diff --git a/mod-seafile-server.nix b/mod-seafile-server.nix
index 4b65806..68697ae 100644
--- a/mod-seafile-server.nix
+++ b/mod-seafile-server.nix
@@ -2,8 +2,6 @@
with lib;
let
cfg = config.services.seafile-server;
- seafileConfigFile = pkgs.writeText "seafile.conf"
- (generators.toINI {} cfg.seafileSettings);
# fix permissions at start
in
{
@@ -14,13 +12,6 @@ in
default = "/srv/seafile";
description = "where to store uploaded file data";
};
- seafileSettings = mkOption {
- type = with types; attrsOf (attrsOf (oneOf [ bool int str ]));
- default = {};
- description = ''
- all possible seafile.conf settings
- '';
- };
autorun = mkOption {
type = types.bool;
default = true;
@@ -42,12 +33,20 @@ in
default = "seafile";
description = "Database name. Not required for sqlite.";
};
- passwordFile = mkOption {
+ password = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ description = ''
+ Database password. Use passwordFile to avoid this
+ being world-readable in the /nix/store.
+
+ Not required for sqlite.'';
+ };
+ passwordFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The full path to a file that contains the database password.
- Not required for sqlite.
'';
};
host = mkOption {
@@ -173,39 +172,6 @@ in
directoriesToManage = [ cfg.storagePath ];
in
mkIf cfg.enable {
- services.seafile-server.seafileSettings = {
- library_trash.expire_days = cfg.trashExpirationTime;
- fileserver = {
- host = cfg.fileserverBindAddress;
- port = cfg.fileserverPort;
- worker_threads = cfg.fileserverWorkers;
- max_indexing_threads = cfg.fileserverIndexers;
- fixed_block_size = cfg.fileserverBlockSize;
- };
- quota = mkIf (! isNull cfg.defaultQuota) {
- default = cfg.defaultQuota;
- };
- history = mkIf (! isNull cfg.fileRevisionHistoryDays) {
- keep_days = cfg.fileRevisionHistoryDays;
- };
- database = mkMerge [
- {
- type = cfg.db.type;
- }
- # while just using the cfg.db set directly might be possible and
- # save lines of code, I prefer hand-picking options
- (mkIf (cfg.db.type == "mysql") {
- host = cfg.db.host;
- port = cfg.db.port;
- user = cfg.db.user;
- connection_charset = "utf8";
- db_name = cfg.db.dbname;
- max_connections = 100;
- password = "#dbpass#";
- })
- ];
- };
-
systemd = {
# state directory permissions managed by systemd
tmpfiles.rules = [
@@ -215,7 +181,7 @@ in
];
services.seafile-server = {
- path = with pkgs; [ seafile-server.seafile-server-core ];
+ path = with pkgs; [ seafile-server.ccnet-server seafile-server.seafile-server-core ];
script = ''
./seafile-server/seafile-server-latest/bin/seafile-admin start
'';
@@ -231,7 +197,7 @@ in
# ccnet-init must only be run once per installation, as it also generates stateful key and ID
# solution: invoke it once, use result as template
if [ ! -e ./ccnet/mykey.peer ]; then
- #$ {pkgs.seafile-server.ccnet-server}/bin/ccnet-init -c ./ccnet -H 'TEMPLATEHOST'
+ ${pkgs.seafile-server.ccnet-server}/bin/ccnet-init -c ./ccnet -H 'TEMPLATEHOST'
mv ./ccnet/ccnet.conf{,.template}
fi
@@ -243,17 +209,48 @@ in
# seafile.conf generation
- # move seafile.conf template from nix store
- cp ${seafileConfigFile} ./conf/seafile.conf
- # replace placeholder secrets with real secret read from file
- ${if (isNull cfg.db.passwordFile) then ''
- DBPASS="$(head -n1 ${toString cfg.db.passwordFile})"
- sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf
- ''
- else ""
- }
+ echo '[library_trash]
+ expire_days ${toString cfg.trashExpirationTime}
+
+ [fileserver]
+ host = ${cfg.fileserverBindAddress}
+ port = ${toString cfg.fileserverPort}
+ worker_threads = ${toString cfg.fileserverWorkers}
+ max_indexing_threads = ${toString cfg.fileserverIndexers}
+ fixed_block_size = ${toString cfg.fileserverIndexers}' > ./conf/seafile.conf
+
+ if [ ${toString (! isNull cfg.defaultQuota)} ]; then
+ echo '[quota]' >> ./conf/seafile.conf
+ echo 'default = ${toString cfg.defaultQuota}' >> ./conf/seafile.conf
+ fi
+
+ if [ ${toString (! isNull cfg.fileRevisionHistoryDays)} ]; then
+ echo '[history]' >> ./conf/seafile.conf
+ echo 'keep_days = ${toString cfg.defaultQuota}' >> ./conf/seafile.conf
+ fi
+
+ # seafile database settings
+
+ if [ ${cfg.db.type} = "mysql" ]; then
+ echo '[database]
+ type = mysql
+ host = ${cfg.db.host}
+ port = ${toString cfg.db.dbport}
+ user = ${cfg.db.user}
+ connection_charset = utf8
+ db_name = ${cfg.db.dbname}
+ max_connections = 100' >> ./conf/seafile.conf
+
+ if [ ${toString (! isNull cfg.db.password)}; then
+ echo 'password = ${toString cfg.db.password}' >> ./conf/seafile.conf
+ else
+ echo "password = $(cat ${toString cfg.db.passwordFile})" >> ./conf/seafile.conf
+ fi
+ else
+ echo '[database]
+ type = sqlite' >> ./conf/seafile.conf
+ fi
-
ln -s ${pkgs.seafile-server} seafile-server
./seafile-server/seafile-server-latest/bin/seafile-admin setup
''}")
diff --git a/seafile-nixos-tests.nix b/seafile-nixos-tests.nix
index ed1122c..d1e404a 100644
--- a/seafile-nixos-tests.nix
+++ b/seafile-nixos-tests.nix
@@ -15,7 +15,7 @@ import () {
(import ./default.nix)
];
- console.keyMap = "de";
+ i18n.consoleKeyMap = "de";
users.mutableUsers = false;
users.users.test = {
isNormalUser = true;
diff --git a/seafile-test.nix b/seafile-test.nix
index 5022de2..cf624c2 100644
--- a/seafile-test.nix
+++ b/seafile-test.nix
@@ -10,13 +10,13 @@
(import ./default.nix)
];
- console.keyMap = "de";
+ i18n.consoleKeyMap = "de";
users.mutableUsers = false;
users.users.test = {
isNormalUser = true;
extraGroups = [ "wheel" ];
#hashedPassword = "$6$SZCzE/xB$Hr9sfsJ7xAcBCoptG39cxxQk8RZfldDjjGpSngOvn9Ufex5dHBEbdncXRZnfrGATsGcYPvLi7m4wIu.f8tY9B.";
- password = "test";
+ password = "";
home = "/home/test";
createHome = true;
};