From c619bbbbef3a1a80171029314bf5c621386e4ed8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Sun, 2 Jun 2019 20:18:15 +0200 Subject: [PATCH 1/3] nixos/btsync: remove Remove the btsync module. Bittorrent Sync was renamed to Resilio Sync in 2016, which is supported by the resilio module. Since Resilio Sync had some security updates since 2016, it is not safe to run Bittorrent Sync anymore. --- nixos/modules/misc/ids.nix | 4 +- nixos/modules/module-list.nix | 1 - nixos/modules/services/networking/btsync.nix | 324 ------------------- 3 files changed, 2 insertions(+), 327 deletions(-) delete mode 100644 nixos/modules/services/networking/btsync.nix diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 5b7fa5d2b98..f1118f472e4 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -145,7 +145,7 @@ #notbit = 111; # unused aerospike = 111; ngircd = 112; - btsync = 113; + #btsync = 113; # unused minecraft = 114; vault = 115; rippled = 116; @@ -457,7 +457,7 @@ #notbit = 111; # unused aerospike = 111; #ngircd = 112; # unused - btsync = 113; + #btsync = 113; # unused #minecraft = 114; # unused vault = 115; #ripped = 116; # unused diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 49b5076aefd..2313f45b8e5 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -541,7 +541,6 @@ ./services/networking/autossh.nix ./services/networking/bird.nix ./services/networking/bitlbee.nix - ./services/networking/btsync.nix ./services/networking/charybdis.nix ./services/networking/chrony.nix ./services/networking/cjdns.nix diff --git a/nixos/modules/services/networking/btsync.nix b/nixos/modules/services/networking/btsync.nix deleted file mode 100644 index 33e85ef58e6..00000000000 --- a/nixos/modules/services/networking/btsync.nix +++ /dev/null @@ -1,324 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.btsync; - - bittorrentSync = cfg.package; - - listenAddr = cfg.httpListenAddr + ":" + (toString cfg.httpListenPort); - - optionalEmptyStr = b: v: optionalString (b != "") v; - - webUIConfig = optionalString cfg.enableWebUI - '' - "webui": - { - ${optionalEmptyStr cfg.httpLogin "\"login\": \"${cfg.httpLogin}\","} - ${optionalEmptyStr cfg.httpPass "\"password\": \"${cfg.httpPass}\","} - ${optionalEmptyStr cfg.apiKey "\"api_key\": \"${cfg.apiKey}\","} - ${optionalEmptyStr cfg.directoryRoot "\"directory_root\": \"${cfg.directoryRoot}\","} - "listen": "${listenAddr}" - } - ''; - - knownHosts = e: - optionalString (e ? "knownHosts") - (concatStringsSep "," (map (v: "\"${v}\"") e."knownHosts")); - - sharedFoldersRecord = - concatStringsSep "," (map (entry: - let helper = attr: v: - if (entry ? attr) then boolToString entry.attr else boolToString v; - in - '' - { - "secret": "${entry.secret}", - "dir": "${entry.directory}", - - "use_relay_server": ${helper "useRelayServer" true}, - "use_tracker": ${helper "useTracker" true}, - "use_dht": ${helper "useDHT" false}, - - "search_lan": ${helper "searchLAN" true}, - "use_sync_trash": ${helper "useSyncTrash" true}, - - "known_hosts": [${knownHosts entry}] - } - '') cfg.sharedFolders); - - sharedFoldersConfig = optionalString (cfg.sharedFolders != []) - '' - "shared_folders": - [ - ${sharedFoldersRecord} - ] - ''; - - configFile = pkgs.writeText "btsync.config" - '' - { - "device_name": "${cfg.deviceName}", - "storage_path": "${cfg.storagePath}", - "listening_port": ${toString cfg.listeningPort}, - "use_gui": false, - - "check_for_updates": ${boolToString cfg.checkForUpdates}, - "use_upnp": ${boolToString cfg.useUpnp}, - "download_limit": ${toString cfg.downloadLimit}, - "upload_limit": ${toString cfg.uploadLimit}, - "lan_encrypt_data": ${boolToString cfg.encryptLAN}, - - ${webUIConfig} - ${sharedFoldersConfig} - } - ''; -in -{ - options = { - services.btsync = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - If enabled, start the Bittorrent Sync daemon. Once enabled, you can - interact with the service through the Web UI, or configure it in your - NixOS configuration. Enabling the btsync service - also installs a systemd user unit which can be used to start - user-specific copies of the daemon. Once installed, you can use - systemctl --user start btsync as your user to start - the daemon using the configuration file located at - $HOME/.config/btsync.conf. - ''; - }; - - deviceName = mkOption { - type = types.str; - example = "Voltron"; - description = '' - Name of the Bittorrent Sync device. - ''; - }; - - listeningPort = mkOption { - type = types.int; - default = 0; - example = 44444; - description = '' - Listening port. Defaults to 0 which randomizes the port. - ''; - }; - - checkForUpdates = mkOption { - type = types.bool; - default = true; - description = '' - Determines whether to check for updates and alert the user - about them in the UI. - ''; - }; - - useUpnp = mkOption { - type = types.bool; - default = true; - description = '' - Use Universal Plug-n-Play (UPnP) - ''; - }; - - downloadLimit = mkOption { - type = types.int; - default = 0; - example = 1024; - description = '' - Download speed limit. 0 is unlimited (default). - ''; - }; - - uploadLimit = mkOption { - type = types.int; - default = 0; - example = 1024; - description = '' - Upload speed limit. 0 is unlimited (default). - ''; - }; - - httpListenAddr = mkOption { - type = types.str; - default = "0.0.0.0"; - example = "1.2.3.4"; - description = '' - HTTP address to bind to. - ''; - }; - - httpListenPort = mkOption { - type = types.int; - default = 9000; - description = '' - HTTP port to bind on. - ''; - }; - - httpLogin = mkOption { - type = types.str; - example = "allyourbase"; - default = ""; - description = '' - HTTP web login username. - ''; - }; - - httpPass = mkOption { - type = types.str; - example = "arebelongtous"; - default = ""; - description = '' - HTTP web login password. - ''; - }; - - encryptLAN = mkOption { - type = types.bool; - default = true; - description = "Encrypt LAN data."; - }; - - enableWebUI = mkOption { - type = types.bool; - default = false; - description = '' - Enable Web UI for administration. Bound to the specified - httpListenAddress and - httpListenPort. - ''; - }; - - package = mkOption { - type = types.package; - example = literalExample "pkgs.bittorrentSync20"; - description = '' - Branch of bittorrent sync to use. - ''; - }; - - storagePath = mkOption { - type = types.path; - default = "/var/lib/btsync/"; - description = '' - Where BitTorrent Sync will store it's database files (containing - things like username info and licenses). Generally, you should not - need to ever change this. - ''; - }; - - apiKey = mkOption { - type = types.str; - default = ""; - description = "API key, which enables the developer API."; - }; - - directoryRoot = mkOption { - type = types.str; - default = ""; - example = "/media"; - description = "Default directory to add folders in the web UI."; - }; - - sharedFolders = mkOption { - default = []; - example = - [ { secret = "AHMYFPCQAHBM7LQPFXQ7WV6Y42IGUXJ5Y"; - directory = "/home/user/sync_test"; - useRelayServer = true; - useTracker = true; - useDHT = false; - searchLAN = true; - useSyncTrash = true; - knownHosts = - [ "192.168.1.2:4444" - "192.168.1.3:4444" - ]; - } - ]; - description = '' - Shared folder list. If enabled, web UI must be - disabled. Secrets can be generated using btsync - --generate-secret. Note that this secret will be - put inside the Nix store, so it is realistically not very - secret. - - If you would like to be able to modify the contents of this - directories, it is recommended that you make your user a - member of the btsync group. - - Directories in this list should be in the - btsync group, and that group must have - write access to the directory. It is also recommended that - chmod g+s is applied to the directory - so that any sub directories created will also belong to - the btsync group. Also, - setfacl -d -m group:btsync:rwx and - setfacl -m group:btsync:rwx should also - be applied so that the sub directories are writable by - the group. - ''; - }; - }; - }; - - config = mkIf cfg.enable { - assertions = - [ { assertion = cfg.deviceName != ""; - message = "Device name cannot be empty."; - } - { assertion = cfg.enableWebUI -> cfg.sharedFolders == []; - message = "If using shared folders, the web UI cannot be enabled."; - } - { assertion = cfg.apiKey != "" -> cfg.enableWebUI; - message = "If you're using an API key, you must enable the web server."; - } - ]; - - services.btsync.package = mkOptionDefault pkgs.bittorrentSync14; - - users.users.btsync = { - description = "Bittorrent Sync Service user"; - home = cfg.storagePath; - createHome = true; - uid = config.ids.uids.btsync; - group = "btsync"; - }; - - users.groups = [ - { name = "btsync"; - }]; - - systemd.services.btsync = with pkgs; { - description = "Bittorrent Sync Service"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "local-fs.target" ]; - serviceConfig = { - Restart = "on-abort"; - UMask = "0002"; - User = "btsync"; - ExecStart = - "${bittorrentSync}/bin/btsync --nodaemon --config ${configFile}"; - }; - }; - - systemd.user.services.btsync = with pkgs; { - description = "Bittorrent Sync user service"; - after = [ "network.target" "local-fs.target" ]; - serviceConfig = { - Restart = "on-abort"; - ExecStart = - "${bittorrentSync}/bin/btsync --nodaemon --config %h/.config/btsync.conf"; - }; - }; - - environment.systemPackages = [ cfg.package ]; - }; -} From 3093e35f8ff8be2d7ff508af6430dfce62f1151a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Mon, 3 Jun 2019 07:47:54 +0200 Subject: [PATCH 2/3] bittorrentSync: remove --- .../networking/bittorrentsync/1.4.x.nix | 9 ---- .../networking/bittorrentsync/2.0.x.nix | 9 ---- .../networking/bittorrentsync/generic.nix | 41 ------------------- pkgs/top-level/aliases.nix | 3 ++ pkgs/top-level/all-packages.nix | 4 -- 5 files changed, 3 insertions(+), 63 deletions(-) delete mode 100644 pkgs/applications/networking/bittorrentsync/1.4.x.nix delete mode 100644 pkgs/applications/networking/bittorrentsync/2.0.x.nix delete mode 100644 pkgs/applications/networking/bittorrentsync/generic.nix diff --git a/pkgs/applications/networking/bittorrentsync/1.4.x.nix b/pkgs/applications/networking/bittorrentsync/1.4.x.nix deleted file mode 100644 index 9d57cdaaf20..00000000000 --- a/pkgs/applications/networking/bittorrentsync/1.4.x.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ stdenv, fetchurl, ... } @ args: - -import ./generic.nix (args // { - version = "1.4.111"; - sha256s = { - "x86_64-linux" = "0bw3ds3ndcnkry5mpv645z2bfi5z387bh0f7b35blxq1yv93r83f"; - "i686-linux" = "1qwaj7l7nsd4afx7ksb4b1c22mki9qa40803v9x1a8bhbdfhkczk"; - }; -}) diff --git a/pkgs/applications/networking/bittorrentsync/2.0.x.nix b/pkgs/applications/networking/bittorrentsync/2.0.x.nix deleted file mode 100644 index d2db3eec26e..00000000000 --- a/pkgs/applications/networking/bittorrentsync/2.0.x.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ stdenv, fetchurl, ... } @ args: - -import ./generic.nix (args // { - version = "2.3.8"; - sha256s = { - "x86_64-linux" = "02n5s561cz3mprg682mrbmh3qai42dh64jgi05rqy9s6wgbn66ly"; - "i686-linux" = "118qrnxc7gvm30rsz0xfx6dlxmrr0dk5ajrvszhy06ww7xvqhzji"; - }; -}) diff --git a/pkgs/applications/networking/bittorrentsync/generic.nix b/pkgs/applications/networking/bittorrentsync/generic.nix deleted file mode 100644 index 1075aea8db3..00000000000 --- a/pkgs/applications/networking/bittorrentsync/generic.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ stdenv, fetchurl, version, sha256s, ... }: - -let - arch = { - "x86_64-linux" = "x64"; - "i686-linux" = "i386"; - }.${stdenv.hostPlatform.system} or throwSystem; - libPath = stdenv.lib.makeLibraryPath [ stdenv.cc.libc ]; - throwSystem = throw "Unsupported system: ${stdenv.hostPlatform.system}"; -in - -stdenv.mkDerivation rec { - name = "btsync-${version}"; - inherit version; - - src = fetchurl { - # annoyingly, downloads for 1.4 and 2.3 do not follow the same URL layout; this is - # a simple work-around, in place of overriding the url in the caller. - urls = [ - "https://download-cdn.getsync.com/${version}/linux-${arch}/BitTorrent-Sync_${arch}.tar.gz" - "http://syncapp.bittorrent.com/${version}/btsync_${arch}-${version}.tar.gz" - ]; - sha256 = sha256s.${stdenv.hostPlatform.system} or throwSystem; - }; - - dontStrip = true; # Don't strip, otherwise patching the rpaths breaks - sourceRoot = "."; - - installPhase = '' - install -D btsync "$out/bin/btsync" - patchelf --interpreter "$(< $NIX_CC/nix-support/dynamic-linker)" --set-rpath ${libPath} "$out/bin/btsync" - ''; - - meta = { - description = "Automatically sync files via secure, distributed technology"; - homepage = https://www.getsync.com/; - license = stdenv.lib.licenses.unfreeRedistributable; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ domenkozar thoughtpolice cwoac ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index de397996b2a..acd02e0d8f7 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -49,6 +49,9 @@ mapAliases ({ bashCompletion = bash-completion; # Added 2016-09-28 bridge_utils = bridge-utils; # added 2015-02-20 btrfsProgs = btrfs-progs; # added 2016-01-03 + bittorrentSync = throw "bittorrentSync has been deprecated by resilio-sync."; # added 2019-06-03 + bittorrentSync14 = throw "bittorrentSync14 has been deprecated by resilio-sync."; # added 2019-06-03 + bittorrentSync20 = throw "bittorrentSync20 has been deprecated by resilio-sync."; # added 2019-06-03 buildPerlPackage = perlPackages.buildPerlPackage; # added 2018-10-12 bundler_HEAD = bundler; # added 2015-11-15 cantarell_fonts = cantarell-fonts; # added 2018-03-03 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 6246cc4a5fb..3af78b9f552 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -20043,10 +20043,6 @@ in resilio-sync = callPackage ../applications/networking/resilio-sync { }; - bittorrentSync = bittorrentSync14; - bittorrentSync14 = callPackage ../applications/networking/bittorrentsync/1.4.x.nix { }; - bittorrentSync20 = callPackage ../applications/networking/bittorrentsync/2.0.x.nix { }; - dropbox = callPackage ../applications/networking/dropbox { }; dropbox-cli = callPackage ../applications/networking/dropbox/cli.nix { }; From 344ccd0d6ddc63e15feaa636fd99181500299bf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Mon, 3 Jun 2019 08:40:37 +0200 Subject: [PATCH 3/3] nixos/release-notes: mention removal of Bittorrent Sync --- nixos/doc/manual/release-notes/rl-1909.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 097863f0f4b..6c958583993 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -112,6 +112,18 @@ + + + Since Bittorrent Sync was superseded by Resilio Sync in 2016, the + bittorrentSync, bittorrentSync14, + and bittorrentSync16 packages have been removed in + favor of resilio-sync. + + + The corresponding module, has been + replaced by the module. + + The limesurvey apache subservice was replaced with a full NixOS module.