prosody: packaged as a service

Conflicts: nixos/modules/misc/ids.nix
2014-09-02 17:08:56 +02:00 · 2014-09-02 17:08:56 +02:00 · d86c2c30c5
commit d86c2c30c5
parent aafca4dd51
6 changed files with 384 additions and 3 deletions
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@ -155,6 +155,8 @@
      consul = 145;
      mailpile = 146;
      prosody = 148;
      # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
      nixbld = 30000; # start of range of uids
@ -276,6 +278,8 @@
      uhub = 142;
      mailpile = 146;
      prosody = 148;
      # When adding a gid, make sure it doesn't match an existing uid. And don't use gids above 399!
      users = 100;
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -250,6 +250,7 @@
  ./services/networking/polipo.nix
  ./services/networking/prayer.nix
  ./services/networking/privoxy.nix
  ./services/networking/prosody.nix
  ./services/networking/quassel.nix
  ./services/networking/radicale.nix
  ./services/networking/radvd.nix
--- a/nixos/modules/services/networking/prosody.nix
+++ b/nixos/modules/services/networking/prosody.nix
@ -0,0 +1,275 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.prosody;
  sslOpts = { ... }: {
    options = {
      # TODO: require attribute
      key = mkOption {
        type = types.str;
        description = "Path to the key file";
      };
      # TODO: require attribute
      cert = mkOption {
        type = types.str;
        description = "Path to the certificate file";
      };
    };
  };
  moduleOpts = {
    roster = mkOption {
      default = true;
      description = "Allow users to have a roster";
    };
    saslauth = mkOption {
      default = true;
      description = "Authentication for clients and servers. Recommended if you want to log in.";
    };
    tls = mkOption {
      default = true;
      description = "Add support for secure TLS on c2s/s2s connections";
    };
    dialback = mkOption {
      default = true;
      description = "s2s dialback support";
    };
    disco = mkOption {
      default = true;
      description = "Service discovery";
    };
    legacyauth = mkOption {
      default = true;
      description = "Legacy authentication. Only used by some old clients and bots";
    };
    version = mkOption {
      default = true;
      description = "Replies to server version requests";
    };
    uptime = mkOption {
      default = true;
      description = "Report how long server has been running";
    };
    time = mkOption {
      default = true;
      description = "Let others know the time here on this server";
    };
    ping = mkOption {
      default = true;
      description = "Replies to XMPP pings with pongs";
    };
    console = mkOption {
      default = false;
      description = "telnet to port 5582";
    };
    bosh = mkOption {
      default = false;
      description = "Enable BOSH clients, aka 'Jabber over HTTP'";
    };
    httpserver = mkOption {
      default = false;
      description = "Serve static files from a directory over HTTP";
    };
  };
  createSSLOptsStr = o:
    if o ? key && o ? cert then
      ''ssl = { key = "${o.key}"; certificate = "${o.cert}"; };''
    else "";
  vHostOpts = { ... }: {
    options = {
      # TODO: require attribute
      domain = mkOption {
        type = types.str;
        description = "Domain name";
      };
      enabled = mkOption {
        default = false;
        description = "Whether to enable the virtual host";
      };
      ssl = mkOption {
        description = "Paths to SSL files";
        default = null;
        options = [ sslOpts ];
      };
      extraConfig = mkOption {
        default = '''';
        description = "Additional virtual host specific configuration";
      };
    };
  };
 in
 {
  ###### interface
  options = {
    services.prosody = {
      enable = mkOption {
        default = false;
        description = "Whether to enable the prosody server";
      };
      allowRegistration = mkOption {
        default = false;
        description = "Allow account creation";
      };
      modules = moduleOpts;
      extraModules = mkOption {
        description = "Enable custom modules";
        default = [];
      };
      virtualHosts = mkOption {
        description = "Define the virtual hosts";
        type = types.loaOf types.optionSet;
        example = {
          myhost = {
            domain = "my-xmpp-example-host.org";
            enabled = true;
          };
        };
        default = {
          localhost = {
            domain = "localhost";
            enabled = true;
          };
        };
        options = [ vHostOpts ];
      };
      ssl = mkOption {
        description = "Paths to SSL files";
        default = null;
        options = [ sslOpts ];
      };
      admins = mkOption {
        description = "List of administrators of the current host";
        example = [ "admin1@example.com" "admin2@example.com" ];
        default = [];
      };
      extraConfig = mkOption {
        default = '''';
        description = "Additional prosody configuration";
      };
    };
  };
  ###### implementation
  config = mkIf cfg.enable {
    environment.systemPackages = [ pkgs.prosody ];
    environment.etc."prosody/prosody.cfg.lua".text = ''
      pidfile = "/var/lib/prosody/prosody.pid"
      log = "*syslog"
      data_path = "/var/lib/prosody"
      allow_registration = ${ if cfg.allowRegistration then "true" else "false" };
      ${ optionalString cfg.modules.console "console_enabled = true;" }
      ${ optionalString  (cfg.ssl != null) (createSSLOptsStr cfg.ssl) }
      admins = { ${lib.concatStringsSep ", " (map (n: "\"${n}\"") cfg.admins) } };
      modules_enabled = {
        ${ lib.concatStringsSep "\n\ \ " (lib.mapAttrsToList
          (name: val: optionalString val ''"${name}";'')
        cfg.modules) }
        ${ optionalString cfg.allowRegistration "\"register\"\;" }
        ${ lib.concatStringsSep "\n" (map (x: "\"${x}\";") cfg.extraModules)}
        "posix";
      };
      ${ cfg.extraConfig }
      ${ lib.concatStringsSep "\n" (lib.mapAttrsToList (n: v: ''
        VirtualHost "${v.domain}"
          enabled = ${if v.enabled then "true" else "false"};
          ${ optionalString (v.ssl != null) (createSSLOptsStr v.ssl) }
          ${ v.extraConfig }
        '') cfg.virtualHosts) }
    '';
    users.extraUsers.prosody = {
      uid = config.ids.uids.prosody;
      description = "Prosody user";
      createHome = true;
      group = "prosody";
      home = "/var/lib/prosody";
    };
    users.extraGroups.prosody = {
      gid = config.ids.gids.prosody;
    };
    systemd.services.prosody = {
      description = "Prosody XMPP server";
      after = [ "network.target" ];
      wantedBy = [ "multi-user.target" ];
      serviceConfig = {
        User = "prosody";
        PIDFile = "/var/lib/prosody/prosody.pid";
        ExecStart = "${pkgs.prosody}/bin/prosodyctl start";
      };
    };
  };
 }
--- a/pkgs/servers/xmpp/prosody/default.nix
+++ b/pkgs/servers/xmpp/prosody/default.nix
@ -0,0 +1,45 @@
 { stdenv, fetchurl, lua5, luasocket, luasec, luaexpat, luafilesystem, libidn, openssl, makeWrapper }:
 let
  libs        = [ luasocket luasec luaexpat luafilesystem ];
  getPath     = lib : type : "${lib}/lib/lua/${lua5.luaversion}/?.${type};${lib}/share/lua/${lua5.luaversion}/?.${type}";
  getLuaPath  = lib : getPath lib "lua";
  getLuaCPath = lib : getPath lib "so";
  luaPath     = stdenv.lib.concatStringsSep ";" (map getLuaPath  libs);
  luaCPath    = stdenv.lib.concatStringsSep ";" (map getLuaCPath libs);
 in
 stdenv.mkDerivation rec {
  version = "0.9.4";
  name = "prosody-${version}";
  src = fetchurl {
    url = "http://prosody.im/downloads/source/${name}.tar.gz";
    sha256 = "be87cf31901a25477869b4ebd52e298f63a5effacae526911a0be876cc82e1c6";
  };
  buildInputs = [ lua5 luasocket luasec luaexpat libidn openssl makeWrapper ];
  configureFlags = [
    "--ostype=linux"
    "--with-lua-include=${lua5}/include"
    "--with-lua=${lua5}"
  ];
  postInstall = ''
      wrapProgram $out/bin/prosody \
        --set LUA_PATH '"${luaPath};"' \
        --set LUA_CPATH '"${luaCPath};"'
      wrapProgram $out/bin/prosodyctl \
        --add-flags '--config "/etc/prosody/prosody.cfg.lua"' \
        --set LUA_PATH '"${luaPath};"' \
        --set LUA_CPATH '"${luaCPath};"'
    '';
  meta = {
    description = "Open-source XMPP application server written in Lua";
    license = stdenv.lib.licenses.mit;
    homepage = http://www.prosody.im;
    platforms = stdenv.lib.platforms.linux;
    maintainers = [ stdenv.lib.maintainers.flosse ];
  };
 }
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -3771,7 +3771,6 @@ let
  lua = lua5;
  lua51Packages = recurseIntoAttrs (callPackage ./lua-packages.nix { lua = lua5_1; });
  lua52Packages = recurseIntoAttrs (callPackage ./lua-packages.nix { lua = lua5_2; });
  luaPackages = lua52Packages;
@ -7137,6 +7136,12 @@ let
    erlang = erlangR16;
  };
  prosody = recurseIntoAttrs (
    callPackage ../servers/xmpp/prosody {
      lua5 = lua5_1;
      inherit (lua51Packages) luasocket luasec luaexpat luafilesystem;
  });
  elasticmq = callPackage ../servers/elasticmq { };
  etcdctl = callPackage ../development/tools/etcdctl { };
--- a/pkgs/top-level/lua-packages.nix
+++ b/pkgs/top-level/lua-packages.nix
@ -7,7 +7,7 @@
 { fetchurl, stdenv, lua, callPackage, unzip, zziplib,
 pcre, oniguruma, gnulib, tre, glibc,
-sqlite }:
+sqlite, openssl, expat }:
 let
 isLua51 = lua.luaversion == "5.1";
@ -23,7 +23,32 @@ let
    inherit lua;
  };
-  luafilesystem = buildLuaPackage {
+  luaexpat = buildLuaPackage rec {
    version = "1.3.0";
    name = "expat-${version}";
    isLibrary = true;
    src = fetchurl {
      url = "https://matthewwild.co.uk/projects/luaexpat/luaexpat-${version}.tar.gz";
      sha256 = "1hvxqngn0wf5642i5p3vcyhg3pmp102k63s9ry4jqyyqc1wkjq6h";
    };
    buildInputs = [ expat ];
    preBuild = ''
      makeFlagsArray=(
        LUA_LDIR="$out/share/lua/${lua.luaversion}"
        LUA_INC="-I${lua}/include" LUA_CDIR="$out/lib/lua/${lua.luaversion}"
        EXPAT_INC="-I${expat}/include");
    '';
    meta = {
      homepage = "http://matthewwild.co.uk/projects/luaexpat";
      hydraPlatforms = stdenv.lib.platforms.linux;
      maintainers = [ stdenv.lib.maintainers.flosse ];
    };
  };
  luafilesystem = buildLuaPackage rec {
    name = "filesystem-1.6.2";
    src = fetchurl {
      url = "https://github.com/keplerproject/luafilesystem/archive/v1_6_2.tar.gz";
@ -36,6 +61,32 @@ let
    };
  };
  luasec = buildLuaPackage rec {
    version = "0.5";
    name = "sec-${version}";
    src = fetchurl {
      url = "https://github.com/brunoos/luasec/archive/luasec-${version}.tar.gz";
      sha256 = "08rm12cr1gjdnbv2jpk7xykby9l292qmz2v0dfdlgb4jfj7mk034";
    };
    buildInputs = [ openssl ];
    preBuild = ''
      makeFlagsArray=(
        linux
        LUAPATH="$out/lib/lua/${lua.luaversion}"
        LUACPATH="$out/lib/lua/${lua.luaversion}"
        INC_PATH="-I${lua}/include"
        LIB_PATH="-L$out/lib");
    '';
    meta = {
      homepage = "https://github.com/brunoos/luasec";
      hydraPlatforms = stdenv.lib.platforms.linux;
      maintainers = [ stdenv.lib.maintainers.flosse ];
    };
  };
  luasocket = buildLuaPackage rec {
    name = "socket-${version}";
    version = "2.0.2";