Remove direct dependency to myconfig in database modules

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 10:26:33 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 10:26:49 +0200
commit: 4aac110f17f0528d90510eec00c9a8df60bcf04f (patch)
tree: f3fd7dfd999f56f397c1cdc972dd37978e15f0cd /modules/private/databases/mariadb.nix
parent: ffb14c1c25280777f5db3d2129c48dd319381f65 (diff)
download: Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.tar.gz
Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.tar.zst
Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.zip
1 files changed, 32 insertions, 8 deletions
diff --git a/modules/private/databases/mariadb.nix b/modules/private/databases/mariadb.nix
index cc99c3c..a7239c0 100644
--- a/modules/private/databases/mariadb.nix
+++ b/modules/private/databases/mariadb.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config, ... }:
 let
    cfg = config.myServices.databases.mariadb;
 in {
@@ -10,6 +10,30 @@ in {
        description = "Whether to enable mariadb database";
        type = lib.types.bool;
      };
+      package = lib.mkOption {
+        type = lib.types.package;
+        default = pkgs.mariadb;
+        description = ''
+          Mariadb package to use.
+          '';
+      };
+      credentials = lib.mkOption {
+        default = {};
+        description = "Credentials";
+        type = lib.types.attrsOf lib.types.str;
+      };
+      ldapConfig = lib.mkOption {
+        description = "LDAP configuration to allow PAM identification via LDAP";
+        type = lib.types.submodule {
+          options = {
+            host = lib.mkOption { type = lib.types.str; };
+            base = lib.mkOption { type = lib.types.str; };
+            dn = lib.mkOption { type = lib.types.str; };
+            password = lib.mkOption { type = lib.types.str; };
+            filter = lib.mkOption { type = lib.types.str; };
+          };
+        };
+      };
      dataDir = lib.mkOption {
        type = lib.types.path;
        default = "/var/lib/mysql";
@@ -50,7 +74,7 @@ in {
    # CREATE USER foo@localhost IDENTIFIED VIA pam USING 'mysql';
    services.mysql = {
      enable = true;
-      package = pkgs.mariadb;
+      package = cfg.package;
      dataDir = cfg.dataDir;
      extraOptions = ''
        ssl_ca = ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
@@ -79,7 +103,7 @@ in {
        text = ''
          [mysqldump]
          user = root
-          password = ${myconfig.env.databases.mysql.systemUsers.root}
+          password = ${cfg.credentials.root}
        '';
      }
      {
@@ -87,14 +111,14 @@ in {
        permissions = "0400";
        user = "mysql";
        group = "mysql";
-        text = with myconfig.env.databases.mysql.pam; ''
+        text =  with cfg.ldapConfig; ''
-          host ${myconfig.env.ldap.host}
+          host ${host}
-          base ${myconfig.env.ldap.base}
+          base ${base}
          binddn ${dn}
          bindpw ${password}
          pam_filter ${filter}
          ssl start_tls
-          '';
+        '';
      }
    ];
@@ -102,7 +126,7 @@ in {
      enable = true;
      systemCronJobs = [
        ''
-          30 1,13 * * * root ${pkgs.mariadb}/bin/mysqldump --defaults-file=${config.secrets.location}/mysql/mysqldump --all-databases > ${cfg.dataDir}/backup.sql
+          30 1,13 * * * root ${cfg.package}/bin/mysqldump --defaults-file=${config.secrets.location}/mysql/mysqldump --all-databases > ${cfg.dataDir}/backup.sql
        ''
      ];
    };
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 10:26:33 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 10:26:49 +0200
commit	4aac110f17f0528d90510eec00c9a8df60bcf04f (patch)
tree	f3fd7dfd999f56f397c1cdc972dd37978e15f0cd /modules/private/databases/mariadb.nix
parent	ffb14c1c25280777f5db3d2129c48dd319381f65 (diff)
download	Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.tar.gz Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.tar.zst Nix-4aac110f17f0528d90510eec00c9a8df60bcf04f.zip