98 lines
2.6 KiB
Nix
98 lines
2.6 KiB
Nix
{ lib, config, pkgs, ... }:
|
|
|
|
with lib;
|
|
with lib.plusultra;
|
|
let
|
|
cfg = config.plusultra.services.attic;
|
|
|
|
toml-format = pkgs.formats.toml { };
|
|
|
|
raw-server-toml = toml-format.generate "server.toml" cfg.settings;
|
|
|
|
server-toml = pkgs.runCommand "checked-server.toml" { config = raw-server-toml; } ''
|
|
cat $config
|
|
|
|
export ATTIC_SERVER_TOKEN_HS256_SECRET_BASE64="dGVzdCBzZWNyZXQ="
|
|
export ATTIC_SERVER_DATABASE_URL="sqlite://:memory:"
|
|
|
|
${cfg.package}/bin/atticd --mode check-config -f "$config"
|
|
|
|
cat < $config > $out
|
|
'';
|
|
|
|
is-local-postgres =
|
|
let
|
|
url = cfg.settings.database.url or "";
|
|
local-db-strings = [ "localhost" "127.0.0.1" "/run/postgresql" ];
|
|
is-local-db-url = any (flip hasInfix url) local-db-strings;
|
|
in
|
|
config.services.postgresql.enable
|
|
&& hasPrefix "postgresql://" url
|
|
&& is-local-db-url;
|
|
in
|
|
{
|
|
options.plusultra.services.attic = {
|
|
enable = mkEnableOption "Attic";
|
|
|
|
package = mkOpt types.package pkgs.attic-server "The attic-server package to use.";
|
|
|
|
credentials = mkOpt (types.nullOr types.path) null "The path to an optional EnvironmentFile for the atticd service to use.";
|
|
|
|
user = mkOpt types.str "atticd" "The user under which attic runs.";
|
|
group = mkOpt types.str "atticd" "The group under which attic runs.";
|
|
|
|
settings = mkOpt toml-format.type { } "Settings for the atticd config file.";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
assertions = [
|
|
{
|
|
assertion = !isStorePath cfg.credentials;
|
|
message = "plusultra.services.attic.credentials CANNOT be in the Nix Store.";
|
|
}
|
|
];
|
|
|
|
users = {
|
|
users = optionalAttrs (cfg.user == "atticd") {
|
|
atticd = {
|
|
group = cfg.group;
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
|
|
groups = optionalAttrs (cfg.group == "atticd") {
|
|
atticd = { };
|
|
};
|
|
};
|
|
|
|
plusultra = {
|
|
tools.attic = enabled;
|
|
|
|
services.attic.settings = {
|
|
database.url = mkDefault "sqlite:///var/lib/atticd/server.db?mode=rwc";
|
|
|
|
storage = mkDefault {
|
|
type = "local";
|
|
path = "/var/lib/atticd/storage";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.atticd = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ]
|
|
++ optionals is-local-postgres [ "postgresql.service" "nss-lookup.target" ];
|
|
|
|
serviceConfig = {
|
|
ExecStart = "${cfg.package}/bin/atticd -f ${server-toml}";
|
|
StateDirectory = "atticd";
|
|
User = cfg.user;
|
|
Group = cfg.group;
|
|
DynamicUser = true;
|
|
} // optionalAttrs (cfg.credentials != null) {
|
|
EnvironmentFile = mkDefault cfg.credentials;
|
|
};
|
|
};
|
|
};
|
|
}
|