first draft of seafile-server module + test VM

test vm can be built using
`NIXOS_CONFIG="$(pwd)/seafile-test.nix" nixos-rebuild build-vm --show-trace`
python3
Trolli Schmittlauch 2019-10-09 00:55:35 +02:00
parent 2d8350f62a
commit 764edc371c
2 changed files with 147 additions and 0 deletions

116
mod-seafile-server.nix Normal file
View File

@ -0,0 +1,116 @@
{ config, pkgs, lib, ...}:
with lib;
let
cfg = config.services.seafile-server;
# fix permissions at start
in
{
options.services.seafile-server = {
enable = mkEnableOption "Seafile server";
storagePath = mkOption {
type = types.path;
default = "/srv/seafile";
description = "where to store uploaded file data";
};
autorun = mkOption {
type = types.bool;
default = true;
description = "enable the seafile-server service to get started automatically";
};
db = {
type = mkOption {
type = types.enum ["sqlite" "mysql"];
default = "sqlite";
description = "database backend type";
};
user = mkOption {
type = types.nullOr types.string;
default = "seafile";
description = "Database user name. Not required for sqlite.";
};
dbname = mkOption {
type = types.nullOr types.string;
default = "seafile";
description = "Database name. Not required for sqlite.";
};
password = mkOption {
type = types.nullOr types.string;
default = null;
description = ''
Database password. Use <literal>passwordFile</literal> to avoid this
being world-readable in the <literal>/nix/store</literal>.
Not required for sqlite.'';
};
passwordFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The full path to a file that contains the database password.
'';
};
host = mkOption {
type = types.nullOr types.str;
default = "localhost";
description = "Database host.";
};
dbport = mkOption {
type = with types; nullOr (either int str);
default = null;
description = "Database port. Not required for sqlite.";
};
};
user = mkOption {
type = types.str;
default = "seafile";
description = "User account under which the Seafile server runs.";
};
group = mkOption {
type = types.str;
default = "seafile";
description = "Group account under which the Seafile server runs.";
};
domainName = mkOption {
type = types.str;
description = "full domain name of the seafile instance";
};
};
config = let
directoriesToManage = [ cfg.storagePath ];
in
lib.mkIf cfg.enable {
systemd.services.seafile-server = {
serviceConfig = {
ExecStartPre = "+${pkgs.writeScript "seafile-server-preStart" ''
#!${pkgs.runtimeShell}
#set -ex
for DIR in ${escapeShellArgs directoriesToManage}; do
mkdir -p "$DIR"
chown ${cfg.user}:${cfg.group} "$DIR"
done;
''}";
ExecStart = "${pkgs.seafile-server}/seafile-core/bin/seaf-server-init";
User = cfg.user;
Group = cfg.group;
Type = "oneshot";
WorkingDirectory = cfg.storagePath;
};
enable = cfg.autorun;
wantedBy = [ "multi-user.target" ];
};
users.users.${cfg.user} = {
home = cfg.storagePath;
group = cfg.group;
createHome = true;
isNormalUser = false;
};
users.groups.${cfg.group}.members = [ cfg.user ];
};
}

31
seafile-test.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, pkgs, ...}:
{
imports = [
<nixpkgs/nixos/modules/profiles/minimal.nix>
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
./mod-seafile-server.nix
];
nixpkgs.overlays = [
(import /home/spiollinux/nixconfigs/home/ov/seafile-overlay)
];
i18n.consoleKeyMap = "de";
users.mutableUsers = false;
users.users.test = {
isNormalUser = true;
extraGroups = [ "wheel" ];
#hashedPassword = "$6$SZCzE/xB$Hr9sfsJ7xAcBCoptG39cxxQk8RZfldDjjGpSngOvn9Ufex5dHBEbdncXRZnfrGATsGcYPvLi7m4wIu.f8tY9B.";
password = "";
home = "/home/test";
createHome = true;
};
# Seafile
services.seafile-server = {
enable = true;
#autorun = false;
domainName = "localhost";
};
}