Add a NixOS module for the Syndicate server
This commit is contained in:
parent
bf64c36c22
commit
fd17c695c7
|
@ -0,0 +1,58 @@
|
|||
# Syndicate Nix flake
|
||||
|
||||
To add to your local flake registry:
|
||||
```sh
|
||||
nix registry add syndicate "git+https://git.sr.ht/~ehmry/syndicate-flake"
|
||||
```
|
||||
|
||||
## NixOS service
|
||||
|
||||
### Importing
|
||||
To import the NixOS module:
|
||||
```nix
|
||||
{
|
||||
# /etc/nixos/flake.nix
|
||||
inputs.syndicate.url = "git+https://git.sr.ht/~ehmry/syndicate-flake";
|
||||
|
||||
outputs = { self, nixpkgs, syndicate }: {
|
||||
|
||||
nixosConfigurations.myhost = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./configuration.nix
|
||||
syndicate.nixosModules.syndicate-server
|
||||
];
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
```
|
||||
|
||||
If `/etc/nixos` is not a flake then you may be able to use the `getFlake` builtin
|
||||
to retrieve the module.
|
||||
```nix
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ (builtins.getFlake "syndicate").nixosModules.syndicate-server ];
|
||||
}
|
||||
```
|
||||
|
||||
## Configuration
|
||||
```nix
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
services.syndicate-server = {
|
||||
enable = true;
|
||||
# A socket at /run/syndicate/ds is enable by default.
|
||||
tcpListeners = [{
|
||||
address = "127.0.0.1";
|
||||
port = 3232;
|
||||
}];
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
```
|
23
flake.nix
23
flake.nix
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
description = "Syndicate helper";
|
||||
description = "Syndicate utilities";
|
||||
|
||||
inputs.rust.url = "github:oxalica/rust-overlay";
|
||||
|
||||
|
@ -14,19 +14,22 @@
|
|||
with final; {
|
||||
lib = prev.lib.extend libOverlay;
|
||||
syndicate-rs = callPackage ./syndicate-rs {
|
||||
rust = rust-bin.nightly.latest.default;
|
||||
rust = let pkgs = prev.extend rust.overlay;
|
||||
in pkgs.rust-bin.nightly.latest.default;
|
||||
};
|
||||
};
|
||||
|
||||
legacyPackages = forEachSystem (system:
|
||||
let pkgs = nixpkgs.legacyPackages.${system};
|
||||
in (pkgs.extend rust.overlay).extend self.overlay);
|
||||
|
||||
packages = forEachSystem (system:
|
||||
let pkgs = nixpkgs.legacyPackages.${system};
|
||||
in with (pkgs.extend rust.overlay).extend self.overlay; {
|
||||
inherit syndicate-rs;
|
||||
});
|
||||
let pkgs = nixpkgs.legacyPackages.${system}.extend self.overlay;
|
||||
in with pkgs; { inherit syndicate-rs; });
|
||||
|
||||
nixosModules.syndicate-server =
|
||||
# A little hack to apply our overlay to this module only.
|
||||
let f = import ./nixos/syndicate-server.nix;
|
||||
in { config, lib, pkgs, ... }:
|
||||
f {
|
||||
inherit config lib;
|
||||
pkgs = pkgs.extend self.overlay;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,96 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
|
||||
{
|
||||
options.services.syndicate-server = {
|
||||
enable = mkEnableOption "the Syndicate dataspace server";
|
||||
|
||||
package = mkOption {
|
||||
default = pkgs.syndicate-rs;
|
||||
defaultText = "pkgs.syndicate-rs";
|
||||
type = types.package;
|
||||
description = "The package to use for the Syndicate dataspace server.";
|
||||
};
|
||||
|
||||
tcpListeners = mkOption {
|
||||
default = [ ];
|
||||
example = [{
|
||||
address = "0.0.0.0";
|
||||
port = 8001;
|
||||
}];
|
||||
type = with types;
|
||||
listOf (submodule {
|
||||
options = {
|
||||
address = mkOption { type = str; };
|
||||
port = mkOption { type = port; };
|
||||
};
|
||||
});
|
||||
description = "TCP ports to listen for connections on.";
|
||||
};
|
||||
|
||||
unixListeners = mkOption {
|
||||
default = [ "/run/syndicate/ds" ];
|
||||
type = types.listOf types.path;
|
||||
description = "Sockets to listen for connections on.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = let
|
||||
cfg = config.services.syndicate-server;
|
||||
configDir = "/run/syndicate/config";
|
||||
requireServiceRelayListener = spec:
|
||||
"<require-service <relay-listener ${spec}>>";
|
||||
in mkIf cfg.enable {
|
||||
|
||||
systemd.services.syndicate-server = {
|
||||
description = "Syndicate dataspace server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${configDir}";
|
||||
ExecStart = "${cfg.package}/bin/syndicate-server --config ${configDir}";
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
DynamicUser = true;
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "syndicate";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.syndicate-server-unix-listeners = {
|
||||
description = "Syndicate dataspace server";
|
||||
after = [ "syndicate-server.service" "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = let
|
||||
prsFile = builtins.toFile "unix-listeners.pr"
|
||||
(lib.strings.concatMapStrings
|
||||
(path: requireServiceRelayListener ''<unix "${path}">'')
|
||||
cfg.unixListeners);
|
||||
flags = map (path: "--socket ${path}") cfg.sockets;
|
||||
in "${pkgs.coreutils}/bin/cp ${prsFile} ${configDir}/nixos-unix-listeners.pr";
|
||||
ExecStop =
|
||||
"${pkgs.coreutils}/bin/rm ${configDir}/nixos-unix-listeners.pr";
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.syndicate-server-tcp-listeners = {
|
||||
description = "Syndicate dataspace server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "syndicate-server.service" ];
|
||||
serviceConfig = {
|
||||
ExecStart = let
|
||||
prsFile = builtins.toFile "tcp-listeners.pr"
|
||||
(lib.strings.concatMapStrings ({ address, port }:
|
||||
requireServiceRelayListener
|
||||
''<tcp "${address}" ${toString port}>'') cfg.tcpListeners);
|
||||
flags = map (path: "--socket ${path}") cfg.sockets;
|
||||
in "${pkgs.coreutils}/bin/cp ${prsFile} ${configDir}/nixos-tcp-listeners.pr";
|
||||
ExecStop =
|
||||
"${pkgs.coreutils}/bin/rm ${configDir}/nixos-tcp-listeners.pr";
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue