modules/webapps/etherpad-lite.nix

   1 { lib, pkgs, config, ... }:
   2 let
   3   name = "etherpad-lite";
   4   cfg = config.services.etherpad-lite;
   5
   6   uid = config.ids.uids.etherpad-lite;
   7   gid = config.ids.gids.etherpad-lite;
   8 in
   9 {
  10   options.services.etherpad-lite = {
  11     enable = lib.mkEnableOption "Enable Etherpad lite’s service";
  12     user = lib.mkOption {
  13       type = lib.types.str;
  14       default = name;
  15       description = "User account under which Etherpad lite runs";
  16     };
  17     group = lib.mkOption {
  18       type = lib.types.str;
  19       default = name;
  20       description = "Group under which Etherpad lite runs";
  21     };
  22     dataDir = lib.mkOption {
  23       type = lib.types.path;
  24       default = "/var/lib/${name}";
  25       description = ''
  26         The directory where Etherpad lite stores its data.
  27       '';
  28     };
  29     socketsDir = lib.mkOption {
  30       type = lib.types.path;
  31       default = "/run/${name}";
  32       description = ''
  33         The directory where Etherpad lite stores its sockets.
  34       '';
  35     };
  36     configFile = lib.mkOption {
  37       type = lib.types.path;
  38       description = ''
  39         The config file path for Etherpad lite.
  40         '';
  41     };
  42     sessionKeyFile = lib.mkOption {
  43       type = lib.types.path;
  44       description = ''
  45         The Session key file path for Etherpad lite.
  46         '';
  47     };
  48     apiKeyFile = lib.mkOption {
  49       type = lib.types.path;
  50       description = ''
  51         The API key file path for Etherpad lite.
  52         '';
  53     };
  54     package = lib.mkOption {
  55       type = lib.types.package;
  56       default = pkgs.webapps.etherpad-lite;
  57       description = ''
  58         Etherpad lite package to use.
  59         '';
  60       example = lib.literalExample ''
  61         pkgs.webapps.etherpad-lite.withModules (p: [ p.ep_align ]);
  62       '';
  63     };
  64     modules = lib.mkOption {
  65       type = lib.types.listOf lib.types.package;
  66       default = [];
  67       description = ''
  68         Etherpad lite modules to use.
  69         DEPRECATED: use package directly
  70         '';
  71     };
  72     # Output variables
  73     workdir = lib.mkOption {
  74       type = lib.types.package;
  75       default = cfg.package.withModules (_: cfg.modules);
  76       description = ''
  77       Adjusted Etherpad lite package with plugins
  78       '';
  79       readOnly = true;
  80     };
  81     systemdStateDirectory = lib.mkOption {
  82       type = lib.types.str;
  83       # Use ReadWritePaths= instead if varDir is outside of /var/lib
  84       default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
  85         lib.strings.removePrefix "/var/lib/" cfg.dataDir;
  86       description = ''
  87       Adjusted Etherpad lite data directory for systemd
  88       '';
  89       readOnly = true;
  90     };
  91     systemdRuntimeDirectory = lib.mkOption {
  92       type = lib.types.str;
  93       # Use ReadWritePaths= instead if socketsDir is outside of /run
  94       default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
  95         lib.strings.removePrefix "/run/" cfg.socketsDir;
  96       description = ''
  97       Adjusted Etherpad lite sockets directory for systemd
  98       '';
  99       readOnly = true;
 100     };
 101     sockets = lib.mkOption {
 102       type = lib.types.attrsOf lib.types.path;
 103       default = {
 104         node  = "${cfg.socketsDir}/etherpad-lite.sock";
 105       };
 106       readOnly = true;
 107       description = ''
 108         Etherpad lite sockets
 109         '';
 110     };
 111   };
 112
 113   config = lib.mkIf cfg.enable {
 114     systemd.services.etherpad-lite = {
 115       description = "Etherpad-lite";
 116       wantedBy = [ "multi-user.target" ];
 117       after = [ "network.target" "postgresql.service" ];
 118       wants = [ "postgresql.service" ];
 119
 120       environment.NODE_ENV = "production";
 121       environment.HOME = cfg.workdir;
 122
 123       path = [ pkgs.nodejs ];
 124
 125       script = ''
 126         exec ${pkgs.nodejs}/bin/node ${cfg.workdir}/src/node/server.js \
 127           --sessionkey ${cfg.sessionKeyFile} \
 128           --apikey ${cfg.apiKeyFile} \
 129           --settings ${cfg.configFile}
 130       '';
 131
 132       postStart = ''
 133         while [ ! -S ${cfg.sockets.node} ]; do
 134           sleep 0.5
 135         done
 136         chmod a+w ${cfg.sockets.node}
 137         '';
 138       serviceConfig = {
 139         DynamicUser = true;
 140         User = cfg.user;
 141         Group = cfg.group;
 142         WorkingDirectory = cfg.workdir;
 143         PrivateTmp = true;
 144         NoNewPrivileges = true;
 145         PrivateDevices = true;
 146         ProtectHome = true;
 147         ProtectControlGroups = true;
 148         ProtectKernelModules = true;
 149         Restart = "always";
 150         Type = "simple";
 151         TimeoutSec = 60;
 152         RuntimeDirectory = cfg.systemdRuntimeDirectory;
 153         StateDirectory= cfg.systemdStateDirectory;
 154         ExecStartPre = [
 155           "+${pkgs.coreutils}/bin/install -d -m 0755 -o ${cfg.user} -g ${cfg.group} ${cfg.dataDir}/ep_initialized"
 156           "+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir} ${cfg.configFile} ${cfg.sessionKeyFile} ${cfg.apiKeyFile}"
 157         ];
 158       };
 159     };
 160
 161   };
 162 }