diff --git a/mod-seafile-server.nix b/mod-seafile-server.nix index 5eb9dea..18b274e 100644 --- a/mod-seafile-server.nix +++ b/mod-seafile-server.nix @@ -4,8 +4,6 @@ let cfg = config.services.seafile-server; seafileConfigFile = pkgs.writeText "seafile.conf" (generators.toINI {} cfg.seafileSettings); - ccnetConfigFile = pkgs.writeText "ccnet.conf" - (generators.toINI {} cfg.ccnetSettings); # fix permissions at start in { @@ -16,13 +14,6 @@ in default = "/srv/seafile"; description = "where to store uploaded file data"; }; - ccnetSettings = mkOption { - type = with types; attrsOf (attrsOf (oneOf [ bool int str ])); - default = {}; - description = '' - all possible ccnet.conf settings - ''; - }; seafileSettings = mkOption { type = with types; attrsOf (attrsOf (oneOf [ bool int str ])); default = {}; @@ -62,24 +53,24 @@ in description = "Database name for Seahub web interface. Not required for sqlite."; }; passwordFile = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - The full path to a file that contains the database password. - Not required for sqlite. - ''; + type = types.nullOr types.str; + default = null; + description = '' + The full path to a file that contains the database password. + Not required for sqlite. + ''; + }; + host = mkOption { + type = types.nullOr types.str; + default = "localhost"; + description = "Database host."; + }; + dbport = mkOption { + type = with types; nullOr (either int str); + default = 3306; + description = "Database port. Not required for sqlite."; + }; }; - host = mkOption { - type = types.nullOr types.str; - default = "localhost"; - description = "Database host."; - }; - port = mkOption { - type = with types; nullOr (either int str); - default = 3306; - description = "Database port. Not required for sqlite."; - }; - }; user = mkOption { type = types.str; @@ -192,25 +183,6 @@ in directoriesToManage = [ cfg.storagePath ]; in mkIf cfg.enable { - services.seafile-server.ccnetSettings = { - # TODO: ID and NAME might be required - General.SERVICE_URL="http${if cfg.enableTLS then "s" else ""}://${cfg.domainName}:${toString cfg.externalPort}/"; - Database = mkMerge [ - { - ENGINE = cfg.db.type; - } - (mkIf (cfg.db.type == "mysql") { - HOST = cfg.db.host; - PORT = cfg.db.port; - USER = cfg.db.user; - CONNECTION_CHARSET = "utf8"; - DB = cfg.db.dbnameCcnet; - password = "#dbpass#"; - }) - ]; - - }; - services.seafile-server.seafileSettings = { library_trash.expire_days = cfg.trashExpirationTime; fileserver = { @@ -237,7 +209,7 @@ in port = cfg.db.port; user = cfg.db.user; connection_charset = "utf8"; - db_name = cfg.db.dbnameSeafile; + db_name = cfg.db.dbname; max_connections = 100; password = "#dbpass#"; }) @@ -248,7 +220,7 @@ in # state directory permissions managed by systemd tmpfiles.rules = [ "d ${cfg.storagePath} 0750 ${cfg.user} ${cfg.group} -" - "d ${cfg.storagePath}/conf 0700 ${cfg.user} ${cfg.group} -" + "d ${cfg.storagePath}/conf 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.storagePath}/home 0710 ${cfg.user} ${cfg.group} -" ]; services.seafile-server = { @@ -265,39 +237,38 @@ in ''}") ("${pkgs.writeShellScript "seafile-server-preStart-unprivileged" '' # stuff run as seafile user - set -ex + set -x + + # outside URL + SERVICE_URL="http${if cfg.enableTLS then "s" else ""}://${cfg.domainName}:${toString cfg.externalPort}" # seafile.conf generation - # move config templates from nix store - cp ${ccnetConfigFile} ./conf/ccnet.conf + # move seafile.conf template from nix store cp ${seafileConfigFile} ./conf/seafile.conf # replace placeholder secrets with real secret read from file - ${if !(isNull cfg.db.passwordFile) then '' + ${if (isNull cfg.db.passwordFile) then '' DBPASS="$(head -n1 ${toString cfg.db.passwordFile})" - sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf ./conf/ccnet.conf + sed -e "s,#dbpass#,$DBPASS,g" -i ./conf/seafile.conf '' else "" } - # seahub secret key - if [ -e .seahubSecret ]; then - ${pkgs.seafile-server.pythonEnv} ${pkgs.seafile-server}/seahub/tools/secret_key_generator.py > .seahubSecret - chmod 400 .seahubSecret - fi - - # initialise db and other things needed at first run - if [ -e .initialised ]; then - #TODO: db initialisation - - touch .initialised - fi - - ln -nsf ${pkgs.seafile-server} seafile-server - - # for determining update version mismatches - cp ${pkgs.seafile-server}/installed_version . + pwd + ln -sf ${pkgs.seafile-server} seafile-server + ${pkgs.seafile-server.pythonEnv}/bin/python seafile-server/setup-seafile-mysql.py auto \ + -n "${cfg.name}" \ + -i "${cfg.domainName}" \ + -p "${toString cfg.fileserverPort}" \ + -d "${cfg.storagePath}" \ + -o "${cfg.db.host}" \ + -t "${toString cfg.db.dbport}" \ + -u "${cfg.db.user}" \ + -w "$DBPASS" \ + -c "${cfg.db.dbnameCcnet}" \ + -s "${cfg.db.dbnameSeafile}" \ + -b "${cfg.db.dbnameSeahub}" ''}") ]; User = cfg.user; diff --git a/seafile-test.nix b/seafile-test.nix index 3dd349b..1bd1cb1 100644 --- a/seafile-test.nix +++ b/seafile-test.nix @@ -26,10 +26,6 @@ enable = true; #autorun = false; domainName = "seaf.local"; - db = { - type = "mysql"; - passwordFile = toString (pkgs.writeText "testPW" "lol"); - }; }; }