From 2720ce9be9892f9bc9b72ffc0d2c5dbb1a2e3a92 Mon Sep 17 00:00:00 2001 From: niten Date: Thu, 22 Jun 2023 18:06:14 -0700 Subject: [PATCH] Allow psotgresql database to be switched --- lib/fudo/minecraft-clj.nix | 3 +- lib/fudo/postgres.nix | 10 +++- lib/informis/cl-gemini.nix | 97 +++++++++++++++++++++----------------- 3 files changed, 63 insertions(+), 47 deletions(-) diff --git a/lib/fudo/minecraft-clj.nix b/lib/fudo/minecraft-clj.nix index c527c07..28c802c 100644 --- a/lib/fudo/minecraft-clj.nix +++ b/lib/fudo/minecraft-clj.nix @@ -226,7 +226,8 @@ in { cp -f ${props-file} ${stateDir}/server.properties cp -f ${eula-file} ${stateDir}/eula.txt mkdir -p ${stateDir}/plugins - cp -f ${witchcraft-plugin} ${stateDir}/plugins/witchcraft-plugin.jar + # Version not working... + # cp -f ${witchcraft-plugin} ${stateDir}/plugins/witchcraft-plugin.jar chmod u+w ${stateDir}/server.properties ''; diff --git a/lib/fudo/postgres.nix b/lib/fudo/postgres.nix index afc8f7b..e31eb3f 100644 --- a/lib/fudo/postgres.nix +++ b/lib/fudo/postgres.nix @@ -151,6 +151,12 @@ in { options.fudo.postgresql = with types; { enable = mkEnableOption "Fudo PostgreSQL Server"; + package = mkOption { + type = package; + description = "Which package to use for Postgresql server."; + default = pkgs.postgresql_11_gssapi; + }; + ssl-private-key = mkOption { type = nullOr str; description = "Location of the server SSL private key."; @@ -247,7 +253,7 @@ in { networking.firewall.allowedTCPPorts = [ 5432 ]; - environment.systemPackages = with pkgs; [ postgresql_11_gssapi ]; + environment.systemPackages = with pkgs; [ cfg.package ]; users.groups = { ${cfg.socket-group} = { members = [ "postgres" ] ++ cfg.local-users; }; @@ -255,7 +261,7 @@ in { services.postgresql = { enable = true; - package = pkgs.postgresql_11_gssapi; + package = cfg.package; enableTCPIP = true; ensureDatabases = mapAttrsToList (name: value: name) cfg.databases; ensureUsers = ((mapAttrsToList (username: attrs: { diff --git a/lib/informis/cl-gemini.nix b/lib/informis/cl-gemini.nix index a18d9d6..580dc05 100644 --- a/lib/informis/cl-gemini.nix +++ b/lib/informis/cl-gemini.nix @@ -4,47 +4,53 @@ with lib; let cfg = config.informis.cl-gemini; - feedOpts = { ... }: with types; { - options = { - url = mkOption { - type = str; - description = "Base URI of the feed, i.e. the URI corresponding to the feed path."; - example = "gemini://my.server/path/to/feedfiles"; - }; + feedOpts = { ... }: + with types; { + options = { + url = mkOption { + type = str; + description = + "Base URI of the feed, i.e. the URI corresponding to the feed path."; + example = "gemini://my.server/path/to/feedfiles"; + }; - title = mkOption { - type = str; - description = "Title of given feed."; - example = "My Fancy Feed"; - }; + title = mkOption { + type = str; + description = "Title of given feed."; + example = "My Fancy Feed"; + }; - path = mkOption { - type = str; - description = "Path to Gemini files making up the feed."; - example = "/path/to/feed"; + path = mkOption { + type = str; + description = "Path to Gemini files making up the feed."; + example = "/path/to/feed"; + }; }; }; - }; - ensure-certificates = hostname: user: key: cert: pkgs.writeShellScript "ensure-gemini-certificates.sh" '' - if [[ ! -e ${key} ]]; then - TARGET_CERT_DIR=$(${pkgs.coreutils}/bin/dirname ${cert}) - TARGET_KEY_DIR=$(${pkgs.coreutils}/bin/dirname ${key}) - if [[ ! -d $TARGET_CERT_DIR ]]; then mkdir -p $TARGET_CERT_DIR; fi - if [[ ! -d $TARGET_KEY_DIR ]]; then mkdir -p $TARGET_KEY_DIR; fi - ${pkgs.openssl}/bin/openssl req -new -subj "/CN=.${hostname}" -addext "subjectAltName = DNS:${hostname}, DNS:.${hostname}" -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -days 3650 -nodes -out ${cert} -keyout ${key} - ${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${cert} - ${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${key} - ${pkgs.coreutils}/bin/chmod 0444 ${cert} - ${pkgs.coreutils}/bin/chmod 0400 ${key} - fi - ''; + ensure-certificates = hostname: user: key: cert: + pkgs.writeShellScript "ensure-gemini-certificates.sh" '' + if [[ ! -e ${key} ]]; then + TARGET_CERT_DIR=$(${pkgs.coreutils}/bin/dirname ${cert}) + TARGET_KEY_DIR=$(${pkgs.coreutils}/bin/dirname ${key}) + if [[ ! -d $TARGET_CERT_DIR ]]; then mkdir -p $TARGET_CERT_DIR; fi + if [[ ! -d $TARGET_KEY_DIR ]]; then mkdir -p $TARGET_KEY_DIR; fi + ${pkgs.openssl}/bin/openssl req -new -subj "/CN=.${hostname}" -addext "subjectAltName = DNS:${hostname}, DNS:.${hostname}" -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -days 3650 -nodes -out ${cert} -keyout ${key} + ${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${cert} + ${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${key} + ${pkgs.coreutils}/bin/chmod 0444 ${cert} + ${pkgs.coreutils}/bin/chmod 0400 ${key} + fi + ''; generate-feeds = feeds: let feed-strings = mapAttrsToList (feed-name: opts: - "(cl-gemini:register-feed :name \"${feed-name}\" :title \"${opts.title}\" :path \"${opts.path}\" :base-uri \"${opts.url}\")") feeds; - in pkgs.writeText "gemini-local-feeds.lisp" (concatStringsSep "\n" feed-strings); + '' + (cl-gemini:register-feed :name "${feed-name}" :title "${opts.title}" :path "${opts.path}" :base-uri "${opts.url}")'') + feeds; + in pkgs.writeText "gemini-local-feeds.lisp" + (concatStringsSep "\n" feed-strings); in { options.informis.cl-gemini = with types; { @@ -58,7 +64,8 @@ in { hostname = mkOption { type = str; - description = "Hostname at which the server is available (for generating the SSL certificate)."; + description = + "Hostname at which the server is available (for generating the SSL certificate)."; example = "my.hostname.com"; }; @@ -108,7 +115,8 @@ in { feeds = mkOption { type = attrsOf (submodule feedOpts); - description = "Feeds to generate and make available (as eg. /feed/name.xml)."; + description = + "Feeds to generate and make available (as eg. /feed/name.xml)."; example = { diary = { title = "My Diary"; @@ -116,7 +124,7 @@ in { url = "gemini://my.host/blog-path/"; }; }; - default = {}; + default = { }; }; textfiles-archive = mkOption { @@ -141,10 +149,13 @@ in { systemd.services = { cl-gemini = { - description = "cl-gemini Gemini server (https://gemini.circumlunar.space/)"; + description = + "cl-gemini Gemini server (https://gemini.circumlunar.space/)"; serviceConfig = { - ExecStartPre = "${ensure-certificates cfg.hostname cfg.user cfg.ssl-private-key cfg.ssl-certificate}"; + ExecStartPre = + "${ensure-certificates cfg.hostname cfg.user cfg.ssl-private-key + cfg.ssl-certificate}"; ExecStart = "${pkgs.cl-gemini}/bin/launch-server.sh"; Restart = "on-failure"; PIDFile = "/run/cl-gemini.$USERNAME.uid"; @@ -152,7 +163,8 @@ in { }; environment = { - GEMINI_SLYNK_PORT = mkIf (cfg.slynk-port != null) (toString cfg.slynk-port); + GEMINI_SLYNK_PORT = + mkIf (cfg.slynk-port != null) (toString cfg.slynk-port); GEMINI_LISTEN_IP = cfg.server-ip; GEMINI_PRIVATE_KEY = cfg.ssl-private-key; GEMINI_CERTIFICATE = cfg.ssl-certificate; @@ -161,14 +173,11 @@ in { GEMINI_TEXTFILES_ROOT = cfg.textfiles-archive; GEMINI_FEEDS = "${generate-feeds cfg.feeds}"; - CL_SOURCE_REGISTRY = pkgs.lib.lisp.lisp-source-registry pkgs.cl-gemini; + CL_SOURCE_REGISTRY = + pkgs.lib.lisp.lisp-source-registry pkgs.cl-gemini; }; - path = with pkgs; [ - gcc - file - getent - ]; + path = with pkgs; [ gcc file getent ]; wantedBy = [ "multi-user.target" ]; };