From 309152989968800e3dc74054a5d64e924383bec5 Mon Sep 17 00:00:00 2001 From: shimun Date: Fri, 18 Dec 2020 20:51:36 +0100 Subject: [PATCH] mod.nix --- mod.nix | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++ src/main.rs | 10 ++++----- 2 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 mod.nix diff --git a/mod.nix b/mod.nix new file mode 100644 index 0000000..bd9375b --- /dev/null +++ b/mod.nix @@ -0,0 +1,62 @@ +{ lib, pkgs, config, ... }: +with lib; +let + cfg = config.services.brownpaper; +in +{ + options.services.brownpaper = { + enable = mkEnableOption "brownpaper service"; + listen = mkOption { + type = types.str; + default = "0.0.0.0"; + }; + port = mkOption { + type = types.int; + default = 3000; + }; + dataDir = mkOption { + type = types.path; + default = "/var/lib/brownpaper"; + }; + user = mkOption { + type = types.str; + default = "brownpaper"; + }; + pgpKeys = mkOption { + type = with types; listOf path; + default = [ ]; + }; + }; + + config = mkIf cfg.enable { + users.users."${cfg.user}" = { }; + systemd.services.brownpaper = { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + path = [ pkgs.coreutils ]; + environment.BROWNPAPER_STORAGE_DIR = "${toString cfg.dataDir}"; + serviceConfig = + let + keyDir = pkgs.runCommand "brownpaper-keys" { } '' + mkdir -p $out + ${concatStringsSep " && " (builtins.map (key: "ln -s ${key} $out") cfg.pgpKeys)} + ''; + keyScript = pkgs.writeScript "brownpaper-keyscript" '' + DATADIR='${toString cfg.dataDir}' + [ -d "$DATADIR/keys" ] && mv "$DATADIR/keys" "$DATADIR/keys.bak" + [ -e "$DATADIR/keys" ] && rm "$DATADIR/keys" + ln -s ${keyDir} "$DATADIR/keys" + ''; + in + { + ExecStartPre = "+${pkgs.bash}/bin/bash -c '${concatStringsSep " && " + ([ + "mkdir -p ${toString cfg.dataDir}" + "chown ${toString cfg.user} ${toString cfg.dataDir}" + ] ++ (optionals (cfg.pgpKeys != [ ]) [ "${keyScript}" ])) }'"; + ExecStart = "${(pkgs.callPackage ./. { inherit pkgs; src = ./.; }).server.rootCrate.build}/bin/brownpaper ${cfg.listen}:${toString cfg.port}"; + User = cfg.user; + }; + }; + }; +} diff --git a/src/main.rs b/src/main.rs index 89676a8..b15a9a1 100644 --- a/src/main.rs +++ b/src/main.rs @@ -30,11 +30,11 @@ use std::path::Path; use std::sync::Arc; use std::sync::Mutex; -const STORAGE_DIR: &str = "./snips"; - lazy_static! { + static ref STORAGE_DIR: String = + env::var("BROWNPAPER_STORAGE_DIR").unwrap_or("/snips".to_string()); static ref KNOWN_KEYS: Arc> = Arc::new(Mutex::new( - KnownKeys::load_dir([STORAGE_DIR, "keys"].join("/")).expect("Failed to load pubkeys") + KnownKeys::load_dir([&*STORAGE_DIR, "keys"].join("/")).expect("Failed to load pubkeys") )); } @@ -42,7 +42,7 @@ const VERSION: &str = env!("CARGO_PKG_VERSION"); fn handle(req: &mut Request) -> IronResult { println!("{}", req.url); - let storage = SnippetStorage::new(&Path::new(&STORAGE_DIR)); + let storage = SnippetStorage::new(&Path::new(&*STORAGE_DIR)); let segments: Vec<&str> = req.url.path(); match (&req.method, segments.first()) { (Method::Get, Some(&"version")) => Ok(Response::with((iron::status::Ok, VERSION))), @@ -124,7 +124,7 @@ fn handle(req: &mut Request) -> IronResult { fn main() { let chain = Chain::new(handle); - println!("Starting brownpaper: {}", STORAGE_DIR); + println!("Starting brownpaper: {}", &*STORAGE_DIR); Iron::new(chain).http( args() .skip(1)