public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #8429 from oconnorr/master

Browse Source 
uwsgi: Add user/group for uwsgi service.
This commit is contained in:
lethalman 2015-06-25 09:46:50 +02:00
commit 68dc809255
2 changed files with 37 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/misc/ids.nix
View File

@ -222,6 +222,7 @@
ripple-rest = 198; ripple-rest = 198;
nix-serve = 199; nix-serve = 199;
tvheadend = 200; tvheadend = 200;
uwsgi = 201;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -422,6 +423,7 @@
#ripple-rest = 198; #unused #ripple-rest = 198; #unused
#nix-serve = 199; #unused #nix-serve = 199; #unused
#tvheadend = 200; #unused #tvheadend = 200; #unused
uwsgi = 201;
# When adding a gid, make sure it doesn't match an existing # When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal # uid. Users and groups with the same name should have equal

40
nixos/modules/services/web-servers/uwsgi.nix
View File

@ -54,6 +54,12 @@ in {
description = "Enable uWSGI"; description = "Enable uWSGI";
}; };
runDir = mkOption {
type = types.string;
default = "/run/uwsgi";
description = "Where uWSGI communication sockets can live";
};
instance = mkOption { instance = mkOption {
type = types.attrs; type = types.attrs;
default = { default = {
@ -66,7 +72,7 @@ in {
moin = { moin = {
type = "normal"; type = "normal";
python2Packages = self: with self; [ moinmoin ]; python2Packages = self: with self; [ moinmoin ];
socket = "/run/uwsgi.sock"; socket = "${config.services.uwsgi.runDir}/uwsgi.sock";
}; };
}; };
} }
@ -89,24 +95,46 @@ in {
description = "Plugins used with uWSGI"; description = "Plugins used with uWSGI";
}; };
}; user = mkOption {
type = types.str;
default = "uwsgi";
description = "User account under which uwsgi runs.";
};
group = mkOption {
type = types.str;
default = "uwsgi";
description = "Group account under which uwsgi runs.";
};
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.services.uwsgi = { systemd.services.uwsgi = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p ${cfg.runDir}
chown ${cfg.user}:${cfg.group} ${cfg.runDir}
'';
serviceConfig = { serviceConfig = {
Type = "notify"; Type = "notify";
ExecStart = "${uwsgi}/bin/uwsgi --json ${pkgs.writeText "uwsgi.json" (buildCfg cfg.instance)}"; ExecStart = "${uwsgi}/bin/uwsgi --uid ${cfg.user} --gid ${cfg.group} --json ${pkgs.writeText "uwsgi.json" (buildCfg cfg.instance)}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
ExecStop = "${pkgs.coreutils}/bin/kill -INT $MAINPID"; ExecStop = "${pkgs.coreutils}/bin/kill -INT $MAINPID";
NotifyAccess = "main"; NotifyAccess = "main";
KillSignal = "SIGQUIT"; KillSignal = "SIGQUIT";
}; };
}; };
users.extraUsers = optionalAttrs (cfg.user == "uwsgi") (singleton
{ name = "uwsgi";
group = cfg.group;
uid = config.ids.uids.uwsgi;
});
users.extraGroups = optionalAttrs (cfg.group == "uwsgi") (singleton
{ name = "uwsgi";
gid = config.ids.gids.uwsgi;
});
}; };
} }