Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 422b6bd489a9
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 8aba4ca41194
Choose a head ref
10 contributors
Loading
2 changes: 1 addition & 1 deletion lib/default.nix
View file
Original file line number Diff line number Diff line change
@@ -94,7 +94,7 @@ let
callPackageWith callPackagesWith extendDerivation hydraJob
makeScope;
inherit (meta) addMetaAttrs dontDistribute setName updateName
appendToName mapDerivationAttrset lowPrio lowPrioSet hiPrio
appendToName mapDerivationAttrset setPrio lowPrio lowPrioSet hiPrio
hiPrioSet;
inherit (sources) pathType pathIsDirectory cleanSourceFilter
cleanSource sourceByRegex sourceFilesBySuffices
11 changes: 6 additions & 5 deletions lib/meta.nix
View file
Original file line number Diff line number Diff line change
@@ -41,16 +41,18 @@ rec {
let x = builtins.parseDrvName name; in "${x.name}-${suffix}-${x.version}");


/* Apply a function to each derivation and only to derivations in an attrset
/* Apply a function to each derivation and only to derivations in an attrset.
*/
mapDerivationAttrset = f: set: lib.mapAttrs (name: pkg: if lib.isDerivation pkg then (f pkg) else pkg) set;

/* Set the nix-env priority of the package.
*/
setPrio = priority: addMetaAttrs { inherit priority; };

/* Decrease the nix-env priority of the package, i.e., other
versions/variants of the package will be preferred.
*/
lowPrio = drv: addMetaAttrs { priority = 10; } drv;

lowPrio = setPrio 10;

/* Apply lowPrio to an attrset with derivations
*/
@@ -60,8 +62,7 @@ rec {
/* Increase the nix-env priority of the package, i.e., this
version/variant of the package will be preferred.
*/
hiPrio = drv: addMetaAttrs { priority = -10; } drv;

hiPrio = setPrio (-10);

/* Apply hiPrio to an attrset with derivations
*/
6 changes: 4 additions & 2 deletions nixos/modules/misc/ids.nix
View file
Original file line number Diff line number Diff line change
@@ -306,7 +306,7 @@
rslsync = 279;
minio = 280;
kanboard = 281;
pykms = 282;
# pykms = 282; # DynamicUser = true
kodi = 283;
restya-board = 284;
mighttpd2 = 285;
@@ -338,6 +338,7 @@
minetest = 311;
rss2email = 312;
cockroachdb = 313;
zoneminder = 314;

# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!

@@ -604,7 +605,7 @@
rslsync = 279;
minio = 280;
kanboard = 281;
pykms = 282;
# pykms = 282; # DynamicUser = true
kodi = 283;
restya-board = 284;
mighttpd2 = 285;
@@ -636,6 +637,7 @@
minetest = 311;
rss2email = 312;
cockroachdb = 313;
zoneminder = 314;

# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal
1 change: 1 addition & 0 deletions nixos/modules/module-list.nix
View file
Original file line number Diff line number Diff line change
@@ -432,6 +432,7 @@
./services/misc/uhub.nix
./services/misc/weechat.nix
./services/misc/xmr-stak.nix
./services/misc/zoneminder.nix
./services/misc/zookeeper.nix
./services/monitoring/alerta.nix
./services/monitoring/apcupsd.nix
67 changes: 27 additions & 40 deletions nixos/modules/services/misc/pykms.nix
View file
Original file line number Diff line number Diff line change
@@ -5,20 +5,8 @@ with lib;
let
cfg = config.services.pykms;

home = "/var/lib/pykms";

services = {
serviceConfig = {
Restart = "on-failure";
RestartSec = "10s";
StartLimitInterval = "1min";
PrivateTmp = true;
ProtectSystem = "full";
ProtectHome = true;
};
};

in {
meta.maintainers = with lib.maintainers; [ peterhoeg ];

options = {
services.pykms = rec {
@@ -51,39 +39,38 @@ in {
default = false;
description = "Whether the listening port should be opened automatically.";
};

memoryLimit = mkOption {
type = types.str;
default = "64M";
description = "How much memory to use at most.";
};
};
};

config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewallPort [ cfg.port ];

systemd.services = {
pykms = services // {
description = "Python KMS";
wantedBy = [ "multi-user.target" ];
serviceConfig = with pkgs; {
User = "pykms";
Group = "pykms";
ExecStartPre = "${getBin pykms}/bin/create_pykms_db.sh ${home}/clients.db";
ExecStart = "${getBin pykms}/bin/server.py ${optionalString cfg.verbose "--verbose"} ${cfg.listenAddress} ${toString cfg.port}";
WorkingDirectory = home;
MemoryLimit = "64M";
};
};
};

users = {
users.pykms = {
name = "pykms";
group = "pykms";
home = home;
createHome = true;
uid = config.ids.uids.pykms;
description = "PyKMS daemon user";
};

groups.pykms = {
gid = config.ids.gids.pykms;
systemd.services.pykms = let
home = "/var/lib/pykms";
in {
description = "Python KMS";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
# python programs with DynamicUser = true require HOME to be set
environment.HOME = home;
serviceConfig = with pkgs; {
DynamicUser = true;
StateDirectory = baseNameOf home;
ExecStartPre = "${getBin pykms}/bin/create_pykms_db.sh ${home}/clients.db";
ExecStart = lib.concatStringsSep " " ([
"${getBin pykms}/bin/server.py"
cfg.listenAddress
(toString cfg.port)
] ++ lib.optional cfg.verbose "--verbose");
WorkingDirectory = home;
Restart = "on-failure";
MemoryLimit = cfg.memoryLimit;
};
};
};
Loading