mkdir -p "$dir"
chown atd:atd "$dir"
fi
done
chmod 1770 "$spooldir" "$jobdir"
${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
if [ ! -f "$etcdir"/at.deny ]; then
touch "$etcdir"/at.deny
chown root:atd "$etcdir"/at.deny
chmod 640 "$etcdir"/at.deny
fi
if [ ! -f "$jobdir"/.SEQ ]; then
touch "$jobdir"/.SEQ
chown atd:atd "$jobdir"/.SEQ
chmod 600 "$jobdir"/.SEQ
fi
'';
exec = "atd";
daemonType = "fork";
};
script = "atd";
serviceConfig.Type = "forking";
};
};
}

38
nixos/modules/services/scheduling/fcron.nix
View File

@ -108,29 +108,25 @@ in
security.setuidPrograms = [ "fcrontab" ];
jobs.fcron =
{ description = "fcron daemon";
systemd.services.fcron = {
description = "fcron daemon";
after = [ "local-fs.target" ];
wantedBy = [ "multi-user.target" ];
startOn = "startup";
after = [ "local-fs.target" ];
environment =
{ PATH = "/run/current-system/sw/bin";
};
preStart =
''
${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/spool/fcron
# load system crontab file
${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab}
'';
daemonType = "fork";
exec = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}";
# FIXME use specific path
environment = {
PATH = "/run/current-system/sw/bin";
};
};
preStart = ''
${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/spool/fcron
# load system crontab file
${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab}
'';
serviceConfig.Type = "forking";
script = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}";
};
};
}

32
nixos/modules/services/security/fprot.nix
View File

@ -67,24 +67,22 @@ in {
services.cron.systemCronJobs = [ "*/${toString cfg.updater.frequency} * * * * root start fprot-updater" ];
jobs = {
fprot_updater = {
name = "fprot-updater";
task = true;
# have to copy fpupdate executable because it insists on storing the virus database in the same dir
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fprotUser}:${fprotGroup} ${stateDir}
cp ${pkgs.fprot}/opt/f-prot/fpupdate ${stateDir}
ln -sf ${cfg.updater.productData} ${stateDir}/product.data
'';
#setuid = fprotUser;
#setgid = fprotGroup;
exec = "/var/lib/fprot/fpupdate --keyfile ${cfg.updater.licenseKeyfile}";
systemd.services."fprot-updater" = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = false;
};
wantedBy = [ "multi-user.target" ];
# have to copy fpupdate executable because it insists on storing the virus database in the same dir
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fprotUser}:${fprotGroup} ${stateDir}
cp ${pkgs.fprot}/opt/f-prot/fpupdate ${stateDir}
ln -sf ${cfg.updater.productData} ${stateDir}/product.data
'';
script = "/var/lib/fprot/fpupdate --keyfile ${cfg.updater.licenseKeyfile}";
};
};
}

33
nixos/modules/services/system/kerberos.nix
View File

@ -45,27 +45,20 @@ in
serverArgs = "${pkgs.heimdal}/sbin/kadmind";
};
jobs.kdc =
{ description = "Kerberos Domain Controller daemon";
systemd.services.kdc = {
description = "Kerberos Domain Controller daemon";
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -m 0755 -p ${stateDir}
'';
script = "${heimdal}/sbin/kdc";
};
startOn = "ip-up";
preStart =
''
mkdir -m 0755 -p ${stateDir}
'';
exec = "${heimdal}/sbin/kdc";
};
jobs.kpasswdd =
{ description = "Kerberos Domain Controller daemon";
startOn = "ip-up";
exec = "${heimdal}/sbin/kpasswdd";
};
systemd.services.kpasswdd = {
description = "Kerberos Domain Controller daemon";
wantedBy = [ "multi-user.target" ];
script = "${heimdal}/sbin/kpasswdd";
};
};
}

26
nixos/modules/services/system/uptimed.nix
View File

@ -45,23 +45,21 @@ in
home = stateDir;
};
jobs.uptimed =
{ description = "Uptimed daemon";
systemd.services.uptimed = {
description = "Uptimed daemon";
wantedBy = [ "multi-user.target" ];
startOn = "startup";
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${uptimedUser} ${stateDir}
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${uptimedUser} ${stateDir}
if ! test -f ${stateDir}/bootid ; then
${uptimed}/sbin/uptimed -b
fi
'';
if ! test -f ${stateDir}/bootid ; then
${uptimed}/sbin/uptimed -b
fi
'';
exec = "${uptimed}/sbin/uptimed";
};
script = "${uptimed}/sbin/uptimed";
};
};

13
nixos/modules/services/web-servers/jboss/default.nix
View File

@ -71,13 +71,10 @@ in
###### implementation
config = mkIf config.services.jboss.enable {
jobs.jboss =
{ description = "JBoss server";
exec = "${jbossService}/bin/control start";
};
systemd.services.jboss = {
description = "JBoss server";
script = "${jbossService}/bin/control start";
wantedBy = [ "multi-user.target" ];
};
};
}

388
nixos/modules/services/web-servers/tomcat.nix
View File

@ -127,124 +127,205 @@ in
extraGroups = cfg.extraGroups;
};
jobs.tomcat =
{ description = "Apache Tomcat server";
systemd.services.tomcat = {
description = "Apache Tomcat server";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
serviceConfig.Type = "daemon";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart = ''
# Create the base directory
mkdir -p ${cfg.baseDir}
daemonType = "daemon";
# Create a symlink to the bin directory of the tomcat component
ln -sfn ${tomcat}/bin ${cfg.baseDir}/bin
# Create a conf/ directory
mkdir -p ${cfg.baseDir}/conf
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/conf
# Symlink the config files in the conf/ directory (except for catalina.properties and server.xml)
for i in $(ls ${tomcat}/conf | grep -v catalina.properties | grep -v server.xml)
do
ln -sfn ${tomcat}/conf/$i ${cfg.baseDir}/conf/`basename $i`
done
# Create subdirectory for virtual hosts
mkdir -p ${cfg.baseDir}/virtualhosts
# Create a modified catalina.properties file
# Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries
sed -e 's|''${catalina.home}|''${catalina.base}|g' \
-e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \
${tomcat}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties
# Create a modified server.xml which also includes all virtual hosts
sed -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\ ${
toString (map (virtualHost: ''<Host name=\"${virtualHost.name}\" appBase=\"virtualhosts/${virtualHost.name}/webapps\" unpackWARs=\"true\" autoDeploy=\"true\" xmlValidation=\"false\" xmlNamespaceAware=\"false\" >${if cfg.logPerVirtualHost then ''<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"logs/${virtualHost.name}\" prefix=\"${virtualHost.name}_access_log.\" pattern=\"combined\" resolveHosts=\"false\"/>'' else ""}</Host>'') cfg.virtualHosts)}" \
${tomcat}/conf/server.xml > ${cfg.baseDir}/conf/server.xml
# Create a logs/ directory
mkdir -p ${cfg.baseDir}/logs
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs
${if cfg.logPerVirtualHost then
toString (map (h: ''
mkdir -p ${cfg.baseDir}/logs/${h.name}
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name}
'') cfg.virtualHosts) else ''''}
# Create a temp/ directory
mkdir -p ${cfg.baseDir}/temp
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/temp
# Create a lib/ directory
mkdir -p ${cfg.baseDir}/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/lib
# Create a shared/lib directory
mkdir -p ${cfg.baseDir}/shared/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/shared/lib
# Create a webapps/ directory
mkdir -p ${cfg.baseDir}/webapps
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps
# Symlink all the given common libs files or paths into the lib/ directory
for i in ${tomcat} ${toString cfg.commonLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/lib/*
do
ln -sfn $j ${cfg.baseDir}/lib/`basename $j`
done
fi
done
# Symlink all the given shared libs files or paths into the shared/lib/ directory
for i in ${toString cfg.sharedLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/shared/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/shared/lib/*
do
ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j`
done
fi
done
# Symlink all the given web applications files or paths into the webapps/ directory
for i in ${toString cfg.webapps}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/webapps/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/localhost
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
fi
done
${toString (map (virtualHost: ''
# Create webapps directory for the virtual host
mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Modify ownership
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Symlink all the given web applications files or paths into the webapps/ directory
# of this virtual host
for i in "${if virtualHost ? webapps then toString virtualHost.webapps else ""}"
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/${virtualHost.name}
ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j`
done
fi
fi
done
preStart =
''
# Create the base directory
mkdir -p ${cfg.baseDir}
) cfg.virtualHosts) }
# Create a symlink to the bin directory of the tomcat component
ln -sfn ${tomcat}/bin ${cfg.baseDir}/bin
# Create a work/ directory
mkdir -p ${cfg.baseDir}/work
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/work
# Create a conf/ directory
mkdir -p ${cfg.baseDir}/conf
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/conf
${if cfg.axis2.enable then
''
# Copy the Axis2 web application
cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps
# Symlink the config files in the conf/ directory (except for catalina.properties and server.xml)
for i in $(ls ${tomcat}/conf | grep -v catalina.properties | grep -v server.xml)
do
ln -sfn ${tomcat}/conf/$i ${cfg.baseDir}/conf/`basename $i`
done
# Turn off addressing, which causes many errors
sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml
# Create subdirectory for virtual hosts
mkdir -p ${cfg.baseDir}/virtualhosts
# Modify permissions on the Axis2 application
chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2
# Create a modified catalina.properties file
# Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries
sed -e 's|''${catalina.home}|''${catalina.base}|g' \
-e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \
${tomcat}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties
# Create a modified server.xml which also includes all virtual hosts
sed -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\ ${
toString (map (virtualHost: ''<Host name=\"${virtualHost.name}\" appBase=\"virtualhosts/${virtualHost.name}/webapps\" unpackWARs=\"true\" autoDeploy=\"true\" xmlValidation=\"false\" xmlNamespaceAware=\"false\" >${if cfg.logPerVirtualHost then ''<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"logs/${virtualHost.name}\" prefix=\"${virtualHost.name}_access_log.\" pattern=\"combined\" resolveHosts=\"false\"/>'' else ""}</Host>'') cfg.virtualHosts)}" \
${tomcat}/conf/server.xml > ${cfg.baseDir}/conf/server.xml
# Create a logs/ directory
mkdir -p ${cfg.baseDir}/logs
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs
${if cfg.logPerVirtualHost then
toString (map (h: ''
mkdir -p ${cfg.baseDir}/logs/${h.name}
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name}
'') cfg.virtualHosts) else ''''}
# Create a temp/ directory
mkdir -p ${cfg.baseDir}/temp
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/temp
# Create a lib/ directory
mkdir -p ${cfg.baseDir}/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/lib
# Create a shared/lib directory
mkdir -p ${cfg.baseDir}/shared/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/shared/lib
# Create a webapps/ directory
mkdir -p ${cfg.baseDir}/webapps
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps
# Symlink all the given common libs files or paths into the lib/ directory
for i in ${tomcat} ${toString cfg.commonLibs}
# Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory
for i in ${toString cfg.axis2.services}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/lib/`basename $i`
# If the given web service is a file, symlink it into the webapps/axis2/WEB-INF/services
ln -sfn $i ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/lib/*
for j in $i/webapps/axis2/WEB-INF/services/*
do
ln -sfn $j ${cfg.baseDir}/lib/`basename $j`
done
fi
done
# Symlink all the given shared libs files or paths into the shared/lib/ directory
for i in ${toString cfg.sharedLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/shared/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/shared/lib/*
do
ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j`
done
fi
done
# Symlink all the given web applications files or paths into the webapps/ directory
for i in ${toString cfg.webapps}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/webapps/`basename $j`
ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j`
done
# Also symlink the configuration files if they are included
@ -252,110 +333,25 @@ in
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/localhost
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
fi
done
''
else ""}
'';
${toString (map (virtualHost: ''
# Create webapps directory for the virtual host
mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
script = ''
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${tomcat}/bin/startup.sh'
'';
# Modify ownership
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
postStop = ''
echo "Stopping tomcat..."
CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c ${tomcat}/bin/shutdown.sh
'';
# Symlink all the given web applications files or paths into the webapps/ directory
# of this virtual host
for i in "${if virtualHost ? webapps then toString virtualHost.webapps else ""}"
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/${virtualHost.name}
ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j`
done
fi
fi
done
''
) cfg.virtualHosts) }
# Create a work/ directory
mkdir -p ${cfg.baseDir}/work
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/work
${if cfg.axis2.enable then
''
# Copy the Axis2 web application
cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps
# Turn off addressing, which causes many errors
sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml
# Modify permissions on the Axis2 application
chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2
# Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory
for i in ${toString cfg.axis2.services}
do
if [ -f $i ]
then
# If the given web service is a file, symlink it into the webapps/axis2/WEB-INF/services
ln -sfn $i ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/axis2/WEB-INF/services/*
do
ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
fi
done
''
else ""}
'';
script = ''
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${tomcat}/bin/startup.sh'
'';
postStop =
''
echo "Stopping tomcat..."
CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c ${tomcat}/bin/shutdown.sh
'';
};
};
};

17
nixos/modules/services/x11/xfs.nix
View File

@ -30,20 +30,17 @@ in
###### implementation
config = mkIf config.services.xfs.enable {
assertions = singleton
{ assertion = config.fonts.enableFontDir;
message = "Please enable fonts.enableFontDir to use the X Font Server.";
};
jobs.xfs =
{ description = "X Font Server";
startOn = "started networking";
exec = "${pkgs.xorg.xfs}/bin/xfs -config ${configFile}";
};
systemd.services.xfs = {
description = "X Font Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.xorg.xfs ];
script = "xfs -config ${configFile}";
};
};
}

290
nixos/modules/system/upstart/upstart.nix
View File

@ -1,290 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
with import ../boot/systemd-unit-options.nix { inherit config lib; };
let
userExists = u:
(u == "") || any (uu: uu.name == u) (attrValues config.users.extraUsers);
groupExists = g:
(g == "") || any (gg: gg.name == g) (attrValues config.users.extraGroups);
makeJobScript = name: content: "${pkgs.writeScriptBin name content}/bin/${name}";
# From a job description, generate an systemd unit file.
makeUnit = job:
let
hasMain = job.script != "" || job.exec != "";
env = job.environment;
preStartScript = makeJobScript "${job.name}-pre-start"
''
#! ${pkgs.stdenv.shell} -e
${job.preStart}
'';
startScript = makeJobScript "${job.name}-start"
''
#! ${pkgs.stdenv.shell} -e
${if job.script != "" then job.script else ''
exec ${job.exec}
''}
'';
postStartScript = makeJobScript "${job.name}-post-start"
''
#! ${pkgs.stdenv.shell} -e
${job.postStart}
'';
preStopScript = makeJobScript "${job.name}-pre-stop"
''
#! ${pkgs.stdenv.shell} -e
${job.preStop}
'';
postStopScript = makeJobScript "${job.name}-post-stop"
''
#! ${pkgs.stdenv.shell} -e
${job.postStop}
'';
in {
inherit (job) description requires before partOf environment path restartIfChanged unitConfig;
after =
(if job.startOn == "stopped udevtrigger" then [ "systemd-udev-settle.service" ] else
if job.startOn == "started udev" then [ "systemd-udev.service" ] else
if job.startOn == "started network-interfaces" then [ "network-interfaces.target" ] else
if job.startOn == "started networking" then [ "network.target" ] else
if job.startOn == "ip-up" then [] else
if job.startOn == "" || job.startOn == "startup" then [] else
builtins.trace "Warning: job ${job.name} has unknown startOn value ${job.startOn}." []
) ++ job.after;
wants =
(if job.startOn == "stopped udevtrigger" then [ "systemd-udev-settle.service" ] else []
) ++ job.wants;
wantedBy =
(if job.startOn == "" then [] else
if job.startOn == "ip-up" then [ "ip-up.target" ] else
[ "multi-user.target" ]) ++ job.wantedBy;
serviceConfig =
job.serviceConfig
// optionalAttrs (job.preStart != "" && (job.script != "" || job.exec != ""))
{ ExecStartPre = preStartScript; }
// optionalAttrs (job.preStart != "" && job.script == "" && job.exec == "")
{ ExecStart = preStartScript; }
// optionalAttrs (job.script != "" || job.exec != "")
{ ExecStart = startScript; }
// optionalAttrs (job.postStart != "")
{ ExecStartPost = postStartScript; }
// optionalAttrs (job.preStop != "")
{ ExecStop = preStopScript; }
// optionalAttrs (job.postStop != "")
{ ExecStopPost = postStopScript; }
// (if job.script == "" && job.exec == "" then { Type = "oneshot"; RemainAfterExit = true; } else
if job.daemonType == "fork" || job.daemonType == "daemon" then { Type = "forking"; GuessMainPID = true; } else
if job.daemonType == "none" then { } else
throw "invalid daemon type `${job.daemonType}'")
// optionalAttrs (!job.task && !(job.script == "" && job.exec == "") && job.respawn)
{ Restart = "always"; }
// optionalAttrs job.task
{ Type = "oneshot"; RemainAfterExit = false; };
};
jobOptions = serviceOptions // {
name = mkOption {
# !!! The type should ensure that this could be a filename.
type = types.str;
example = "sshd";
description = ''
Name of the job, mapped to the systemd unit
<literal><replaceable>name</replaceable>.service</literal>.
'';
};
startOn = mkOption {
#type = types.str;
default = "";
description = ''
The Upstart event that triggers this job to be started. Some
are mapped to systemd dependencies; otherwise you will get a
warning. If empty, the job will not start automatically.
'';
};
stopOn = mkOption {
type = types.str;
default = "starting shutdown";
description = ''
Ignored; this was the Upstart event that triggers this job to be stopped.
'';
};
postStart = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed after the job is started (i.e. after
the job's main process is started), but before the job is
considered running.
'';
};
preStop = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed before the job is stopped
(i.e. before systemd kills the job's main process). This can
be used to cleanly shut down a daemon.
'';
};
postStop = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed after the job has stopped
(i.e. after the job's main process has terminated).
'';
};
exec = mkOption {
type = types.str;
default = "";
description = ''
Command to start the job's main process. If empty, the
job has no main process, but can still have pre/post-start
and pre/post-stop scripts, and is considered running
until it is stopped.
'';
};
respawn = mkOption {
type = types.bool;
default = true;
description = ''
Whether to restart the job automatically if its process
ends unexpectedly.
'';
};
task = mkOption {
type = types.bool;
default = false;
description = ''
Whether this job is a task rather than a service. Tasks
are executed only once, while services are restarted when
they exit.
'';
};
daemonType = mkOption {
type = types.str;
default = "none";
description = ''
Determines how systemd detects when a daemon should be
considered running. The value <literal>none</literal> means
that the daemon is considered ready immediately. The value
<literal>fork</literal> means that the daemon will fork once.
The value <literal>daemon</literal> means that the daemon will
fork twice. The value <literal>stop</literal> means that the
daemon will raise the SIGSTOP signal to indicate readiness.
'';
};
setuid = mkOption {
type = types.addCheck types.str userExists;
default = "";
description = ''
Run the daemon as a different user.
'';
};
setgid = mkOption {
type = types.addCheck types.str groupExists;
default = "";
description = ''
Run the daemon as a different group.
'';
};
path = mkOption {
default = [];
description = ''
Packages added to the job's <envar>PATH</envar> environment variable.
Both the <filename>bin</filename> and <filename>sbin</filename>
subdirectories of each package are added.
'';
};
};
upstartJob = { name, config, ... }: {
options = {
unit = mkOption {
default = makeUnit config;
description = "Generated definition of the systemd unit corresponding to this job.";
};
};
config = {
# The default name is the name extracted from the attribute path.
name = mkDefault name;
};
};
in
{
###### interface
options = {
jobs = mkOption {
default = {};
description = ''
This option is a legacy method to define system services,
dating from the era where NixOS used Upstart instead of
systemd. You should use <option>systemd.services</option>
instead. Services defined using <option>jobs</option> are
mapped automatically to <option>systemd.services</option>, but
may not work perfectly; in particular, most
<option>startOn</option> conditions are not supported.
'';
type = types.loaOf types.optionSet;
options = [ jobOptions upstartJob ];
};
};
###### implementation
config = {
systemd.services =
flip mapAttrs' config.jobs (name: job:
nameValuePair job.name job.unit);
};
}

8
nixos/modules/tasks/filesystems/btrfs.nix
View File

@ -31,13 +31,5 @@ in
''
btrfs device scan
'';
# !!! This is broken. There should be a udev rule to do this when
# new devices are discovered.
jobs.udev.postStart =
''
${pkgs.btrfs-progs}/bin/btrfs device scan
'';
};
}

40
nixos/modules/virtualisation/libvirtd.nix
View File

@ -166,33 +166,33 @@ in
'';
};
jobs."libvirt-guests" =
{ description = "Libvirt Virtual Machines";
systemd.services."libvirt-guests" = {
description = "Libvirt Virtual Machines";
wantedBy = [ "multi-user.target" ];
wants = [ "libvirtd.service" ];
after = [ "libvirtd.service" ];
wantedBy = [ "multi-user.target" ];
wants = [ "libvirtd.service" ];
after = [ "libvirtd.service" ];
restartIfChanged = false;
restartIfChanged = false;
path = [ pkgs.gettext pkgs.libvirt pkgs.gawk ];
path = with pkgs; [ gettext libvirt gawk ];
preStart =
''
mkdir -p /var/lock/subsys -m 755
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests start || true
'';
preStart = ''
mkdir -p /var/lock/subsys -m 755
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests start || true
'';
postStop =
''
export PATH=${pkgs.gettext}/bin:$PATH
export ON_SHUTDOWN=${cfg.onShutdown}
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests stop
'';
postStop = ''
export PATH=${pkgs.gettext}/bin:$PATH
export ON_SHUTDOWN=${cfg.onShutdown}
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests stop
'';
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
};
users.extraGroups.libvirtd.gid = config.ids.gids.libvirtd;

6
nixos/tests/quake3.nix
View File

@ -34,9 +34,9 @@ rec {
{ server =
{ config, pkgs, ... }:
{ jobs."quake3-server" =
{ startOn = "startup";
exec =
{ systemd.services."quake3-server" =
{ wantedBy = [ "multi-user.target" ];
script =
"${pkgs.quake3demo}/bin/quake3-server '+set g_gametype 0' " +
"'+map q3dm7' '+addbot grunt' '+addbot daemia' 2> /tmp/log";
};