JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #29869 from Nadrieril/syncserver-fup

Browse Source 
syncserver service: follow-up of #28189
This commit is contained in:
Joachim F 2018-02-17 10:09:42 +00:00 committed by GitHub
commit faf072166b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/maintainers.nix
View File

@ -479,6 +479,7 @@
mudri = "James Wood <lamudri@gmail.com>"; mudri = "James Wood <lamudri@gmail.com>";
muflax = "Stefan Dorn <mail@muflax.com>"; muflax = "Stefan Dorn <mail@muflax.com>";
myrl = "Myrl Hex <myrl.0xf@gmail.com>"; myrl = "Myrl Hex <myrl.0xf@gmail.com>";
nadrieril = "Nadrieril Feneanar <nadrieril@gmail.com>";
namore = "Roman Naumann <namor@hemio.de>"; namore = "Roman Naumann <namor@hemio.de>";
nand0p = "Fernando Jose Pando <nando@hex7.com>"; nand0p = "Fernando Jose Pando <nando@hex7.com>";
Nate-Devv = "Nathan Moore <natedevv@gmail.com>"; Nate-Devv = "Nathan Moore <natedevv@gmail.com>";

2
nixos/modules/rename.nix
View File

@ -205,6 +205,8 @@ with lib;
"See the 16.09 release notes for more information.") "See the 16.09 release notes for more information.")
(mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ] "") (mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ] "")
(mkRemovedOptionModule [ "services" "dovecot2" "package" ] "") (mkRemovedOptionModule [ "services" "dovecot2" "package" ] "")
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "user" ] "")
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "")
(mkRemovedOptionModule [ "fonts" "fontconfig" "hinting" "style" ] "") (mkRemovedOptionModule [ "fonts" "fontconfig" "hinting" "style" ] "")
(mkRemovedOptionModule [ "services" "xserver" "displayManager" "sddm" "themes" ] (mkRemovedOptionModule [ "services" "xserver" "displayManager" "sddm" "themes" ]
"Set the option `services.xserver.displayManager.sddm.package' instead.") "Set the option `services.xserver.displayManager.sddm.package' instead.")

50
nixos/modules/services/networking/firefox/sync-server.nix
View File

@ -33,6 +33,8 @@ let
in in
{ {
meta.maintainers = with lib.maintainers; [ nadrieril ];
options = { options = {
services.firefox.syncserver = { services.firefox.syncserver = {
enable = mkOption { enable = mkOption {
@ -70,18 +72,6 @@ in
''; '';
}; };
user = mkOption {
type = types.str;
default = "syncserver";
description = "User account under which syncserver runs.";
};
group = mkOption {
type = types.str;
default = "syncserver";
description = "Group account under which syncserver runs.";
};
publicUrl = mkOption { publicUrl = mkOption {
type = types.str; type = types.str;
default = "http://localhost:5000/"; default = "http://localhost:5000/";
@ -137,7 +127,9 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.services.syncserver = let systemd.services.syncserver = let
syncServerEnv = pkgs.python.withPackages(ps: with ps; [ syncserver pasteScript ]); syncServerEnv = pkgs.python.withPackages(ps: with ps; [ syncserver pasteScript requests ]);
user = "syncserver";
group = "syncserver";
in { in {
after = [ "network.target" ]; after = [ "network.target" ];
description = "Firefox Sync Server"; description = "Firefox Sync Server";
@ -145,43 +137,43 @@ in
path = [ pkgs.coreutils syncServerEnv ]; path = [ pkgs.coreutils syncServerEnv ];
serviceConfig = { serviceConfig = {
User = cfg.user; User = user;
Group = cfg.group; Group = group;
PermissionsStartOnly = true; PermissionsStartOnly = true;
}; };
preStart = '' preStart = ''
if ! test -e ${cfg.privateConfig}; then if ! test -e ${cfg.privateConfig}; then
mkdir -m 700 -p $(dirname ${cfg.privateConfig}) mkdir -p $(dirname ${cfg.privateConfig})
echo > ${cfg.privateConfig} '[syncserver]' echo > ${cfg.privateConfig} '[syncserver]'
chmod 600 ${cfg.privateConfig}
echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')" echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
fi fi
chown ${cfg.user}:${cfg.group} ${cfg.privateConfig} chmod 600 ${cfg.privateConfig}
chmod 755 $(dirname ${cfg.privateConfig})
chown ${user}:${group} ${cfg.privateConfig}
'' + optionalString (cfg.sqlUri == defaultSqlUri) '' '' + optionalString (cfg.sqlUri == defaultSqlUri) ''
if ! test -e $(dirname ${defaultDbLocation}); then if ! test -e $(dirname ${defaultDbLocation}); then
mkdir -m 700 -p $(dirname ${defaultDbLocation}) mkdir -m 700 -p $(dirname ${defaultDbLocation})
chown ${cfg.user}:${cfg.group} $(dirname ${defaultDbLocation}) chown ${user}:${group} $(dirname ${defaultDbLocation})
fi fi
# Move previous database file if it exists # Move previous database file if it exists
oldDb="/var/db/firefox-sync-server.db" oldDb="/var/db/firefox-sync-server.db"
if test -f $oldDb; then if test -f $oldDb; then
mv $oldDb ${defaultDbLocation} mv $oldDb ${defaultDbLocation}
chown ${cfg.user}:${cfg.group} ${defaultDbLocation} chown ${user}:${group} ${defaultDbLocation}
fi fi
''; '';
serviceConfig.ExecStart = "${syncServerEnv}/bin/paster serve ${syncServerIni}"; serviceConfig.ExecStart = "${syncServerEnv}/bin/paster serve ${syncServerIni}";
}; };
users.extraUsers = optionalAttrs (cfg.user == "syncserver") users.users.syncserver = {
(singleton { group = "syncserver";
name = "syncserver"; isSystemUser = true;
group = cfg.group; };
isSystemUser = true;
});
users.extraGroups = optionalAttrs (cfg.group == "syncserver") users.groups.syncserver = {};
(singleton {
name = "syncserver";
});
}; };
} }