generate ccnet.conf
This commit is contained in:
parent
1f4e3b5c7f
commit
3429d2ea63
|
|
@ -4,6 +4,8 @@ let
|
||||||
cfg = config.services.seafile-server;
|
cfg = config.services.seafile-server;
|
||||||
seafileConfigFile = pkgs.writeText "seafile.conf"
|
seafileConfigFile = pkgs.writeText "seafile.conf"
|
||||||
(generators.toINI {} cfg.seafileSettings);
|
(generators.toINI {} cfg.seafileSettings);
|
||||||
|
ccnetConfigFile = pkgs.writeText "ccnet.conf"
|
||||||
|
(generators.toINI {} cfg.ccnetSettings);
|
||||||
# fix permissions at start
|
# fix permissions at start
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
@ -14,6 +16,13 @@ in
|
||||||
default = "/srv/seafile";
|
default = "/srv/seafile";
|
||||||
description = "where to store uploaded file data";
|
description = "where to store uploaded file data";
|
||||||
};
|
};
|
||||||
|
ccnetSettings = mkOption {
|
||||||
|
type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
|
||||||
|
default = {};
|
||||||
|
description = ''
|
||||||
|
all possible ccnet.conf settings
|
||||||
|
'';
|
||||||
|
};
|
||||||
seafileSettings = mkOption {
|
seafileSettings = mkOption {
|
||||||
type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
|
type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
|
||||||
default = {};
|
default = {};
|
||||||
|
|
@ -183,6 +192,25 @@ in
|
||||||
directoriesToManage = [ cfg.storagePath ];
|
directoriesToManage = [ cfg.storagePath ];
|
||||||
in
|
in
|
||||||
mkIf cfg.enable {
|
mkIf cfg.enable {
|
||||||
|
services.seafile-server.ccnetSettings = {
|
||||||
|
# TODO: ID and NAME might be required
|
||||||
|
General.SERVICE_URL="http${if cfg.enableTLS then "s" else ""}://${cfg.domainName}:${toString cfg.externalPort}/";
|
||||||
|
Database = mkMerge [
|
||||||
|
{
|
||||||
|
ENGINE = cfg.db.type;
|
||||||
|
}
|
||||||
|
(mkIf (cfg.db.type == "mysql") {
|
||||||
|
HOST = cfg.db.host;
|
||||||
|
PORT = cfg.db.port;
|
||||||
|
USER = cfg.db.user;
|
||||||
|
CONNECTION_CHARSET = "utf8";
|
||||||
|
DB = cfg.db.dbnameCcnet;
|
||||||
|
password = "#dbpass#";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
services.seafile-server.seafileSettings = {
|
services.seafile-server.seafileSettings = {
|
||||||
library_trash.expire_days = cfg.trashExpirationTime;
|
library_trash.expire_days = cfg.trashExpirationTime;
|
||||||
fileserver = {
|
fileserver = {
|
||||||
|
|
@ -209,7 +237,7 @@ in
|
||||||
port = cfg.db.port;
|
port = cfg.db.port;
|
||||||
user = cfg.db.user;
|
user = cfg.db.user;
|
||||||
connection_charset = "utf8";
|
connection_charset = "utf8";
|
||||||
db_name = cfg.db.dbname;
|
db_name = cfg.db.dbnameSeafile;
|
||||||
max_connections = 100;
|
max_connections = 100;
|
||||||
password = "#dbpass#";
|
password = "#dbpass#";
|
||||||
})
|
})
|
||||||
|
|
@ -220,7 +248,7 @@ in
|
||||||
# state directory permissions managed by systemd
|
# state directory permissions managed by systemd
|
||||||
tmpfiles.rules = [
|
tmpfiles.rules = [
|
||||||
"d ${cfg.storagePath} 0750 ${cfg.user} ${cfg.group} -"
|
"d ${cfg.storagePath} 0750 ${cfg.user} ${cfg.group} -"
|
||||||
"d ${cfg.storagePath}/conf 0750 ${cfg.user} ${cfg.group} -"
|
"d ${cfg.storagePath}/conf 0700 ${cfg.user} ${cfg.group} -"
|
||||||
"d ${cfg.storagePath}/home 0710 ${cfg.user} ${cfg.group} -"
|
"d ${cfg.storagePath}/home 0710 ${cfg.user} ${cfg.group} -"
|
||||||
];
|
];
|
||||||
services.seafile-server = {
|
services.seafile-server = {
|
||||||
|
|
@ -237,38 +265,39 @@ in
|
||||||
''}")
|
''}")
|
||||||
("${pkgs.writeShellScript "seafile-server-preStart-unprivileged" ''
|
("${pkgs.writeShellScript "seafile-server-preStart-unprivileged" ''
|
||||||
# stuff run as seafile user
|
# stuff run as seafile user
|
||||||
set -x
|
set -ex
|
||||||
|
|
||||||
# outside URL
|
|
||||||
SERVICE_URL="http${if cfg.enableTLS then "s" else ""}://${cfg.domainName}:${toString cfg.externalPort}"
|
|
||||||
|
|
||||||
# seafile.conf generation
|
# seafile.conf generation
|
||||||
|
|
||||||
# move seafile.conf template from nix store
|
# move config templates from nix store
|
||||||
|
cp ${ccnetConfigFile} ./conf/ccnet.conf
|
||||||
cp ${seafileConfigFile} ./conf/seafile.conf
|
cp ${seafileConfigFile} ./conf/seafile.conf
|
||||||
# replace placeholder secrets with real secret read from file
|
# replace placeholder secrets with real secret read from file
|
||||||
${if (isNull cfg.db.passwordFile) then ''
|
${if !(isNull cfg.db.passwordFile) then ''
|
||||||
DBPASS="$(head -n1 ${toString cfg.db.passwordFile})"
|
DBPASS="$(head -n1 ${toString cfg.db.passwordFile})"
|
||||||
sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf
|
sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf ./conf/ccnet.conf
|
||||||
''
|
''
|
||||||
else ""
|
else ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# seahub secret key
|
||||||
|
if [ -e .seahubSecret ]; then
|
||||||
|
${pkgs.seafile-server.pythonEnv} ${pkgs.seafile-server}/seahub/tools/secret_key_generator.py > .seahubSecret
|
||||||
|
chmod 400 .seahubSecret
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
pwd
|
# initialise db and other things needed at first run
|
||||||
ln -sf ${pkgs.seafile-server} seafile-server
|
if [ -e .initialised ]; then
|
||||||
${pkgs.seafile-server.pythonEnv}/bin/python seafile-server/setup-seafile-mysql.py auto \
|
#TODO: db initialisation
|
||||||
-n "${cfg.name}" \
|
|
||||||
-i "${cfg.domainName}" \
|
touch .initialised
|
||||||
-p "${toString cfg.fileserverPort}" \
|
fi
|
||||||
-d "${cfg.storagePath}" \
|
|
||||||
-o "${cfg.db.host}" \
|
ln -nsf ${pkgs.seafile-server} seafile-server
|
||||||
-t "${toString cfg.db.dbport}" \
|
|
||||||
-u "${cfg.db.user}" \
|
# for determining update version mismatches
|
||||||
-w "$DBPASS" \
|
cp ${pkgs.seafile-server}/installed_version .
|
||||||
-c "${cfg.db.dbnameCcnet}" \
|
|
||||||
-s "${cfg.db.dbnameSeafile}" \
|
|
||||||
-b "${cfg.db.dbnameSeahub}"
|
|
||||||
''}")
|
''}")
|
||||||
];
|
];
|
||||||
User = cfg.user;
|
User = cfg.user;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue