From 2a5cde8d47d5c887067176555596cf8feb5c4d8b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Sun, 12 May 2019 15:19:46 +0200 Subject: [PATCH] Remove some activationScript and move them to preStart scripts --- modules/webapps/diaspora.nix | 18 +++++------------- modules/webapps/mastodon.nix | 8 +------- modules/webapps/mediagoblin.nix | 15 ++++----------- modules/webapps/peertube.nix | 25 +++++++++++++++---------- modules/webapps/webstats/default.nix | 7 ++----- 5 files changed, 27 insertions(+), 46 deletions(-) diff --git a/modules/webapps/diaspora.nix b/modules/webapps/diaspora.nix index 2266332..65599b7 100644 --- a/modules/webapps/diaspora.nix +++ b/modules/webapps/diaspora.nix @@ -141,6 +141,11 @@ in path = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby pkgs.curl pkgs.which pkgs.gawk ]; preStart = '' + install -m 0755 -d ${cfg.dataDir}/uploads ${cfg.dataDir}/tmp ${cfg.dataDir}/log + install -m 0700 -d ${cfg.dataDir}/tmp/pids + if [ ! -f ${cfg.dataDir}/schedule.yml ]; then + echo "{}" > ${cfg.dataDir}/schedule.yml + fi ./bin/bundle exec rails db:migrate ''; @@ -162,18 +167,5 @@ in unitConfig.RequiresMountsFor = cfg.dataDir; }; - - system.activationScripts.diaspora = { - deps = [ "users" ]; - text = '' - install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/uploads \ - ${cfg.dataDir}/tmp ${cfg.dataDir}/log - install -m 0700 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/pids - if [ ! -f ${cfg.dataDir}/schedule.yml ]; then - echo "{}" | $wrapperDir/sudo -u ${cfg.user} tee ${cfg.dataDir}/schedule.yml - fi - ''; - }; - }; } diff --git a/modules/webapps/mastodon.nix b/modules/webapps/mastodon.nix index f8fbcba..6255de9 100644 --- a/modules/webapps/mastodon.nix +++ b/modules/webapps/mastodon.nix @@ -163,6 +163,7 @@ in path = [ cfg.workdir.gems cfg.workdir.gems.ruby pkgs.file ]; preStart = '' + install -m 0755 -d ${cfg.dataDir}/tmp/cache ./bin/bundle exec rails db:migrate ''; @@ -218,12 +219,5 @@ in unitConfig.RequiresMountsFor = cfg.dataDir; }; - system.activationScripts.mastodon = { - deps = [ "users" ]; - text = '' - install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/cache - ''; - }; - }; } diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix index 5753457..78bbef6 100644 --- a/modules/webapps/mediagoblin.nix +++ b/modules/webapps/mediagoblin.nix @@ -183,6 +183,10 @@ in ${paste_local} stop ''; preStart = '' + if [ -d ${cfg.dataDir}/plugin_static/ ]; then + rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth + ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth + fi ./bin/gmg -cf ${cfg.configFile} dbupdate ''; @@ -229,16 +233,5 @@ in unitConfig.RequiresMountsFor = cfg.dataDir; }; - - system.activationScripts.mediagoblin = { - deps = [ "users" ]; - text = '' - if [ -d ${cfg.dataDir}/plugin_static/ ]; then - rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth - ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth - fi - ''; - }; - }; } diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix index 7c96076..89dcc67 100644 --- a/modules/webapps/peertube.nix +++ b/modules/webapps/peertube.nix @@ -39,6 +39,17 @@ in Peertube package to use. ''; }; + # Output variables + systemdStateDirectory = lib.mkOption { + type = lib.types.str; + # Use ReadWritePaths= instead if varDir is outside of /var/lib + default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir; + lib.strings.removePrefix "/var/lib/" cfg.dataDir; + description = '' + Adjusted Peertube data directory for systemd + ''; + readOnly = true; + }; }; config = lib.mkIf cfg.enable { @@ -68,6 +79,8 @@ in path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; script = '' + install -m 0750 -d ${cfg.dataDir}/config + ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml exec npm run start ''; @@ -75,6 +88,8 @@ in User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.package; + StateDirectory = cfg.systemdStateDirectory; + StateDirectoryMode = 0750; PrivateTmp = true; ProtectHome = true; ProtectControlGroups = true; @@ -85,16 +100,6 @@ in unitConfig.RequiresMountsFor = cfg.dataDir; }; - - system.activationScripts.peertube = { - deps = [ "users" ]; - text = '' - install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir} - install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config - ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml - ''; - }; - }; } diff --git a/modules/webapps/webstats/default.nix b/modules/webapps/webstats/default.nix index f4916bd..feff951 100644 --- a/modules/webapps/webstats/default.nix +++ b/modules/webapps/webstats/default.nix @@ -58,6 +58,7 @@ in { TMPFILE=$(mktemp) trap "rm -f $TMPFILE" EXIT + mkdir -p ${cfg.dataDir}/${domain} cat /var/log/httpd/access_log-${domain} | sed -n "/\\[$date_regex/ p" > $TMPFILE for i in /var/log/httpd/access_log-${domain}*.gz; do zcat "$i" | sed -n "/\\[$date_regex/ p" >> $TMPFILE @@ -68,6 +69,7 @@ in { allStats = sites: pkgs.writeScript "stats" '' #!${pkgs.stdenv.shell} + mkdir -p ${cfg.dataDir} ${builtins.concatStringsSep "\n" (map (v: stats v.name v.conf) sites)} ''; in @@ -75,10 +77,5 @@ in { "5 0 * * * root ${allStats cfg.sites}" ]; }; - - system.activationScripts.goaccess = '' - mkdir -p /var/lib/goaccess - '' + - builtins.concatStringsSep "\n" (map (v: "mkdir -p ${cfg.dataDir}/${v.name}") cfg.sites); }; } -- 2.41.0