path = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby pkgs.curl pkgs.which pkgs.gawk ];
preStart = ''
+ install -m 0755 -d ${cfg.dataDir}/uploads ${cfg.dataDir}/tmp ${cfg.dataDir}/log
+ install -m 0700 -d ${cfg.dataDir}/tmp/pids
+ if [ ! -f ${cfg.dataDir}/schedule.yml ]; then
+ echo "{}" > ${cfg.dataDir}/schedule.yml
+ fi
./bin/bundle exec rails db:migrate
'';
unitConfig.RequiresMountsFor = cfg.dataDir;
};
-
- system.activationScripts.diaspora = {
- deps = [ "users" ];
- text = ''
- install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/uploads \
- ${cfg.dataDir}/tmp ${cfg.dataDir}/log
- install -m 0700 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/pids
- if [ ! -f ${cfg.dataDir}/schedule.yml ]; then
- echo "{}" | $wrapperDir/sudo -u ${cfg.user} tee ${cfg.dataDir}/schedule.yml
- fi
- '';
- };
-
};
}
path = [ cfg.workdir.gems cfg.workdir.gems.ruby pkgs.file ];
preStart = ''
+ install -m 0755 -d ${cfg.dataDir}/tmp/cache
./bin/bundle exec rails db:migrate
'';
unitConfig.RequiresMountsFor = cfg.dataDir;
};
- system.activationScripts.mastodon = {
- deps = [ "users" ];
- text = ''
- install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/cache
- '';
- };
-
};
}
${paste_local} stop
'';
preStart = ''
+ if [ -d ${cfg.dataDir}/plugin_static/ ]; then
+ rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+ ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+ fi
./bin/gmg -cf ${cfg.configFile} dbupdate
'';
unitConfig.RequiresMountsFor = cfg.dataDir;
};
-
- system.activationScripts.mediagoblin = {
- deps = [ "users" ];
- text = ''
- if [ -d ${cfg.dataDir}/plugin_static/ ]; then
- rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
- ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
- fi
- '';
- };
-
};
}
Peertube package to use.
'';
};
+ # Output variables
+ systemdStateDirectory = lib.mkOption {
+ type = lib.types.str;
+ # Use ReadWritePaths= instead if varDir is outside of /var/lib
+ default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
+ lib.strings.removePrefix "/var/lib/" cfg.dataDir;
+ description = ''
+ Adjusted Peertube data directory for systemd
+ '';
+ readOnly = true;
+ };
};
config = lib.mkIf cfg.enable {
path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
script = ''
+ install -m 0750 -d ${cfg.dataDir}/config
+ ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
exec npm run start
'';
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.package;
+ StateDirectory = cfg.systemdStateDirectory;
+ StateDirectoryMode = 0750;
PrivateTmp = true;
ProtectHome = true;
ProtectControlGroups = true;
unitConfig.RequiresMountsFor = cfg.dataDir;
};
-
- system.activationScripts.peertube = {
- deps = [ "users" ];
- text = ''
- install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
- install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
- ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
- '';
- };
-
};
}
TMPFILE=$(mktemp)
trap "rm -f $TMPFILE" EXIT
+ mkdir -p ${cfg.dataDir}/${domain}
cat /var/log/httpd/access_log-${domain} | sed -n "/\\[$date_regex/ p" > $TMPFILE
for i in /var/log/httpd/access_log-${domain}*.gz; do
zcat "$i" | sed -n "/\\[$date_regex/ p" >> $TMPFILE
allStats = sites: pkgs.writeScript "stats" ''
#!${pkgs.stdenv.shell}
+ mkdir -p ${cfg.dataDir}
${builtins.concatStringsSep "\n" (map (v: stats v.name v.conf) sites)}
'';
in
"5 0 * * * root ${allStats cfg.sites}"
];
};
-
- system.activationScripts.goaccess = ''
- mkdir -p /var/lib/goaccess
- '' +
- builtins.concatStringsSep "\n" (map (v: "mkdir -p ${cfg.dataDir}/${v.name}") cfg.sites);
};
}
projects / perso / Immae / Config / Nix.git / commitdiff
