ehmry
/
nix-processmgmt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Synit: user management?

This commit is contained in:
Emery Hemingway 2023-11-28 17:49:54 +02:00
parent 1650358036
commit f86e024796
5 changed files with 34 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
nixproc/backends/synit/create-synit-daemon.nix
View File

@ -1,6 +1,6 @@
{ lib, busybox, runtimeShell, toPreserves, writeScript, writeTextFile }: { lib, busybox, runtimeShell, toPreserves, util, writeScript, writeTextFile }:
{ name, description, argv, environment, directory, path { name, description, environment, directory, path, user, process, args
# Shell instructions that specify how the state of the process should be initialized. # Shell instructions that specify how the state of the process should be initialized.
, initialize ? "" , initialize ? ""
# List of services that this configuration depends on. # List of services that this configuration depends on.
@ -9,15 +9,24 @@
# Example: [ "<service-state <milestone network> up>" ] # Example: [ "<service-state <milestone network> up>" ]
, depends-on ? [ ] , depends-on ? [ ]
# Whether the daemon shall be declared as required. # Whether the daemon shall be declared as required.
, require-service ? true }: , require-service ? true, forceDisableUserChange ? false }:
let let
env = environment // { env = environment // {
PATH = lib.strings.makeBinPath (path ++ [ busybox ]); PATH = lib.strings.makeBinPath (path ++ [ busybox ]);
}; };
user' = util.determineUser { inherit user forceDisableUserChange; };
processSpec = { processSpec = {
inherit argv env; argv = if user' == null then
[ process ] ++ args
else
util.invokeDaemon {
inherit process args;
su = "su";
};
inherit env;
} // (lib.attrsets.optionalAttrs (directory != null) { dir = directory; }); } // (lib.attrsets.optionalAttrs (directory != null) { dir = directory; });
serviceName = "<daemon ${name}>"; serviceName = "<daemon ${name}>";

6
nixproc/backends/synit/default.nix
View File

@ -1,13 +1,13 @@
{ lib, busybox, runtimeShell, writeScript, writeTextFile, undaemonize }: { lib, busybox, runtimeShell, writeScript, writeTextFile, undaemonize }:
rec { rec {
util = import ./util.nix { inherit lib; }; util = import ../util { inherit lib; };
toPreserves = util.toPreserves { }; inherit (import ./util.nix { inherit lib; }) toPreserves;
createSynitDaemon = import ../../backends/synit/create-synit-daemon.nix { createSynitDaemon = import ../../backends/synit/create-synit-daemon.nix {
inherit lib busybox runtimeShell writeScript writeTextFile; inherit lib busybox runtimeShell writeScript writeTextFile;
inherit toPreserves; inherit toPreserves util;
}; };
generateSynitService = generateSynitService =

14
nixproc/backends/synit/generate-synit-service.nix
View File

@ -6,12 +6,18 @@
let let
generatedTargetSpecificArgs = { generatedTargetSpecificArgs = {
inherit name description environment directory path dependencies initialize; inherit name description environment directory path dependencies initialize
user;
argv = map toString (if foregroundProcess != null then process = if foregroundProcess != null then
[ foregroundProcess ] ++ foregroundProcessArgs foregroundProcess
else else
[ "${undaemonize}/bin/undaemonize" daemon ] ++ daemonArgs); (lib.getExe undaemonize);
args = map toString (if foregroundProcess != null then
foregroundProcessArgs
else
[ daemon ] ++ daemonArgs);
}; };
targetSpecificArgs = if builtins.isFunction overrides then targetSpecificArgs = if builtins.isFunction overrides then

7
nixproc/backends/synit/util.nix
View File

@ -12,11 +12,10 @@ rec {
toPreserves { } [{ a = 0; b = 1; } "c" [ true false ] { record = "foo"; }] toPreserves { } [{ a = 0; b = 1; } "c" [ true false ] { record = "foo"; }]
=> "<foo { a: 0 b: 1 } \"c\" [ #t #f ]>" => "<foo { a: 0 b: 1 } \"c\" [ #t #f ]>"
*/ */
toPreserves = { }@args: toPreserves =
let let
toPreserves' = toPreserves args;
concatItems = toString; concatItems = toString;
mapToSeq = lib.strings.concatMapStringsSep " " toPreserves'; mapToSeq = lib.strings.concatMapStringsSep " " toPreserves;
recordLabel = list: recordLabel = list:
with builtins; with builtins;
let len = length list; let len = length list;
@ -37,7 +36,7 @@ rec {
else if lib.isAttrs v then else if lib.isAttrs v then
"{ ${ "{ ${
concatItems concatItems
(lib.attrsets.mapAttrsToList (key: val: "${key}: ${toPreserves' val}") (lib.attrsets.mapAttrsToList (key: val: "${key}: ${toPreserves val}")
v) v)
} }" } }"
else if lib.isList v then else if lib.isList v then

10
tools/synit/nixproc-synit-deploy.in
View File

@ -132,10 +132,6 @@ fi
nixproc-init-state $stateDirArg $runtimeDirArg $logDirArg $tmpDirArg $cacheDirArg $spoolDirArg $lockDirArg $libDirArg $forceDisableUserChangeArg nixproc-init-state $stateDirArg $runtimeDirArg $logDirArg $tmpDirArg $cacheDirArg $spoolDirArg $lockDirArg $libDirArg $forceDisableUserChangeArg
# Create new groups and users
createNewGroups
createNewUsers
dest_file=/run/etc/syndicate/services/processes.pr dest_file=/run/etc/syndicate/services/processes.pr
if [ -e "$dest_file"] && [ ! -L "$dest_file" ] if [ -e "$dest_file"] && [ ! -L "$dest_file" ]
@ -144,7 +140,11 @@ then
exit 1 exit 1
fi fi
ln -sf $profilePath /etc/syndicate/services/processes.pr # Create new groups and users
createNewGroups
createNewUsers
ln -sf $profilePath /run/etc/syndicate/services/processes.pr
# Delete obsolete users and groups # Delete obsolete users and groups
deleteObsoleteUsers deleteObsoleteUsers