pykms: nixos module

This commit is contained in:
Peter Hoeg 2017-07-25 15:20:24 +08:00
parent 62e73a75f1
commit c640e790d5
3 changed files with 93 additions and 0 deletions

View File

@ -297,6 +297,7 @@
rslsync = 279;
minio = 280;
kanboard = 281;
pykms = 282;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -563,6 +564,7 @@
rslsync = 279;
minio = 280;
kanboard = 281;
pykms = 282;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

View File

@ -333,6 +333,7 @@
./services/misc/parsoid.nix
./services/misc/phd.nix
./services/misc/plex.nix
./services/misc/pykms.nix
./services/misc/radarr.nix
./services/misc/redmine.nix
./services/misc/rippled.nix

View File

@ -0,0 +1,90 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.pykms;
home = "/var/lib/pykms";
services = {
serviceConfig = {
Restart = "on-failure";
RestartSec = "10s";
StartLimitInterval = "1min";
PrivateTmp = true;
ProtectSystem = "full";
ProtectHome = true;
};
};
in {
options = {
services.pykms = rec {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to enable the PyKMS service.";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0";
description = "The IP address on which to listen.";
};
port = mkOption {
type = types.int;
default = 1688;
description = "The port on which to listen.";
};
verbose = mkOption {
type = types.bool;
default = false;
description = "Show verbose output.";
};
openFirewallPort = mkOption {
type = types.bool;
default = false;
description = "Whether the listening port should be opened automatically.";
};
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewallPort [ cfg.port ];
systemd.services = {
pykms = services // {
description = "Python KMS";
wantedBy = [ "multi-user.target" ];
serviceConfig = with pkgs; {
User = "pykms";
Group = "pykms";
ExecStartPre = "${getBin pykms}/bin/create_pykms_db.sh ${home}/clients.db";
ExecStart = "${getBin pykms}/bin/server.py ${optionalString cfg.verbose "--verbose"} ${cfg.listenAddress} ${toString cfg.port}";
WorkingDirectory = home;
MemoryLimit = "64M";
};
};
};
users = {
extraUsers.pykms = {
name = "pykms";
group = "pykms";
home = home;
createHome = true;
uid = config.ids.uids.pykms;
description = "PyKMS daemon user";
};
extraGroups.pykms = {
gid = config.ids.gids.pykms;
};
};
};
}