kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

jobs -> systemd.services

Browse Source
wip/yesman
Robin Gloster 9 years ago
parent af50b03f50
commit 88292fdf09
49 changed files with 796 additions and 1248 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix
  2. 2
      nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
  3. 1
      nixos/modules/module-list.nix
  4. 8
      nixos/modules/services/databases/4store-endpoint.nix
  5. 9
      nixos/modules/services/databases/4store.nix
  6. 25
      nixos/modules/services/databases/virtuoso.nix
  7. 4
      nixos/modules/services/games/ghost-one.nix
  8. 24
      nixos/modules/services/hardware/acpid.nix
  9. 15
      nixos/modules/services/hardware/pommed.nix
  10. 25
      nixos/modules/services/logging/klogd.nix
  11. 17
      nixos/modules/services/mail/freepops.nix
  12. 6
      nixos/modules/services/mail/spamassassin.nix
  13. 15
      nixos/modules/services/misc/dictd.nix
  14. 110
      nixos/modules/services/misc/disnix.nix
  15. 95
      nixos/modules/services/misc/felix.nix
  16. 32
      nixos/modules/services/misc/folding-at-home.nix
  17. 10
      nixos/modules/services/misc/svnserve.nix
  18. 16
      nixos/modules/services/monitoring/monit.nix
  19. 29
      nixos/modules/services/monitoring/ups.nix
  20. 38
      nixos/modules/services/network-filesystems/drbd.nix
  21. 52
      nixos/modules/services/network-filesystems/openafs-client/default.nix
  22. 31
      nixos/modules/services/networking/amuled.nix
  23. 23
      nixos/modules/services/networking/bind.nix
  24. 134
      nixos/modules/services/networking/ejabberd.nix
  25. 9
      nixos/modules/services/networking/git-daemon.nix
  26. 32
      nixos/modules/services/networking/gvpe.nix
  27. 26
      nixos/modules/services/networking/ifplugd.nix
  28. 18
      nixos/modules/services/networking/ircd-hybrid/default.nix
  29. 17
      nixos/modules/services/networking/oidentd.nix
  30. 48
      nixos/modules/services/networking/openfire.nix
  31. 25
      nixos/modules/services/networking/prayer.nix
  32. 12
      nixos/modules/services/networking/radicale.nix
  33. 6
      nixos/modules/services/networking/softether.nix
  34. 106
      nixos/modules/services/networking/ssh/lshd.nix
  35. 8
      nixos/modules/services/networking/tcpcrypt.nix
  36. 14
      nixos/modules/services/networking/wicd.nix
  37. 22
      nixos/modules/services/networking/xinetd.nix
  38. 84
      nixos/modules/services/scheduling/atd.nix
  39. 38
      nixos/modules/services/scheduling/fcron.nix
  40. 32
      nixos/modules/services/security/fprot.nix
  41. 33
      nixos/modules/services/system/kerberos.nix
  42. 26
      nixos/modules/services/system/uptimed.nix
  43. 13
      nixos/modules/services/web-servers/jboss/default.nix
  44. 390
      nixos/modules/services/web-servers/tomcat.nix
  45. 17
      nixos/modules/services/x11/xfs.nix
  46. 290
      nixos/modules/system/upstart/upstart.nix
  47. 8
      nixos/modules/tasks/filesystems/btrfs.nix
  48. 40
      nixos/modules/virtualisation/libvirtd.nix
  49. 6
      nixos/tests/quake3.nix

3
nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix
Unescape View File

@ -149,8 +149,7 @@ in
# not be started by default on the installation CD because the
# default root password is empty.
services.openssh.enable = true;
jobs.openssh.startOn = lib.mkOverride 50 "";
systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
boot.loader.grub.enable = false;
boot.loader.generationsDir.enable = false;

2
nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
Unescape View File

@ -164,7 +164,7 @@ in
# not be started by default on the installation CD because the
# default root password is empty.
services.openssh.enable = true;
jobs.openssh.startOn = lib.mkOverride 50 "";
systemd.services.openssh.wantedBy = lib.mkOverride 50 [];
# cpufrequtils fails to build on non-pc
powerManagement.enable = false;

1
nixos/modules/module-list.nix
Unescape View File

@ -475,7 +475,6 @@
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/etc/etc.nix
./system/upstart/upstart.nix
./tasks/bcache.nix
./tasks/cpu-freq.nix
./tasks/encrypted-devices.nix

8
nixos/modules/services/databases/4store-endpoint.nix
Unescape View File

@ -60,11 +60,9 @@ with lib;
services.avahi.enable = true;
jobs.fourStoreEndpoint = {
name = "4store-endpoint";
startOn = "ip-up";
exec = ''
systemd.services."4store-endpoint" = {
wantedBy = [ "ip-up.target" ];
script = ''
${run} '${pkgs.rdf4store}/bin/4s-httpd -D ${cfg.options} ${if cfg.listenAddress!=null then "-H ${cfg.listenAddress}" else "" } -p ${toString cfg.port} ${cfg.database}'
'';
};

9
nixos/modules/services/databases/4store.nix
Unescape View File

@ -52,9 +52,8 @@ with lib;
services.avahi.enable = true;
jobs.fourStore = {
name = "4store";
startOn = "ip-up";
systemd.services."4store" = {
wantedBy = [ "ip-up.target" ];
preStart = ''
mkdir -p ${stateDir}/
@ -64,11 +63,9 @@ with lib;
fi
'';
exec = ''
script = ''
${run} -c '${pkgs.rdf4store}/bin/4s-backend -D ${cfg.options} ${cfg.database}'
'';
};
};
}

25
nixos/modules/services/databases/virtuoso.nix
Unescape View File

@ -29,20 +29,20 @@ with lib;
};
listenAddress = mkOption {
default = "1111";
example = "myserver:1323";
default = "1111";
example = "myserver:1323";
description = "ip:port or port to listen on.";
};
httpListenAddress = mkOption {
default = null;
example = "myserver:8080";
default = null;
example = "myserver:8080";
description = "ip:port or port for Virtuoso HTTP server to listen on.";
};
dirsAllowed = mkOption {
default = null;
example = "/www, /home/";
default = null;
example = "/www, /home/";
description = "A list of directories Virtuoso is allowed to access";
};
};
@ -61,18 +61,17 @@ with lib;
home = stateDir;
};
jobs.virtuoso = {
name = "virtuoso";
startOn = "ip-up";
systemd.services.virtuoso = {
wantedBy = [ "ip-up.target" ];
preStart = ''
mkdir -p ${stateDir}
chown ${virtuosoUser} ${stateDir}
mkdir -p ${stateDir}
chown ${virtuosoUser} ${stateDir}
'';
script = ''
cd ${stateDir}
${pkgs.virtuoso}/bin/virtuoso-t +foreground +configfile ${pkgs.writeText "virtuoso.ini" cfg.config}
cd ${stateDir}
${pkgs.virtuoso}/bin/virtuoso-t +foreground +configfile ${pkgs.writeText "virtuoso.ini" cfg.config}
'';
};

4
nixos/modules/services/games/ghost-one.nix
Unescape View File

@ -78,8 +78,8 @@ in
bot_replaypath = replays
'';
jobs.ghostOne = {
name = "ghost-one";
systemd.services."ghost-one" = {
wantedBy = [ "multi-user.target" ];
script = ''
mkdir -p ${stateDir}
cd ${stateDir}

24
nixos/modules/services/hardware/acpid.nix
Unescape View File

@ -98,22 +98,26 @@ in
config = mkIf config.services.acpid.enable {
jobs.acpid =
{ description = "ACPI Daemon";
systemd.services.acpid = {
description = "ACPI Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "systemd-udev-settle.service" ];
wantedBy = [ "multi-user.target" ];
after = [ "systemd-udev-settle.service" ];
path = [ pkgs.acpid ];
path = [ pkgs.acpid ];
daemonType = "fork";
exec = "acpid --confdir ${acpiConfDir}";
serviceConfig = {
Type = "forking";
};
unitConfig.ConditionVirtualization = "!systemd-nspawn";
unitConfig.ConditionPathExists = [ "/proc/acpi" ];
unitConfig = {
ConditionVirtualization = "!systemd-nspawn";
ConditionPathExists = [ "/proc/acpi" ];
};
script = "acpid --confdir ${acpiConfDir}";
};
};
}

15
nixos/modules/services/hardware/pommed.nix
Unescape View File

@ -35,18 +35,13 @@ with lib;
services.dbus.packages = [ pkgs.pommed ];
jobs.pommed = { name = "pommed";
systemd.services.pommed = {
description = "Pommed hotkey management";
startOn = "started dbus";
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ];
postStop = "rm -f /var/run/pommed.pid";
exec = "${pkgs.pommed}/bin/pommed";
daemonType = "fork";
script = "${pkgs.pommed}/bin/pommed";
serviceConfig.Type = "forking";
path = [ pkgs.eject ];
};
};

25
nixos/modules/services/logging/klogd.nix
Unescape View File

@ -24,21 +24,14 @@ with lib;
###### implementation
config = mkIf config.services.klogd.enable {
jobs.klogd =
{ description = "Kernel Log Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.sysklogd ];
unitConfig.ConditionVirtualization = "!systemd-nspawn";
exec =
"klogd -c 1 -2 -n " +
"-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map";
};
systemd.services.klogd = {
description = "Kernel Log Daemon";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.sysklogd ];
unitConfig.ConditionVirtualization = "!systemd-nspawn";
script =
"klogd -c 1 -2 -n " +
"-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map";
};
};
}

17
nixos/modules/services/mail/freepops.nix
Unescape View File

@ -72,15 +72,16 @@ in
};
config = mkIf cfg.enable {
jobs.freepopsd = {
systemd.services.freepopsd = {
description = "Freepopsd (webmail over POP3)";
startOn = "ip-up";
exec = ''${pkgs.freepops}/bin/freepopsd \
-p ${toString cfg.port} \
-t ${toString cfg.threads} \
-b ${cfg.bind} \
-vv -l ${cfg.logFile} \
-s ${cfg.suid.user}.${cfg.suid.group}
wantedBy = [ "ip-up.target" ];
script = ''
${pkgs.freepops}/bin/freepopsd \
-p ${toString cfg.port} \
-t ${toString cfg.threads} \
-b ${cfg.bind} \
-vv -l ${cfg.logFile} \
-s ${cfg.suid.user}.${cfg.suid.group}
'';
};
};

6
nixos/modules/services/mail/spamassassin.nix
Unescape View File

@ -50,15 +50,13 @@ in
gid = config.ids.gids.spamd;
};
jobs.spamd = {
systemd.services.spamd = {
description = "Spam Assassin Server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
exec = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --nouser-config --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/var/run/spamd.pid";
script = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --nouser-config --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/var/run/spamd.pid";
};
};
}

15
nixos/modules/services/misc/dictd.nix
Unescape View File

@ -51,13 +51,12 @@ with lib;
gid = config.ids.gids.dictd;
};
jobs.dictd =
{ description = "DICT.org Dictionary Server";
startOn = "startup";
environment = { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; };
daemonType = "fork";
exec = "${pkgs.dict}/sbin/dictd -s -c ${dictdb}/share/dictd/dictd.conf --locale en_US.UTF-8";
};
systemd.services.dictd = {
description = "DICT.org Dictionary Server";
wantedBy = [ "multi-user.target" ];
environment = { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; };
serviceConfig.Type = "forking";
script = "${pkgs.dict}/sbin/dictd -s -c ${dictdb}/share/dictd/dictd.conf --locale en_US.UTF-8";
};
};
}

110
nixos/modules/services/misc/disnix.nix
Unescape View File

@ -91,7 +91,7 @@ in
( { hostname = config.networking.hostName;
#targetHost = config.deployment.targetHost;
system = if config.nixpkgs.system == "" then builtins.currentSystem else config.nixpkgs.system;
supportedTypes = (import "${pkgs.stdenv.mkDerivation {
name = "supportedtypes";
buildCommand = ''
@ -117,63 +117,61 @@ in
services.disnix.publishInfrastructure.enable = cfg.publishAvahi;
jobs = {
disnix =
{ description = "Disnix server";
wants = [ "dysnomia.target" ];
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ]
++ optional config.services.httpd.enable "httpd.service"
++ optional config.services.mysql.enable "mysql.service"
++ optional config.services.postgresql.enable "postgresql.service"
++ optional config.services.tomcat.enable "tomcat.service"
++ optional config.services.svnserve.enable "svnserve.service"
++ optional config.services.mongodb.enable "mongodb.service";
restartIfChanged = false;
path = [ pkgs.nix pkgs.disnix dysnomia "/run/current-system/sw" ];
environment = {
HOME = "/root";
};
preStart = ''
mkdir -p /etc/systemd-mutable/system
if [ ! -f /etc/systemd-mutable/system/dysnomia.target ]
then
( echo "[Unit]"
echo "Description=Services that are activated and deactivated by Dysnomia"
echo "After=final.target"
) > /etc/systemd-mutable/system/dysnomia.target
fi
'';
exec = "disnix-service";
systemd.services = {
disnix = {
description = "Disnix server";
wants = [ "dysnomia.target" ];
wantedBy = [ "multi-user.target" ];
after = [ "dbus.service" ]
++ optional config.services.httpd.enable "httpd.service"
++ optional config.services.mysql.enable "mysql.service"
++ optional config.services.postgresql.enable "postgresql.service"
++ optional config.services.tomcat.enable "tomcat.service"
++ optional config.services.svnserve.enable "svnserve.service"
++ optional config.services.mongodb.enable "mongodb.service";
restartIfChanged = false;
path = [ pkgs.nix pkgs.disnix dysnomia "/run/current-system/sw" ];
environment = {
HOME = "/root";
};
preStart = ''
mkdir -p /etc/systemd-mutable/system
if [ ! -f /etc/systemd-mutable/system/dysnomia.target ]
then
( echo "[Unit]"
echo "Description=Services that are activated and deactivated by Dysnomia"
echo "After=final.target"
) > /etc/systemd-mutable/system/dysnomia.target
fi
'';
script = "disnix-service";
};
} // optionalAttrs cfg.publishAvahi {
disnixAvahi =
{ description = "Disnix Avahi publisher";
startOn = "started avahi-daemon";
exec =
''
${pkgs.avahi}/bin/avahi-publish-service disnix-${config.networking.hostName} _disnix._tcp 22 \
"mem=$(grep 'MemTotal:' /proc/meminfo | sed -e 's/kB//' -e 's/MemTotal://' -e 's/ //g')" \
${concatMapStrings (infrastructureAttrName:
let infrastructureAttrValue = getAttr infrastructureAttrName (cfg.infrastructure);
in
if isInt infrastructureAttrValue then
''${infrastructureAttrName}=${toString infrastructureAttrValue} \
''
else
''${infrastructureAttrName}=\"${infrastructureAttrValue}\" \
''
) (attrNames (cfg.infrastructure))}
'';
};
disnixAvahi = {
description = "Disnix Avahi publisher";
wants = [ "avahi-daemon.service" ];
wantedBy = [ "multi-user.target" ];
script = ''
${pkgs.avahi}/bin/avahi-publish-service disnix-${config.networking.hostName} _disnix._tcp 22 \
"mem=$(grep 'MemTotal:' /proc/meminfo | sed -e 's/kB//' -e 's/MemTotal://' -e 's/ //g')" \
${concatMapStrings (infrastructureAttrName:
let infrastructureAttrValue = getAttr infrastructureAttrName (cfg.infrastructure);
in
if isInt infrastructureAttrValue then
''${infrastructureAttrName}=${toString infrastructureAttrValue} \
''
else
''${infrastructureAttrName}=\"${infrastructureAttrValue}\" \
''
) (attrNames (cfg.infrastructure))}
'';
};
};
};
}

95
nixos/modules/services/misc/felix.nix
Unescape View File

@ -57,54 +57,51 @@ in
home = "/homeless-shelter";
};
jobs.felix =
{ description = "Felix server";
preStart =
''
# Initialise felix instance on first startup
if [ ! -d /var/felix ]
then
# Symlink system files
mkdir -p /var/felix
chown ${cfg.user}:${cfg.group} /var/felix
for i in ${pkgs.felix}/*
do
if [ "$i" != "${pkgs.felix}/bundle" ]
then
ln -sfn $i /var/felix/$(basename $i)
fi
done
# Symlink bundles
mkdir -p /var/felix/bundle
chown ${cfg.user}:${cfg.group} /var/felix/bundle
for i in ${pkgs.felix}/bundle/* ${toString cfg.bundles}
do
if [ -f $i ]
then
ln -sfn $i /var/felix/bundle/$(basename $i)
elif [ -d $i ]
then
for j in $i/bundle/*
do
ln -sfn $j /var/felix/bundle/$(basename $j)
done
fi
done
fi
'';
script =
''
cd /var/felix
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c '${pkgs.jre}/bin/java -jar bin/felix.jar'
'';
};
systemd.services.felix = {
description = "Felix server";
wantedBy = [ "multi-user.target" ];
preStart = ''
# Initialise felix instance on first startup
if [ ! -d /var/felix ]
then
# Symlink system files
mkdir -p /var/felix
chown ${cfg.user}:${cfg.group} /var/felix
for i in ${pkgs.felix}/*
do
if [ "$i" != "${pkgs.felix}/bundle" ]
then
ln -sfn $i /var/felix/$(basename $i)
fi
done
# Symlink bundles
mkdir -p /var/felix/bundle
chown ${cfg.user}:${cfg.group} /var/felix/bundle
for i in ${pkgs.felix}/bundle/* ${toString cfg.bundles}
do
if [ -f $i ]
then
ln -sfn $i /var/felix/bundle/$(basename $i)
elif [ -d $i ]
then
for j in $i/bundle/*
do
ln -sfn $j /var/felix/bundle/$(basename $j)
done
fi
done
fi
'';
script = ''
cd /var/felix
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c '${pkgs.jre}/bin/java -jar bin/felix.jar'
'';
};
};
}

32
nixos/modules/services/misc/folding-at-home.nix
Unescape View File

@ -49,26 +49,20 @@ in {
home = stateDir;
};
jobs.foldingAtHome =
{ name = "foldingathome";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${fahUser} ${stateDir}
cp -f ${pkgs.writeText "client.cfg" cfg.config} ${stateDir}/client.cfg
'';
exec = "${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${fahUser} -c 'cd ${stateDir}; ${pkgs.foldingathome}/bin/fah6'";
};
services.foldingAtHome.config = ''
[settings]
username=${cfg.nickname}
systemd.services.foldingathome = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fahUser} ${stateDir}
cp -f ${pkgs.writeText "client.cfg" cfg.config} ${stateDir}/client.cfg
'';
script = "${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${fahUser} -c 'cd ${stateDir}; ${pkgs.foldingathome}/bin/fah6'";
};
services.foldingAtHome.config = ''
[settings]
username=${cfg.nickname}
'';
};
}

10
nixos/modules/services/misc/svnserve.nix
Unescape View File

@ -34,13 +34,11 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.svnserve = {
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
systemd.services.svnserve = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = "mkdir -p ${cfg.svnBaseDir}";
exec = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
script = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
};
};
}

16
nixos/modules/services/monitoring/monit.nix
Unescape View File

@ -19,10 +19,6 @@ in
default = "";
description = "monit.conf content";
};
startOn = mkOption {
default = "started network-interfaces";
description = "What Monit supposes to be already present";
};
};
};
@ -39,14 +35,12 @@ in
}
];
jobs.monit = {
systemd.services.monit = {
description = "Monit system watcher";
startOn = config.services.monit.startOn;
exec = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf";
respawn = true;
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.monit}/bin/monit -I -c /etc/monit.conf";
serviceConfig.Restart = "always";
};
};
}

29
nixos/modules/services/monitoring/ups.nix
Unescape View File

@ -180,31 +180,36 @@ in
environment.systemPackages = [ pkgs.nut ];
jobs.upsmon = {
systemd.services.upsmon = {
description = "Uninterruptible Power Supplies (Monitor)";
startOn = "ip-up";
daemonType = "fork";
exec = ''${pkgs.nut}/sbin/upsmon'';
wantedBy = [ "ip-up.target" ];
serviceConfig.Type = "forking";
script = "${pkgs.nut}/sbin/upsmon";
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};
jobs.upsd = {
systemd.services.upsd = {
description = "Uninterruptible Power Supplies (Daemon)";
startOn = "started network-interfaces and started upsmon";
daemonType = "fork";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" "upsmon.service" ];
serviceConfig.Type = "forking";
# TODO: replace 'root' by another username.
exec = ''${pkgs.nut}/sbin/upsd -u root'';
script = "${pkgs.nut}/sbin/upsd -u root";
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};
jobs.upsdrv = {
systemd.services.upsdrv = {
description = "Uninterruptible Power Supplies (Register all UPS)";
startOn = "started upsd";
wantedBy = [ "multi-user.target" ];
after = [ "upsd.service" ];
# TODO: replace 'root' by another username.
exec = ''${pkgs.nut}/bin/upsdrvctl -u root start'';
task = true;
script = ''${pkgs.nut}/bin/upsdrvctl -u root start'';
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};

38
nixos/modules/services/network-filesystems/drbd.nix
Unescape View File

@ -31,13 +31,13 @@ let cfg = config.services.drbd; in
};
###### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.drbd ];
services.udev.packages = [ pkgs.drbd ];
boot.kernelModules = [ "drbd" ];
@ -52,26 +52,16 @@ let cfg = config.services.drbd; in
target = "drbd.conf";
};
jobs.drbd_up =
{ name = "drbd-up";
startOn = "stopped udevtrigger or ip-up";
task = true;
script =
''
${pkgs.drbd}/sbin/drbdadm up all
'';
};
jobs.drbd_down =
{ name = "drbd-down";
startOn = "starting shutdown";
task = true;
script =
''
${pkgs.drbd}/sbin/drbdadm down all
'';
};
systemd.services.drbd = {
after = [ "systemd-udev.settle.service" ];
wants = [ "systemd-udev.settle.service" ];
wantedBy = [ "ip-up.target" ];
script = ''
${pkgs.drbd}/sbin/drbdadm up all
'';
serviceConfig.ExecStop = ''
${pkgs.drbd}/sbin/drbdadm down all
'';
};
};
}

52
nixos/modules/services/network-filesystems/openafs-client/default.nix
Unescape View File

@ -72,34 +72,28 @@ in
}
];
jobs.openafsClient =
{ name = "afsd";
description = "AFS client";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
preStart = ''
mkdir -p -m 0755 /afs
mkdir -m 0700 -p ${cfg.cacheDirectory}
${pkgs.module_init_tools}/sbin/insmod ${openafsPkgs}/lib/openafs/libafs-*.ko || true
${openafsPkgs}/sbin/afsd -confdir ${afsConfig} -cachedir ${cfg.cacheDirectory} ${if cfg.sparse then "-dynroot-sparse" else "-dynroot"} -fakestat -afsdb
${openafsPkgs}/bin/fs setcrypt ${if cfg.crypt then "on" else "off"}
'';
# Doing this in preStop, because after these commands AFS is basically
# stopped, so systemd has nothing to do, just noticing it. If done in
# postStop, then we get a hang + kernel oops, because AFS can't be
# stopped simply by sending signals to processes.
preStop = ''
${pkgs.utillinux}/bin/umount /afs
${openafsPkgs}/sbin/afsd -shutdown
${pkgs.module_init_tools}/sbin/rmmod libafs
'';
};
systemd.services.afsd = {
description = "AFS client";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
preStart = ''
mkdir -p -m 0755 /afs
mkdir -m 0700 -p ${cfg.cacheDirectory}
${pkgs.module_init_tools}/sbin/insmod ${openafsPkgs}/lib/openafs/libafs-*.ko || true
${openafsPkgs}/sbin/afsd -confdir ${afsConfig} -cachedir ${cfg.cacheDirectory} ${if cfg.sparse then "-dynroot-sparse" else "-dynroot"} -fakestat -afsdb
${openafsPkgs}/bin/fs setcrypt ${if cfg.crypt then "on" else "off"}
'';
# Doing this in preStop, because after these commands AFS is basically
# stopped, so systemd has nothing to do, just noticing it. If done in
# postStop, then we get a hang + kernel oops, because AFS can't be
# stopped simply by sending signals to processes.
preStop = ''
${pkgs.utillinux}/bin/umount /afs
${openafsPkgs}/sbin/afsd -shutdown
${pkgs.module_init_tools}/sbin/rmmod libafs
'';
};
};
}

31
nixos/modules/services/networking/amuled.nix
Unescape View File

@ -57,22 +57,19 @@ in
gid = config.ids.gids.amule;
} ];
jobs.amuled =
{ description = "AMule daemon";
startOn = "ip-up";
preStart = ''
mkdir -p ${cfg.dataDir}
chown ${user} ${cfg.dataDir}
'';
exec = ''
${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${user} \
-c 'HOME="${cfg.dataDir}" ${pkgs.amuleDaemon}/bin/amuled'
'';
};
systemd.services.amuled = {
description = "AMule daemon";
wantedBy = [ "ip-up.target" ];
preStart = ''
mkdir -p ${cfg.dataDir}
chown ${user} ${cfg.dataDir}
'';
script = ''
${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${user} \
-c 'HOME="${cfg.dataDir}" ${pkgs.amuleDaemon}/bin/amuled'
'';
};
};
}

23
nixos/modules/services/networking/bind.nix
Unescape View File

@ -142,20 +142,17 @@ in
description = "BIND daemon user";
};
jobs.bind =
{ description = "BIND name server job";
systemd.services.bind = {
description = "BIND name server job";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
startOn = "started network-interfaces";
preStart =
''
${pkgs.coreutils}/bin/mkdir -p /var/run/named
chown ${bindUser} /var/run/named
'';
exec = "${pkgs.bind}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
};
preStart = ''
${pkgs.coreutils}/bin/mkdir -p /var/run/named
chown ${bindUser} /var/run/named
'';
script = "${pkgs.bind}/sbin/named -u ${bindUser} ${optionalString cfg.ipv4Only "-4"} -c ${cfg.configFile} -f";
};
};
}

134
nixos/modules/services/networking/ejabberd.nix
Unescape View File

@ -56,81 +56,73 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.ejabberd ];
jobs.ejabberd =
{ description = "EJabberd server";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
environment = {
PATH = "$PATH:${pkgs.ejabberd}/sbin:${pkgs.ejabberd}/bin:${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.gnused}/bin";
};
preStart =
systemd.services.ejabberd = {
description = "EJabberd server";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ ejabberd coreutils bash gnused ];
preStart = ''
# Initialise state data
mkdir -p ${cfg.logsDir}
if ! test -d ${cfg.spoolDir}
then
initialize=1
cp -av ${pkgs.ejabberd}/var/lib/ejabberd /var/lib
fi
if ! test -d ${cfg.confDir}
then
mkdir -p ${cfg.confDir}
cp ${pkgs.ejabberd}/etc/ejabberd/* ${cfg.confDir}
sed -e 's|{hosts, \["localhost"\]}.|{hosts, \[${cfg.virtualHosts}\]}.|' ${pkgs.ejabberd}/etc/ejabberd/ejabberd.cfg > ${cfg.confDir}/ejabberd.cfg
fi
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} start
${if cfg.loadDumps == [] then "" else
''
PATH="$PATH:${pkgs.ejabberd}/sbin:${pkgs.ejabberd}/bin:${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.gnused}/bin";
# Initialise state data
mkdir -p ${cfg.logsDir}
if ! test -d ${cfg.spoolDir}
then
initialize=1
cp -av ${pkgs.ejabberd}/var/lib/ejabberd /var/lib
fi
if ! test -d ${cfg.confDir}
if [ "$initialize" = "1" ]
then
mkdir -p ${cfg.confDir}
cp ${pkgs.ejabberd}/etc/ejabberd/* ${cfg.confDir}
sed -e 's|{hosts, \["localhost"\]}.|{hosts, \[${cfg.virtualHosts}\]}.|' ${pkgs.ejabberd}/etc/ejabberd/ejabberd.cfg > ${cfg.confDir}/ejabberd.cfg
# Wait until the ejabberd server is available for use
count=0
while ! ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} status
do
if [ $count -eq 30 ]
then
echo "Tried 30 times, giving up..."
exit 1
fi
echo "Ejabberd daemon not yet started. Waiting for 1 second..."
count=$((count++))
sleep 1
done
${concatMapStrings (dump:
''
echo "Importing dump: ${dump}"
if [ -f ${dump} ]
then
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load ${dump}
elif [ -d ${dump} ]
then
for i in ${dump}/ejabberd-dump/*
do
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load $i
done
fi
'') cfg.loadDumps}
fi
''}
'';
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} start
${if cfg.loadDumps == [] then "" else
''
if [ "$initialize" = "1" ]
then
# Wait until the ejabberd server is available for use
count=0
while ! ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} status
do
if [ $count -eq 30 ]
then
echo "Tried 30 times, giving up..."
exit 1
fi
echo "Ejabberd daemon not yet started. Waiting for 1 second..."
count=$((count++))
sleep 1
done
${concatMapStrings (dump:
''
echo "Importing dump: ${dump}"
if [ -f ${dump} ]
then
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load ${dump}
elif [ -d ${dump} ]
then
for i in ${dump}/ejabberd-dump/*
do
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} load $i
done
fi
'') cfg.loadDumps}
fi
''}
'';
postStop =
''
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} stop
'';
};
postStop = ''
ejabberdctl --config-dir ${cfg.confDir} --logs ${cfg.logsDir} --spool ${cfg.spoolDir} stop
'';
};
security.pam.services.ejabberd = {};

9
nixos/modules/services/networking/git-daemon.nix
Unescape View File

@ -16,7 +16,7 @@ in
type = types.bool;
default = false;
description = ''
Enable Git daemon, which allows public hosting of git repositories
Enable Git daemon, which allows public hosting of git repositories
without any access controls. This is mostly intended for read-only access.
You can allow write access by setting daemon.receivepack configuration
@ -115,10 +115,9 @@ in
gid = config.ids.gids.git;
};
jobs.gitDaemon = {
name = "git-daemon";
startOn = "ip-up";
exec = "${pkgs.git}/bin/git daemon --reuseaddr "
systemd.services."git-daemon" = {
wantedBy = [ "ip-up.target" ];
script = "${pkgs.git}/bin/git daemon --reuseaddr "
+ (optionalString (cfg.basePath != "") "--base-path=${cfg.basePath} ")
+ (optionalString (cfg.listenAddress != "") "--listen=${cfg.listenAddress} ")
+ "--port=${toString cfg.port} --user=${cfg.user} --group=${cfg.group} ${cfg.options} "

32
nixos/modules/services/networking/gvpe.nix
Unescape View File

@ -37,13 +37,6 @@ let
'';
executable = true;
});
exec = "${pkgs.gvpe}/sbin/gvpe -c /var/gvpe -D ${cfg.nodename} "
+ " ${cfg.nodename}.pid-file=/var/gvpe/gvpe.pid"
+ " ${cfg.nodename}.if-up=if-up"
+ " &> /var/log/gvpe";
inherit (cfg) startOn stopOn;
in
{
@ -55,18 +48,6 @@ in
Whether to run gvpe
'';
};
startOn = mkOption {
default = "started network-interfaces";
description = ''
Condition to start GVPE
'';
};
stopOn = mkOption {
default = "stopping network-interfaces";
description = ''
Condition to stop GVPE
'';
};
nodename = mkOption {
default = null;
description =''
@ -122,10 +103,10 @@ in
};
};
config = mkIf cfg.enable {
jobs.gvpe = {
systemd.services.gvpe = {
description = "GNU Virtual Private Ethernet node";
inherit startOn stopOn;
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p /var/gvpe
@ -136,9 +117,12 @@ in
cp ${ifupScript} /var/gvpe/if-up
'';
inherit exec;
script = "${pkgs.gvpe}/sbin/gvpe -c /var/gvpe -D ${cfg.nodename} "
+ " ${cfg.nodename}.pid-file=/var/gvpe/gvpe.pid"
+ " ${cfg.nodename}.if-up=if-up"
+ " &> /var/log/gvpe";
respawn = true;
serviceConfig.Restart = "always";
};
};
}

26
nixos/modules/services/networking/ifplugd.nix
Unescape View File

@ -66,23 +66,17 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.ifplugd =
{ description = "Network interface connectivity monitor";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
exec =
''
${ifplugd}/sbin/ifplugd --no-daemon --no-startup --no-shutdown \
${if config.networking.interfaceMonitor.beep then "" else "--no-beep"} \
--run ${plugScript}
'';
};
systemd.services.ifplugd = {
description = "Network interface connectivity monitor";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = ''
${ifplugd}/sbin/ifplugd --no-daemon --no-startup --no-shutdown \
${if config.networking.interfaceMonitor.beep then "" else "--no-beep"} \
--run ${plugScript}
'';
};
environment.systemPackages = [ ifplugd ];
};
}

18
nixos/modules/services/networking/ircd-hybrid/default.nix
Unescape View File

@ -121,17 +121,11 @@ in
users.extraGroups.ircd.gid = config.ids.gids.ircd;
jobs.ircd_hybrid =
{ name = "ircd-hybrid";
description = "IRCD Hybrid server";
startOn = "started networking";
stopOn = "stopping networking";
exec = "${ircdService}/bin/control start";
};
systemd.services."ircd-hybrid" = {
description = "IRCD Hybrid server";
after = [ "started networking" ];
wantedBy = [ "multi-user.target" ];
script = "${ircdService}/bin/control start";
};
};
}

17
nixos/modules/services/networking/oidentd.nix
Unescape View File

@ -20,18 +20,17 @@ with lib;
};
###### implementation
config = mkIf config.services.oidentd.enable {
jobs.oidentd =
{ startOn = "started network-interfaces";
daemonType = "fork";
exec = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" +
optionalString config.networking.enableIPv6 " -a ::"
;
};
systemd.services.oidentd = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "forking";
script = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" +
optionalString config.networking.enableIPv6 " -a ::";
};
users.extraUsers.oidentd = {
description = "Ident Protocol daemon user";

48
nixos/modules/services/networking/openfire.nix
Unescape View File

@ -2,17 +2,7 @@
with lib;
let
inherit (pkgs) jre openfire coreutils which gnugrep gawk gnused;
extraStartDependency =
if config.services.openfire.usePostgreSQL then "and started postgresql" else "";
in
{
###### interface
options = {
@ -47,26 +37,24 @@ in
message = "OpenFire assertion failed.";
};
jobs.openfire =
{ description = "OpenFire XMPP server";
startOn = "started networking ${extraStartDependency}";
script =
''
export PATH=${jre}/bin:${openfire}/bin:${coreutils}/bin:${which}/bin:${gnugrep}/bin:${gawk}/bin:${gnused}/bin
export HOME=/tmp
mkdir /var/log/openfire || true
mkdir /etc/openfire || true
for i in ${openfire}/conf.inst/*; do
if ! test -f /etc/openfire/$(basename $i); then
cp $i /etc/openfire/
fi
done
openfire start
''; # */
};
systemd.services.openfire = {
description = "OpenFire XMPP server";
wantedBy = [ "multi-user.target" ];
after = [ "networking.target" ] ++
optional config.services.openfire.usePostgreSQL "postgresql.service";
path = with pkgs; [ jre openfire coreutils which gnugrep gawk gnused ];
script = ''
export HOME=/tmp
mkdir /var/log/openfire || true
mkdir /etc/openfire || true
for i in ${openfire}/conf.inst/*; do
if ! test -f /etc/openfire/$(basename $i); then
cp $i /etc/openfire/
fi
done
openfire start
''; # */
};
};
}

25
nixos/modules/services/networking/prayer.nix
Unescape View File

@ -83,21 +83,14 @@ in
gid = config.ids.gids.prayer;
};
jobs.prayer =
{ name = "prayer";
startOn = "startup";
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${prayerUser}.${prayerGroup} ${stateDir}
'';
daemonType = "daemon";
exec = "${prayer}/sbin/prayer --config-file=${prayerCfg}";
};
systemd.services.prayer = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "forking";
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${prayerUser}.${prayerGroup} ${stateDir}
'';
script = "${prayer}/sbin/prayer --config-file=${prayerCfg}";
};
};
}

12
nixos/modules/services/networking/radicale.nix
Unescape View File

@ -33,16 +33,14 @@ in
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.pythonPackages.radicale ];
jobs.radicale = {
systemd.services.radicale = {
description = "A Simple Calendar and Contact Server";
startOn = "started network-interfaces";
exec = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d";
daemonType = "fork";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d";
serviceConfig.Type = "forking";
};
};
}

6
nixos/modules/services/networking/softether.nix
Unescape View File

@ -61,9 +61,10 @@ in
dataDir = cfg.dataDir;
}))
];
jobs.softether = {
systemd.services.softether = {
description = "SoftEther VPN services initial job";
startOn = "started network-interfaces";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
for d in vpnserver vpnbridge vpnclient vpncmd; do
if ! test -e ${cfg.dataDir}/$d; then
@ -74,7 +75,6 @@ in
rm -rf ${cfg.dataDir}/vpncmd/vpncmd
ln -s ${pkg}${cfg.dataDir}/vpncmd/vpncmd ${cfg.dataDir}/vpncmd/vpncmd
'';
exec = "true";
};
}

106
nixos/modules/services/networking/ssh/lshd.nix
Unescape View File

@ -117,62 +117,60 @@ in
services.lshd.subsystems = [ ["sftp" "${pkgs.lsh}/sbin/sftp-server"] ];
jobs.lshd =
{ description = "GNU lshd SSH2 daemon";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
environment =
{ LD_LIBRARY_PATH = config.system.nssModules.path; };
preStart =
''
test -d /etc/lsh || mkdir -m 0755 -p /etc/lsh
test -d /var/spool/lsh || mkdir -m 0755 -p /var/spool/lsh
if ! test -f /var/spool/lsh/yarrow-seed-file
then
# XXX: It would be nice to provide feedback to the
# user when this fails, so that they can retry it
# manually.
${lsh}/bin/lsh-make-seed --sloppy \
-o /var/spool/lsh/yarrow-seed-file
fi
if ! test -f "${cfg.hostKey}"
then
${lsh}/bin/lsh-keygen --server | \
${lsh}/bin/lsh-writekey --server -o "${cfg.hostKey}"
fi
'';
exec = with cfg;
''
${lsh}/sbin/lshd --daemonic \
--password-helper="${lsh}/sbin/lsh-pam-checkpw" \
-p ${toString portNumber} \
${if interfaces == [] then ""
else (concatStrings (map (i: "--interface=\"${i}\"")
interfaces))} \
-h "${hostKey}" \
${if !syslog then "--no-syslog" else ""} \
${if passwordAuthentication then "--password" else "--no-password" } \
${if publicKeyAuthentication then "--publickey" else "--no-publickey" } \
${if rootLogin then "--root-login" else "--no-root-login" } \
${if loginShell != null then "--login-shell=\"${loginShell}\"" else "" } \
${if srpKeyExchange then "--srp-keyexchange" else "--no-srp-keyexchange" } \
${if !tcpForwarding then "--no-tcpip-forward" else "--tcpip-forward"} \
${if x11Forwarding then "--x11-forward" else "--no-x11-forward" } \
--subsystems=${concatStringsSep ","
(map (pair: (head pair) + "=" +
(head (tail pair)))
subsystems)}
'';
systemd.services.lshd = {
description = "GNU lshd SSH2 daemon";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
LD_LIBRARY_PATH = config.system.nssModules.path;
};
security.pam.services.lshd = {};
preStart = ''
test -d /etc/lsh || mkdir -m 0755 -p /etc/lsh
test -d /var/spool/lsh || mkdir -m 0755 -p /var/spool/lsh
if ! test -f /var/spool/lsh/yarrow-seed-file
then
# XXX: It would be nice to provide feedback to the
# user when this fails, so that they can retry it
# manually.
${lsh}/bin/lsh-make-seed --sloppy \
-o /var/spool/lsh/yarrow-seed-file
fi
if ! test -f "${cfg.hostKey}"
then
${lsh}/bin/lsh-keygen --server | \
${lsh}/bin/lsh-writekey --server -o "${cfg.hostKey}"
fi
'';
script = with cfg; ''
${lsh}/sbin/lshd --daemonic \
--password-helper="${lsh}/sbin/lsh-pam-checkpw" \
-p ${toString portNumber} \
${if interfaces == [] then ""
else (concatStrings (map (i: "--interface=\"${i}\"")
interfaces))} \
-h "${hostKey}" \
${if !syslog then "--no-syslog" else ""} \
${if passwordAuthentication then "--password" else "--no-password" } \
${if publicKeyAuthentication then "--publickey" else "--no-publickey" } \
${if rootLogin then "--root-login" else "--no-root-login" } \
${if loginShell != null then "--login-shell=\"${loginShell}\"" else "" } \
${if srpKeyExchange then "--srp-keyexchange" else "--no-srp-keyexchange" } \
${if !tcpForwarding then "--no-tcpip-forward" else "--tcpip-forward"} \
${if x11Forwarding then "--x11-forward" else "--no-x11-forward" } \
--subsystems=${concatStringsSep ","
(map (pair: (head pair) + "=" +
(head (tail pair)))
subsystems)}
'';
};
security.pam.services.lshd = {};
};
}

8
nixos/modules/services/networking/tcpcrypt.nix
Unescape View File

@ -35,11 +35,11 @@ in
description = "tcpcrypt daemon user";
};
jobs.tcpcrypt = {
systemd.services.tcpcrypt = {
description = "tcpcrypt";
wantedBy = ["multi-user.target"];
after = ["network-interfaces.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
@ -58,7 +58,7 @@ in
iptables -t mangle -I POSTROUTING -j nixos-tcpcrypt
'';
exec = "tcpcryptd -x 0x10";
script = "tcpcryptd -x 0x10";
postStop = ''
if [ -f /run/pre-tcpcrypt-ecn-state ]; then

14
nixos/modules/services/networking/wicd.nix
Unescape View File

@ -25,17 +25,13 @@ with lib;
environment.systemPackages = [pkgs.wicd];
jobs.wicd =
{ startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
script =
"${pkgs.wicd}/sbin/wicd -f";
};
systemd.services.wicd = {
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
script = "${pkgs.wicd}/sbin/wicd -f";
};
services.dbus.enable = true;
services.dbus.packages = [pkgs.wicd];
};
}

22
nixos/modules/services/networking/xinetd.nix
Unescape View File

@ -6,8 +6,6 @@ let
cfg = config.services.xinetd;
inherit (pkgs) xinetd;
configFile = pkgs.writeText "xinetd.conf"
''
defaults
@ -141,18 +139,12 @@ in
###### implementation
config = mkIf cfg.enable {
jobs.xinetd =
{ description = "xinetd server";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
path = [ xinetd ];
exec = "xinetd -syslog daemon -dontfork -stayalive -f ${configFile}";
};
systemd.services.xinetd = {
description = "xinetd server";
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.xinetd ];
script = "xinetd -syslog daemon -dontfork -stayalive -f ${configFile}";
};
};
}

84
nixos/modules/services/scheduling/atd.nix
Unescape View File

@ -66,49 +66,47 @@ in
gid = config.ids.gids.atd;
};
jobs.atd =
{ description = "Job Execution Daemon (atd)";
startOn = "stopped udevtrigger";
path = [ at ];
preStart =
''
# Snippets taken and adapted from the original `install' rule of
# the makefile.
# We assume these values are those actually used in Nixpkgs for
# `at'.
spooldir=/var/spool/atspool
jobdir=/var/spool/atjobs
etcdir=/etc/at
for dir in "$spooldir" "$jobdir" "$etcdir"; do
if [ ! -d "$dir" ]; then
mkdir -p "$dir"
chown atd:atd "$dir"
fi
done
chmod 1770 "$spooldir" "$jobdir"
${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
if [ ! -f "$etcdir"/at.deny ]; then
touch "$etcdir"/at.deny
chown root:atd "$etcdir"/at.deny
chmod 640 "$etcdir"/at.deny
fi
if [ ! -f "$jobdir"/.SEQ ]; then
touch "$jobdir"/.SEQ
chown atd:atd "$jobdir"/.SEQ
chmod 600 "$jobdir"/.SEQ
fi
'';
exec = "atd";
daemonType = "fork";
};
systemd.services.atd = {
description = "Job Execution Daemon (atd)";
after = [ "systemd-udev-settle.service" ];
wants = [ "systemd-udev-settle.service" ];
wantedBy = [ "multi-user.target" ];
path = [ at ];
preStart = ''
# Snippets taken and adapted from the original `install' rule of
# the makefile.
# We assume these values are those actually used in Nixpkgs for
# `at'.
spooldir=/var/spool/atspool
jobdir=/var/spool/atjobs
etcdir=/etc/at
for dir in "$spooldir" "$jobdir" "$etcdir"; do
if [ ! -d "$dir" ]; then
mkdir -p "$dir"
chown atd:atd "$dir"
fi
done
chmod 1770 "$spooldir" "$jobdir"
${if cfg.allowEveryone then ''chmod a+rwxt "$spooldir" "$jobdir" '' else ""}
if [ ! -f "$etcdir"/at.deny ]; then
touch "$etcdir"/at.deny
chown root:atd "$etcdir"/at.deny
chmod 640 "$etcdir"/at.deny
fi
if [ ! -f "$jobdir"/.SEQ ]; then
touch "$jobdir"/.SEQ
chown atd:atd "$jobdir"/.SEQ
chmod 600 "$jobdir"/.SEQ
fi
'';
};
script = "atd";
serviceConfig.Type = "forking";
};
};
}

38
nixos/modules/services/scheduling/fcron.nix
Unescape View File

@ -108,29 +108,25 @@ in
security.setuidPrograms = [ "fcrontab" ];
jobs.fcron =
{ description = "fcron daemon";
startOn = "startup";
after = [ "local-fs.target" ];
environment =
{ PATH = "/run/current-system/sw/bin";
};
preStart =
''
${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/spool/fcron
# load system crontab file
${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab}
'';
systemd.services.fcron = {
description = "fcron daemon";
after = [ "local-fs.target" ];
wantedBy = [ "multi-user.target" ];
# FIXME use specific path
environment = {
PATH = "/run/current-system/sw/bin";
};
daemonType = "fork";
preStart = ''
${pkgs.coreutils}/bin/mkdir -m 0700 -p /var/spool/fcron
# load system crontab file
${pkgs.fcron}/bin/fcrontab -u systab ${pkgs.writeText "systab" cfg.systab}
'';
exec = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}";
};
serviceConfig.Type = "forking";
script = "${pkgs.fcron}/sbin/fcron -m ${toString cfg.maxSerialJobs} ${queuelen}";
};
};
}

32
nixos/modules/services/security/fprot.nix
Unescape View File

@ -67,24 +67,22 @@ in {
services.cron.systemCronJobs = [ "*/${toString cfg.updater.frequency} * * * * root start fprot-updater" ];
jobs = {
fprot_updater = {
name = "fprot-updater";
task = true;
# have to copy fpupdate executable because it insists on storing the virus database in the same dir
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fprotUser}:${fprotGroup} ${stateDir}
cp ${pkgs.fprot}/opt/f-prot/fpupdate ${stateDir}
ln -sf ${cfg.updater.productData} ${stateDir}/product.data
'';
#setuid = fprotUser;
#setgid = fprotGroup;
exec = "/var/lib/fprot/fpupdate --keyfile ${cfg.updater.licenseKeyfile}";
systemd.services."fprot-updater" = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = false;
};
};
wantedBy = [ "multi-user.target" ];
};
# have to copy fpupdate executable because it insists on storing the virus database in the same dir
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${fprotUser}:${fprotGroup} ${stateDir}
cp ${pkgs.fprot}/opt/f-prot/fpupdate ${stateDir}
ln -sf ${cfg.updater.productData} ${stateDir}/product.data
'';
script = "/var/lib/fprot/fpupdate --keyfile ${cfg.updater.licenseKeyfile}";
};
};
}

33
nixos/modules/services/system/kerberos.nix
Unescape View File

@ -45,27 +45,20 @@ in
serverArgs = "${pkgs.heimdal}/sbin/kadmind";
};
jobs.kdc =
{ description = "Kerberos Domain Controller daemon";
startOn = "ip-up";
preStart =
''
mkdir -m 0755 -p ${stateDir}
'';
exec = "${heimdal}/sbin/kdc";
};
jobs.kpasswdd =
{ description = "Kerberos Domain Controller daemon";
startOn = "ip-up";
systemd.services.kdc = {
description = "Kerberos Domain Controller daemon";
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -m 0755 -p ${stateDir}
'';
script = "${heimdal}/sbin/kdc";
};
exec = "${heimdal}/sbin/kpasswdd";
};
systemd.services.kpasswdd = {
description = "Kerberos Domain Controller daemon";
wantedBy = [ "multi-user.target" ];
script = "${heimdal}/sbin/kpasswdd";
};
};
}

26
nixos/modules/services/system/uptimed.nix
Unescape View File

@ -45,23 +45,21 @@ in
home = stateDir;
};
jobs.uptimed =
{ description = "Uptimed daemon";
systemd.services.uptimed = {
description = "Uptimed daemon";
wantedBy = [ "multi-user.target" ];
startOn = "startup";
preStart = ''
mkdir -m 0755 -p ${stateDir}
chown ${uptimedUser} ${stateDir}
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown ${uptimedUser} ${stateDir}
if ! test -f ${stateDir}/bootid ; then
${uptimed}/sbin/uptimed -b
fi
'';
if ! test -f ${stateDir}/bootid ; then
${uptimed}/sbin/uptimed -b
fi
'';
exec = "${uptimed}/sbin/uptimed";
};
script = "${uptimed}/sbin/uptimed";
};
};

13
nixos/modules/services/web-servers/jboss/default.nix
Unescape View File

@ -71,13 +71,10 @@ in
###### implementation
config = mkIf config.services.jboss.enable {
jobs.jboss =
{ description = "JBoss server";
exec = "${jbossService}/bin/control start";
};
systemd.services.jboss = {
description = "JBoss server";
script = "${jbossService}/bin/control start";
wantedBy = [ "multi-user.target" ];
};
};
}

390
nixos/modules/services/web-servers/tomcat.nix
Unescape View File

@ -127,124 +127,205 @@ in
extraGroups = cfg.extraGroups;
};
jobs.tomcat =
{ description = "Apache Tomcat server";
startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
daemonType = "daemon";
preStart =
''
# Create the base directory
mkdir -p ${cfg.baseDir}
# Create a symlink to the bin directory of the tomcat component
ln -sfn ${tomcat}/bin ${cfg.baseDir}/bin
# Create a conf/ directory
mkdir -p ${cfg.baseDir}/conf
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/conf
# Symlink the config files in the conf/ directory (except for catalina.properties and server.xml)
for i in $(ls ${tomcat}/conf | grep -v catalina.properties | grep -v server.xml)
do
ln -sfn ${tomcat}/conf/$i ${cfg.baseDir}/conf/`basename $i`
done
systemd.services.tomcat = {
description = "Apache Tomcat server";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
serviceConfig.Type = "daemon";
preStart = ''
# Create the base directory
mkdir -p ${cfg.baseDir}
# Create a symlink to the bin directory of the tomcat component
ln -sfn ${tomcat}/bin ${cfg.baseDir}/bin
# Create a conf/ directory
mkdir -p ${cfg.baseDir}/conf
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/conf
# Symlink the config files in the conf/ directory (except for catalina.properties and server.xml)
for i in $(ls ${tomcat}/conf | grep -v catalina.properties | grep -v server.xml)
do
ln -sfn ${tomcat}/conf/$i ${cfg.baseDir}/conf/`basename $i`
done
# Create subdirectory for virtual hosts
mkdir -p ${cfg.baseDir}/virtualhosts
# Create a modified catalina.properties file
# Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries
sed -e 's|''${catalina.home}|''${catalina.base}|g' \
-e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \
${tomcat}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties
# Create a modified server.xml which also includes all virtual hosts
sed -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\ ${
toString (map (virtualHost: ''<Host name=\"${virtualHost.name}\" appBase=\"virtualhosts/${virtualHost.name}/webapps\" unpackWARs=\"true\" autoDeploy=\"true\" xmlValidation=\"false\" xmlNamespaceAware=\"false\" >${if cfg.logPerVirtualHost then ''<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"logs/${virtualHost.name}\" prefix=\"${virtualHost.name}_access_log.\" pattern=\"combined\" resolveHosts=\"false\"/>'' else ""}</Host>'') cfg.virtualHosts)}" \
${tomcat}/conf/server.xml > ${cfg.baseDir}/conf/server.xml
# Create a logs/ directory
mkdir -p ${cfg.baseDir}/logs
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs
${if cfg.logPerVirtualHost then
toString (map (h: ''
mkdir -p ${cfg.baseDir}/logs/${h.name}
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name}
'') cfg.virtualHosts) else ''''}
# Create a temp/ directory
mkdir -p ${cfg.baseDir}/temp
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/temp
# Create a lib/ directory
mkdir -p ${cfg.baseDir}/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/lib
# Create a shared/lib directory
mkdir -p ${cfg.baseDir}/shared/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/shared/lib
# Create a webapps/ directory
mkdir -p ${cfg.baseDir}/webapps
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps
# Symlink all the given common libs files or paths into the lib/ directory
for i in ${tomcat} ${toString cfg.commonLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/lib/*
do
ln -sfn $j ${cfg.baseDir}/lib/`basename $j`
done
fi
done
# Symlink all the given shared libs files or paths into the shared/lib/ directory
for i in ${toString cfg.sharedLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/shared/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/shared/lib/*
do
ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j`
done
fi
done
# Symlink all the given web applications files or paths into the webapps/ directory
for i in ${toString cfg.webapps}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/webapps/`basename $j`
done
# Create subdirectory for virtual hosts
mkdir -p ${cfg.baseDir}/virtualhosts
# Create a modified catalina.properties file
# Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries
sed -e 's|''${catalina.home}|''${catalina.base}|g' \
-e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \
${tomcat}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties
# Create a modified server.xml which also includes all virtual hosts
sed -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\ ${
toString (map (virtualHost: ''<Host name=\"${virtualHost.name}\" appBase=\"virtualhosts/${virtualHost.name}/webapps\" unpackWARs=\"true\" autoDeploy=\"true\" xmlValidation=\"false\" xmlNamespaceAware=\"false\" >${if cfg.logPerVirtualHost then ''<Valve className=\"org.apache.catalina.valves.AccessLogValve\" directory=\"logs/${virtualHost.name}\" prefix=\"${virtualHost.name}_access_log.\" pattern=\"combined\" resolveHosts=\"false\"/>'' else ""}</Host>'') cfg.virtualHosts)}" \
${tomcat}/conf/server.xml > ${cfg.baseDir}/conf/server.xml
# Create a logs/ directory
mkdir -p ${cfg.baseDir}/logs
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs
${if cfg.logPerVirtualHost then
toString (map (h: ''
mkdir -p ${cfg.baseDir}/logs/${h.name}
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name}
'') cfg.virtualHosts) else ''''}
# Create a temp/ directory
mkdir -p ${cfg.baseDir}/temp
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/temp
# Create a lib/ directory
mkdir -p ${cfg.baseDir}/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/lib
# Create a shared/lib directory
mkdir -p ${cfg.baseDir}/shared/lib
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/shared/lib
# Create a webapps/ directory
mkdir -p ${cfg.baseDir}/webapps
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps
# Symlink all the given common libs files or paths into the lib/ directory
for i in ${tomcat} ${toString cfg.commonLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/lib/`basename $i`
elif [ -d $i ]
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/lib/*
for j in $i/conf/Catalina/*
do
ln -sfn $j ${cfg.baseDir}/lib/`basename $j`
mkdir -p ${cfg.baseDir}/conf/Catalina/localhost
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
done
fi
done
${toString (map (virtualHost: ''
# Create webapps directory for the virtual host
mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Modify ownership
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Symlink all the given web applications files or paths into the webapps/ directory
# of this virtual host
for i in "${if virtualHost ? webapps then toString virtualHost.webapps else ""}"
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/${virtualHost.name}
ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j`
done
fi
fi
done
# Symlink all the given shared libs files or paths into the shared/lib/ directory
for i in ${toString cfg.sharedLibs}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the common/lib/ directory
ln -sfn $i ${cfg.baseDir}/shared/lib/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
''
) cfg.virtualHosts) }
for j in $i/shared/lib/*
do
ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j`
done
fi
done
# Create a work/ directory
mkdir -p ${cfg.baseDir}/work
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/work
${if cfg.axis2.enable then
''
# Copy the Axis2 web application
cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps
# Turn off addressing, which causes many errors
sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml
# Symlink all the given web applications files or paths into the webapps/ directory
for i in ${toString cfg.webapps}
# Modify permissions on the Axis2 application
chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2
# Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory
for i in ${toString cfg.axis2.services}
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/webapps/`basename $i`
# If the given web service is a file, symlink it into the webapps/axis2/WEB-INF/services
ln -sfn $i ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
for j in $i/webapps/axis2/WEB-INF/services/*
do
ln -sfn $j ${cfg.baseDir}/webapps/`basename $j`
ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j`
done
# Also symlink the configuration files if they are included
@ -252,110 +333,25 @@ in
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/localhost
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
fi
done
''
else ""}
'';
${toString (map (virtualHost: ''
# Create webapps directory for the virtual host
mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Modify ownership
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
# Symlink all the given web applications files or paths into the webapps/ directory
# of this virtual host
for i in "${if virtualHost ? webapps then toString virtualHost.webapps else ""}"
do
if [ -f $i ]
then
# If the given web application is a file, symlink it into the webapps/ directory
ln -sfn $i ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/*
do
ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
mkdir -p ${cfg.baseDir}/conf/Catalina/${virtualHost.name}
ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j`
done
fi
fi
done
''
) cfg.virtualHosts) }
# Create a work/ directory
mkdir -p ${cfg.baseDir}/work
chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/work
${if cfg.axis2.enable then
''
# Copy the Axis2 web application
cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps
script = ''
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${tomcat}/bin/startup.sh'
'';
# Turn off addressing, which causes many errors
sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml
postStop = ''
echo "Stopping tomcat..."
CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c ${tomcat}/bin/shutdown.sh
'';
# Modify permissions on the Axis2 application
chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2
# Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory
for i in ${toString cfg.axis2.services}
do
if [ -f $i ]
then
# If the given web service is a file, symlink it into the webapps/axis2/WEB-INF/services
ln -sfn $i ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $i`
elif [ -d $i ]
then
# If the given web application is a directory, then iterate over the files
# in the special purpose directories and symlink them into the tomcat tree
for j in $i/webapps/axis2/WEB-INF/services/*
do
ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j`
done
# Also symlink the configuration files if they are included
if [ -d $i/conf/Catalina ]
then
for j in $i/conf/Catalina/*
do
ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
done
fi
fi
done
''
else ""}
'';
script = ''
${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${tomcat}/bin/startup.sh'
'';
postStop =
''
echo "Stopping tomcat..."
CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${cfg.jdk} ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c ${tomcat}/bin/shutdown.sh
'';
};
};
};

17
nixos/modules/services/x11/xfs.nix
Unescape View File

@ -30,20 +30,17 @@ in
###### implementation
config = mkIf config.services.xfs.enable {
assertions = singleton
{ assertion = config.fonts.enableFontDir;
message = "Please enable fonts.enableFontDir to use the X Font Server.";
};
jobs.xfs =
{ description = "X Font Server";
startOn = "started networking";
exec = "${pkgs.xorg.xfs}/bin/xfs -config ${configFile}";
};
systemd.services.xfs = {
description = "X Font Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.xorg.xfs ];
script = "xfs -config ${configFile}";
};
};
}

290
nixos/modules/system/upstart/upstart.nix
Unescape View File

@ -1,290 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
with import ../boot/systemd-unit-options.nix { inherit config lib; };
let
userExists = u:
(u == "") || any (uu: uu.name == u) (attrValues config.users.extraUsers);
groupExists = g:
(g == "") || any (gg: gg.name == g) (attrValues config.users.extraGroups);
makeJobScript = name: content: "${pkgs.writeScriptBin name content}/bin/${name}";
# From a job description, generate an systemd unit file.
makeUnit = job:
let
hasMain = job.script != "" || job.exec != "";
env = job.environment;
preStartScript = makeJobScript "${job.name}-pre-start"
''
#! ${pkgs.stdenv.shell} -e
${job.preStart}
'';
startScript = makeJobScript "${job.name}-start"
''
#! ${pkgs.stdenv.shell} -e
${if job.script != "" then job.script else ''
exec ${job.exec}
''}
'';
postStartScript = makeJobScript "${job.name}-post-start"
''
#! ${pkgs.stdenv.shell} -e
${job.postStart}
'';
preStopScript = makeJobScript "${job.name}-pre-stop"
''
#! ${pkgs.stdenv.shell} -e
${job.preStop}
'';
postStopScript = makeJobScript "${job.name}-post-stop"
''
#! ${pkgs.stdenv.shell} -e
${job.postStop}
'';
in {
inherit (job) description requires before partOf environment path restartIfChanged unitConfig;
after =
(if job.startOn == "stopped udevtrigger" then [ "systemd-udev-settle.service" ] else
if job.startOn == "started udev" then [ "systemd-udev.service" ] else
if job.startOn == "started network-interfaces" then [ "network-interfaces.target" ] else
if job.startOn == "started networking" then [ "network.target" ] else
if job.startOn == "ip-up" then [] else
if job.startOn == "" || job.startOn == "startup" then [] else
builtins.trace "Warning: job ${job.name} has unknown startOn value ${job.startOn}." []
) ++ job.after;
wants =
(if job.startOn == "stopped udevtrigger" then [ "systemd-udev-settle.service" ] else []
) ++ job.wants;
wantedBy =
(if job.startOn == "" then [] else
if job.startOn == "ip-up" then [ "ip-up.target" ] else
[ "multi-user.target" ]) ++ job.wantedBy;
serviceConfig =
job.serviceConfig
// optionalAttrs (job.preStart != "" && (job.script != "" || job.exec != ""))
{ ExecStartPre = preStartScript; }
// optionalAttrs (job.preStart != "" && job.script == "" && job.exec == "")
{ ExecStart = preStartScript; }
// optionalAttrs (job.script != "" || job.exec != "")
{ ExecStart = startScript; }
// optionalAttrs (job.postStart != "")
{ ExecStartPost = postStartScript; }
// optionalAttrs (job.preStop != "")
{ ExecStop = preStopScript; }
// optionalAttrs (job.postStop != "")
{ ExecStopPost = postStopScript; }
// (if job.script == "" && job.exec == "" then { Type = "oneshot"; RemainAfterExit = true; } else
if job.daemonType == "fork" || job.daemonType == "daemon" then { Type = "forking"; GuessMainPID = true; } else
if job.daemonType == "none" then { } else
throw "invalid daemon type `${job.daemonType}'")
// optionalAttrs (!job.task && !(job.script == "" && job.exec == "") && job.respawn)
{ Restart = "always"; }
// optionalAttrs job.task
{ Type = "oneshot"; RemainAfterExit = false; };
};
jobOptions = serviceOptions // {
name = mkOption {
# !!! The type should ensure that this could be a filename.
type = types.str;
example = "sshd";
description = ''
Name of the job, mapped to the systemd unit
<literal><replaceable>name</replaceable>.service</literal>.
'';
};
startOn = mkOption {
#type = types.str;
default = "";
description = ''
The Upstart event that triggers this job to be started. Some
are mapped to systemd dependencies; otherwise you will get a
warning. If empty, the job will not start automatically.
'';
};
stopOn = mkOption {
type = types.str;
default = "starting shutdown";
description = ''
Ignored; this was the Upstart event that triggers this job to be stopped.
'';
};
postStart = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed after the job is started (i.e. after
the job's main process is started), but before the job is
considered running.
'';
};
preStop = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed before the job is stopped
(i.e. before systemd kills the job's main process). This can
be used to cleanly shut down a daemon.
'';
};
postStop = mkOption {
type = types.lines;
default = "";
description = ''
Shell commands executed after the job has stopped
(i.e. after the job's main process has terminated).
'';
};
exec = mkOption {
type = types.str;
default = "";
description = ''
Command to start the job's main process. If empty, the
job has no main process, but can still have pre/post-start
and pre/post-stop scripts, and is considered running
until it is stopped.
'';
};
respawn = mkOption {
type = types.bool;
default = true;
description = ''
Whether to restart the job automatically if its process
ends unexpectedly.
'';
};
task = mkOption {
type = types.bool;
default = false;
description = ''
Whether this job is a task rather than a service. Tasks
are executed only once, while services are restarted when
they exit.
'';
};
daemonType = mkOption {
type = types.str;
default = "none";
description = ''
Determines how systemd detects when a daemon should be
considered running. The value <literal>none</literal> means
that the daemon is considered ready immediately. The value
<literal>fork</literal> means that the daemon will fork once.
The value <literal>daemon</literal> means that the daemon will
fork twice. The value <literal>stop</literal> means that the
daemon will raise the SIGSTOP signal to indicate readiness.
'';
};
setuid = mkOption {
type = types.addCheck types.str userExists;
default = "";
description = ''
Run the daemon as a different user.
'';
};
setgid = mkOption {
type = types.addCheck types.str groupExists;
default = "";
description = ''
Run the daemon as a different group.
'';
};
path = mkOption {
default = [];
description = ''
Packages added to the job's <envar>PATH</envar> environment variable.
Both the <filename>bin</filename> and <filename>sbin</filename>
subdirectories of each package are added.
'';
};
};
upstartJob = { name, config, ... }: {
options = {
unit = mkOption {
default = makeUnit config;
description = "Generated definition of the systemd unit corresponding to this job.";
};
};
config = {
# The default name is the name extracted from the attribute path.
name = mkDefault name;
};
};
in
{
###### interface
options = {
jobs = mkOption {
default = {};
description = ''
This option is a legacy method to define system services,
dating from the era where NixOS used Upstart instead of
systemd. You should use <option>systemd.services</option>
instead. Services defined using <option>jobs</option> are
mapped automatically to <option>systemd.services</option>, but
may not work perfectly; in particular, most
<option>startOn</option> conditions are not supported.
'';
type = types.loaOf types.optionSet;
options = [ jobOptions upstartJob ];
};
};
###### implementation
config = {
systemd.services =
flip mapAttrs' config.jobs (name: job:
nameValuePair job.name job.unit);
};
}

8
nixos/modules/tasks/filesystems/btrfs.nix
Unescape View File

@ -31,13 +31,5 @@ in
''
btrfs device scan
'';
# !!! This is broken. There should be a udev rule to do this when
# new devices are discovered.
jobs.udev.postStart =
''
${pkgs.btrfs-progs}/bin/btrfs device scan
'';
};
}

40
nixos/modules/virtualisation/libvirtd.nix
Unescape View File

@ -166,33 +166,33 @@ in
'';
};
jobs."libvirt-guests" =
{ description = "Libvirt Virtual Machines";
systemd.services."libvirt-guests" = {
description = "Libvirt Virtual Machines";
wantedBy = [ "multi-user.target" ];
wants = [ "libvirtd.service" ];
after = [ "libvirtd.service" ];
wantedBy = [ "multi-user.target" ];
wants = [ "libvirtd.service" ];
after = [ "libvirtd.service" ];
restartIfChanged = false;
restartIfChanged = false;
path = [ pkgs.gettext pkgs.libvirt pkgs.gawk ];
path = with pkgs; [ gettext libvirt gawk ];
preStart =
''
mkdir -p /var/lock/subsys -m 755
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests start || true
'';
preStart = ''
mkdir -p /var/lock/subsys -m 755
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests start || true
'';
postStop =
''
export PATH=${pkgs.gettext}/bin:$PATH
export ON_SHUTDOWN=${cfg.onShutdown}
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests stop
'';
postStop = ''
export PATH=${pkgs.gettext}/bin:$PATH
export ON_SHUTDOWN=${cfg.onShutdown}
${pkgs.libvirt}/etc/rc.d/init.d/libvirt-guests stop
'';
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
};
users.extraGroups.libvirtd.gid = config.ids.gids.libvirtd;

6
nixos/tests/quake3.nix
Unescape View File

@ -34,9 +34,9 @@ rec {
{ server =
{ config, pkgs, ... }:
{ jobs."quake3-server" =
{ startOn = "startup";
exec =
{ systemd.services."quake3-server" =
{ wantedBy = [ "multi-user.target" ];
script =
"${pkgs.quake3demo}/bin/quake3-server '+set g_gametype 0' " +
"'+map q3dm7' '+addbot grunt' '+addbot daemia' 2> /tmp/log";
};

Write Preview
Loading…
Cancel
Save