uid = config.ids.uids.mediagoblin;
gid = config.ids.gids.mediagoblin;
- fullPackage = cfg.package.withPlugins cfg.plugins;
paste_local = pkgs.writeText "paste_local.ini" ''
[DEFAULT]
debug = false
[app:mediagoblin]
use = egg:mediagoblin#app
- config = ${cfg.configFile} ${fullPackage}/mediagoblin.ini
- /mgoblin_static = ${fullPackage}/mediagoblin/static
+ config = ${cfg.configFile} ${cfg.package}/mediagoblin.ini
+ /mgoblin_static = ${cfg.package}/mediagoblin/static
[loggers]
keys = root
[server:main]
use = egg:waitress#main
- unix_socket = ${cfg.socketsDir}/mediagoblin.sock
+ unix_socket = ${cfg.sockets.paster}
unix_socket_perms = 777
url_scheme = https
'';
package = lib.mkOption {
type = lib.types.package;
default = pkgs.webapps.mediagoblin;
+ example = lib.literalExample ''
+ pkgs.webapps.mediagoblin.withPlugins (p: [p.basicsearch])
+ '';
description = ''
Mediagoblin package to use.
'';
};
- plugins = lib.mkOption {
- type = lib.types.listOf lib.types.package;
- default = [];
+ systemdStateDirectory = lib.mkOption {
+ type = lib.types.str;
+ # Use ReadWritePaths= instead if varDir is outside of /var/lib
+ default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
+ lib.strings.removePrefix "/var/lib/" cfg.dataDir;
+ description = ''
+ Adjusted Mediagoblin data directory for systemd
+ '';
+ readOnly = true;
+ };
+ systemdRuntimeDirectory = lib.mkOption {
+ type = lib.types.str;
+ # Use ReadWritePaths= instead if socketsDir is outside of /run
+ default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
+ lib.strings.removePrefix "/run/" cfg.socketsDir;
+ description = ''
+ Adjusted Mediagoblin sockets directory for systemd
+ '';
+ readOnly = true;
+ };
+ sockets = lib.mkOption {
+ type = lib.types.attrsOf lib.types.path;
+ default = {
+ paster = "${cfg.socketsDir}/mediagoblin.sock";
+ };
+ readOnly = true;
description = ''
- Mediagoblin plugins to use.
+ Mediagoblin sockets
+ '';
+ };
+ pids = lib.mkOption {
+ type = lib.types.attrsOf lib.types.path;
+ default = {
+ paster = "${cfg.socketsDir}/mediagoblin.pid";
+ celery = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
+ };
+ readOnly = true;
+ description = ''
+ Mediagoblin pid files
'';
};
};
config = lib.mkIf cfg.enable {
- users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
- inherit name;
- inherit uid;
- group = cfg.group;
- description = "Mediagoblin user";
- home = cfg.dataDir;
- useDefaultShell = true;
- });
- users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
- inherit name;
- inherit gid;
- });
+ users.users = lib.optionalAttrs (cfg.user == name) {
+ "${name}" = {
+ inherit uid;
+ group = cfg.group;
+ description = "Mediagoblin user";
+ home = cfg.dataDir;
+ useDefaultShell = true;
+ };
+ };
+ users.groups = lib.optionalAttrs (cfg.group == name) {
+ "${name}" = {
+ inherit gid;
+ };
+ };
+ systemd.slices.mediagoblin = {
+ description = "Mediagoblin slice";
+ };
systemd.services.mediagoblin-web = {
description = "Mediagoblin service";
wantedBy = [ "multi-user.target" ];
script = ''
exec ./bin/paster serve \
${paste_local} \
- --pid-file=${cfg.socketsDir}/mediagoblin.pid
+ --pid-file=${cfg.pids.paster}
'';
preStop = ''
exec ./bin/paster serve \
- --pid-file=${cfg.socketsDir}/mediagoblin.pid \
+ --pid-file=${cfg.pids.paster} \
${paste_local} stop
'';
preStart = ''
+ if [ -d ${cfg.dataDir}/plugin_static/ ]; then
+ rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+ ln -sf ${cfg.package}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+ fi
./bin/gmg -cf ${cfg.configFile} dbupdate
'';
serviceConfig = {
+ Slice = "mediagoblin.slice";
User = cfg.user;
PrivateTmp = true;
Restart = "always";
TimeoutSec = 15;
Type = "simple";
- WorkingDirectory = fullPackage;
- PIDFile = "${cfg.socketsDir}/mediagoblin.pid";
+ WorkingDirectory = cfg.package;
+ RuntimeDirectory = cfg.systemdRuntimeDirectory;
+ StateDirectory= cfg.systemdStateDirectory;
+ PIDFile = cfg.pids.paster;
};
unitConfig.RequiresMountsFor = cfg.dataDir;
'';
serviceConfig = {
+ Slice = "mediagoblin.slice";
User = cfg.user;
PrivateTmp = true;
Restart = "always";
TimeoutSec = 60;
Type = "simple";
- WorkingDirectory = fullPackage;
- PIDFile = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
+ WorkingDirectory = cfg.package;
+ RuntimeDirectory = cfg.systemdRuntimeDirectory;
+ StateDirectory= cfg.systemdStateDirectory;
+ PIDFile = cfg.pids.celery;
};
unitConfig.RequiresMountsFor = cfg.dataDir;
};
-
- system.activationScripts.mediagoblin = {
- deps = [ "users" ];
- text = ''
- install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.socketsDir}
- install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
- if [ -d ${cfg.dataDir}/plugin_static/ ]; then
- rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
- ln -sf ${fullPackage}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
- fi
- '';
- };
-
};
}