Changes to add selby forum, but it's not done yet

config/fudo/backplane/dns.nix

@@ -134,15 +134,14 @@ in {
     listen-v6-addresses = mkOption {
       type = with types; listOf str;
       description = "IPv6 addresses on which to listen for dns requests.";
-      example = [
-        "[abcd::1]"
-      ];
-      default = [];
+      example = [ "[abcd::1]" ];
+      default = [ ];
     };
 
     required-services = mkOption {
       type = with types; listOf str;
-      description = "A list of services required before the DNS server can start.";
+      description =
+        "A list of services required before the DNS server can start.";
     };
 
     user = mkOption {
@@ -177,18 +176,12 @@ in {
           createHome = true;
           home = "/var/home/${cfg.user}";
         };
-        backplane-powerdns = {
-          isSystemUser = true;
-        };
+        backplane-powerdns = { isSystemUser = true; };
       };
 
       groups = {
-        "${cfg.group}" = {
-          members = [cfg.user];
-        };
-        backplane-powerdns = {
-          members = [ "backplane-powerdns" ];
-        };
+        "${cfg.group}" = { members = [ cfg.user ]; };
+        backplane-powerdns = { members = [ "backplane-powerdns" ]; };
       };
     };
 
@@ -221,31 +214,30 @@ in {
             "backplane-dns-config-generator.service"
             "backplane-dns.target"
           ];
-          after = [
-            "network.target"
-            "postgresql.service"
-          ];
+          after = [ "network.target" "postgresql.service" ];
           wantedBy = [ "multi-user.target" ];
 
           path = with pkgs; [ postgresql ];
 
           serviceConfig = {
-            Restart="on-failure";
-            RestartSec="10";
-            StartLimitInterval="0";
-            PrivateDevices=true;
+            Restart = "on-failure";
+            RestartSec = "10";
+            StartLimitInterval = "0";
+            PrivateDevices = true;
             # CapabilityBoundingSet="CAP_CHOWN CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT";
             # NoNewPrivileges=true;
             ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${powerdns-home}";
-            ExecStart = "${pkgs.powerdns}/bin/pdns_server --setuid=backplane-powerdns --setgid=backplane-powerdns --chroot=${powerdns-home} --socket-dir=/ --daemon=no --guardian=no --disable-syslog --write-pid=no --config-dir=${configDir}";
-            ProtectSystem="full";
+            ExecStart =
+              "${pkgs.powerdns}/bin/pdns_server --setuid=backplane-powerdns --setgid=backplane-powerdns --chroot=${powerdns-home} --socket-dir=/ --daemon=no --guardian=no --disable-syslog --write-pid=no --config-dir=${configDir}";
+            ProtectSystem = "full";
             # ProtectHome=true;
-            RestrictAddressFamilies="AF_UNIX AF_INET AF_INET6";
+            RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
           };
         };
 
         backplane-dns-config-generator = {
-          description = "Generate postgres configuration for backplane DNS server.";
+          description =
+            "Generate postgres configuration for backplane DNS server.";
           requiredBy = [ "backplane-powerdns.service" ];
           requires = cfg.required-services;
           serviceConfig.Type = "oneshot";
@@ -260,35 +252,35 @@ in {
           # This builds the config in a bash script, to avoid storing the password
           # in the nix store at any point
           script = ''
-              if [ ! -d ${powerdns-conf-dir} ]; then
-              mkdir ${powerdns-conf-dir}
-              fi
+            if [ ! -d ${powerdns-conf-dir} ]; then
+            mkdir ${powerdns-conf-dir}
+            fi
 
-              TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d -t pdns-XXXXXXXXXX)
-              TMPCONF=$TMPDIR/pdns.local.gpgsql.conf
+            TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d -t pdns-XXXXXXXXXX)
+            TMPCONF=$TMPDIR/pdns.local.gpgsql.conf
 
-              if [ ! -f ${cfg.database.password-file} ]; then
-              echo "${cfg.database.password-file} does not exist!"
-              exit 1
-              fi
+            if [ ! -f ${cfg.database.password-file} ]; then
+            echo "${cfg.database.password-file} does not exist!"
+            exit 1
+            fi
 
-              touch $TMPCONF
-              chown backplane-powerdns:backplane-powerdns $TMPCONF
-              chmod go-rwx $TMPCONF
-              PASSWORD=$(cat ${cfg.database.password-file})
-              echo "launch+=gpgsql" >> $TMPCONF
-              echo "gpgsql-host=${cfg.database.host}" >> $TMPCONF
-              echo "gpgsql-dbname=${cfg.database.database}" >> $TMPCONF
-              echo "gpgsql-user=${cfg.database.username}" >> $TMPCONF
-              echo "gpgsql-password=$PASSWORD" >> $TMPCONF
-              echo "gpgsql-dnssec=yes" >> $TMPCONF
+            touch $TMPCONF
+            chown backplane-powerdns:backplane-powerdns $TMPCONF
+            chmod go-rwx $TMPCONF
+            PASSWORD=$(cat ${cfg.database.password-file})
+            echo "launch+=gpgsql" >> $TMPCONF
+            echo "gpgsql-host=${cfg.database.host}" >> $TMPCONF
+            echo "gpgsql-dbname=${cfg.database.database}" >> $TMPCONF
+            echo "gpgsql-user=${cfg.database.username}" >> $TMPCONF
+            echo "gpgsql-password=$PASSWORD" >> $TMPCONF
+            echo "gpgsql-dnssec=yes" >> $TMPCONF
 
-              mv $TMPCONF ${powerdns-conf-dir}/pdns.local.gpgsql.conf
+            mv $TMPCONF ${powerdns-conf-dir}/pdns.local.gpgsql.conf
 
-              rm -rf $TMPDIR
+            rm -rf $TMPDIR
 
-              exit 0
-            '';
+            exit 0
+          '';
         };
 
         backplane-dns = {
@@ -296,11 +288,13 @@ in {
           restartIfChanged = true;
 
           serviceConfig = {
-            ExecStart = "${pkgs.backplane-dns-server}/bin/launch-backplane-dns.sh";
+            ExecStart =
+              "${pkgs.backplane-dns-server}/bin/launch-backplane-dns.sh";
             Restart = "on-failure";
             PIDFile = "/run/backplane-dns.$USERNAME.pid";
             User = cfg.user;
             Group = cfg.group;
+            StandardOutput = "journal";
           };
 
           environment = {
@@ -311,13 +305,15 @@ in {
             FUDO_DNS_BACKPLANE_XMPP_PASSWORD_FILE = cfg.backplane.password-file;
             FUDO_DNS_BACKPLANE_DATABASE_HOSTNAME = cfg.backplane.database.host;
             FUDO_DNS_BACKPLANE_DATABASE_NAME = cfg.backplane.database.database;
-            FUDO_DNS_BACKPLANE_DATABASE_USERNAME = cfg.backplane.database.username;
-            FUDO_DNS_BACKPLANE_DATABASE_PASSWORD_FILE = cfg.backplane.database.password-file;
+            FUDO_DNS_BACKPLANE_DATABASE_USERNAME =
+              cfg.backplane.database.username;
+            FUDO_DNS_BACKPLANE_DATABASE_PASSWORD_FILE =
+              cfg.backplane.database.password-file;
 
             # CL_SOURCE_REGISTRY = "${pkgs.localLispPackages.backplane-dns}//";
 
-            CL_SOURCE_REGISTRY = lib.concatStringsSep ":" (map (pkg: "${pkg}//")
-               lisp-pkgs);
+            CL_SOURCE_REGISTRY =
+              lib.concatStringsSep ":" (map (pkg: "${pkg}//") lisp-pkgs);
           };
 
           requires = cfg.required-services;