diff options
-rw-r--r-- | modules/webapps/diaspora.nix | 18 | ||||
-rw-r--r-- | modules/webapps/mastodon.nix | 8 | ||||
-rw-r--r-- | modules/webapps/mediagoblin.nix | 15 | ||||
-rw-r--r-- | modules/webapps/peertube.nix | 25 | ||||
-rw-r--r-- | modules/webapps/webstats/default.nix | 7 |
5 files changed, 27 insertions, 46 deletions
diff --git a/modules/webapps/diaspora.nix b/modules/webapps/diaspora.nix index 2266332..65599b7 100644 --- a/modules/webapps/diaspora.nix +++ b/modules/webapps/diaspora.nix | |||
@@ -141,6 +141,11 @@ in | |||
141 | path = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby pkgs.curl pkgs.which pkgs.gawk ]; | 141 | path = [ cfg.workdir.gems pkgs.nodejs cfg.workdir.gems.ruby pkgs.curl pkgs.which pkgs.gawk ]; |
142 | 142 | ||
143 | preStart = '' | 143 | preStart = '' |
144 | install -m 0755 -d ${cfg.dataDir}/uploads ${cfg.dataDir}/tmp ${cfg.dataDir}/log | ||
145 | install -m 0700 -d ${cfg.dataDir}/tmp/pids | ||
146 | if [ ! -f ${cfg.dataDir}/schedule.yml ]; then | ||
147 | echo "{}" > ${cfg.dataDir}/schedule.yml | ||
148 | fi | ||
144 | ./bin/bundle exec rails db:migrate | 149 | ./bin/bundle exec rails db:migrate |
145 | ''; | 150 | ''; |
146 | 151 | ||
@@ -162,18 +167,5 @@ in | |||
162 | 167 | ||
163 | unitConfig.RequiresMountsFor = cfg.dataDir; | 168 | unitConfig.RequiresMountsFor = cfg.dataDir; |
164 | }; | 169 | }; |
165 | |||
166 | system.activationScripts.diaspora = { | ||
167 | deps = [ "users" ]; | ||
168 | text = '' | ||
169 | install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/uploads \ | ||
170 | ${cfg.dataDir}/tmp ${cfg.dataDir}/log | ||
171 | install -m 0700 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/pids | ||
172 | if [ ! -f ${cfg.dataDir}/schedule.yml ]; then | ||
173 | echo "{}" | $wrapperDir/sudo -u ${cfg.user} tee ${cfg.dataDir}/schedule.yml | ||
174 | fi | ||
175 | ''; | ||
176 | }; | ||
177 | |||
178 | }; | 170 | }; |
179 | } | 171 | } |
diff --git a/modules/webapps/mastodon.nix b/modules/webapps/mastodon.nix index f8fbcba..6255de9 100644 --- a/modules/webapps/mastodon.nix +++ b/modules/webapps/mastodon.nix | |||
@@ -163,6 +163,7 @@ in | |||
163 | path = [ cfg.workdir.gems cfg.workdir.gems.ruby pkgs.file ]; | 163 | path = [ cfg.workdir.gems cfg.workdir.gems.ruby pkgs.file ]; |
164 | 164 | ||
165 | preStart = '' | 165 | preStart = '' |
166 | install -m 0755 -d ${cfg.dataDir}/tmp/cache | ||
166 | ./bin/bundle exec rails db:migrate | 167 | ./bin/bundle exec rails db:migrate |
167 | ''; | 168 | ''; |
168 | 169 | ||
@@ -218,12 +219,5 @@ in | |||
218 | unitConfig.RequiresMountsFor = cfg.dataDir; | 219 | unitConfig.RequiresMountsFor = cfg.dataDir; |
219 | }; | 220 | }; |
220 | 221 | ||
221 | system.activationScripts.mastodon = { | ||
222 | deps = [ "users" ]; | ||
223 | text = '' | ||
224 | install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/tmp/cache | ||
225 | ''; | ||
226 | }; | ||
227 | |||
228 | }; | 222 | }; |
229 | } | 223 | } |
diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix index 5753457..78bbef6 100644 --- a/modules/webapps/mediagoblin.nix +++ b/modules/webapps/mediagoblin.nix | |||
@@ -183,6 +183,10 @@ in | |||
183 | ${paste_local} stop | 183 | ${paste_local} stop |
184 | ''; | 184 | ''; |
185 | preStart = '' | 185 | preStart = '' |
186 | if [ -d ${cfg.dataDir}/plugin_static/ ]; then | ||
187 | rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth | ||
188 | ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth | ||
189 | fi | ||
186 | ./bin/gmg -cf ${cfg.configFile} dbupdate | 190 | ./bin/gmg -cf ${cfg.configFile} dbupdate |
187 | ''; | 191 | ''; |
188 | 192 | ||
@@ -229,16 +233,5 @@ in | |||
229 | 233 | ||
230 | unitConfig.RequiresMountsFor = cfg.dataDir; | 234 | unitConfig.RequiresMountsFor = cfg.dataDir; |
231 | }; | 235 | }; |
232 | |||
233 | system.activationScripts.mediagoblin = { | ||
234 | deps = [ "users" ]; | ||
235 | text = '' | ||
236 | if [ -d ${cfg.dataDir}/plugin_static/ ]; then | ||
237 | rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth | ||
238 | ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth | ||
239 | fi | ||
240 | ''; | ||
241 | }; | ||
242 | |||
243 | }; | 236 | }; |
244 | } | 237 | } |
diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix index 7c96076..89dcc67 100644 --- a/modules/webapps/peertube.nix +++ b/modules/webapps/peertube.nix | |||
@@ -39,6 +39,17 @@ in | |||
39 | Peertube package to use. | 39 | Peertube package to use. |
40 | ''; | 40 | ''; |
41 | }; | 41 | }; |
42 | # Output variables | ||
43 | systemdStateDirectory = lib.mkOption { | ||
44 | type = lib.types.str; | ||
45 | # Use ReadWritePaths= instead if varDir is outside of /var/lib | ||
46 | default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir; | ||
47 | lib.strings.removePrefix "/var/lib/" cfg.dataDir; | ||
48 | description = '' | ||
49 | Adjusted Peertube data directory for systemd | ||
50 | ''; | ||
51 | readOnly = true; | ||
52 | }; | ||
42 | }; | 53 | }; |
43 | 54 | ||
44 | config = lib.mkIf cfg.enable { | 55 | config = lib.mkIf cfg.enable { |
@@ -68,6 +79,8 @@ in | |||
68 | path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; | 79 | path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; |
69 | 80 | ||
70 | script = '' | 81 | script = '' |
82 | install -m 0750 -d ${cfg.dataDir}/config | ||
83 | ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml | ||
71 | exec npm run start | 84 | exec npm run start |
72 | ''; | 85 | ''; |
73 | 86 | ||
@@ -75,6 +88,8 @@ in | |||
75 | User = cfg.user; | 88 | User = cfg.user; |
76 | Group = cfg.group; | 89 | Group = cfg.group; |
77 | WorkingDirectory = cfg.package; | 90 | WorkingDirectory = cfg.package; |
91 | StateDirectory = cfg.systemdStateDirectory; | ||
92 | StateDirectoryMode = 0750; | ||
78 | PrivateTmp = true; | 93 | PrivateTmp = true; |
79 | ProtectHome = true; | 94 | ProtectHome = true; |
80 | ProtectControlGroups = true; | 95 | ProtectControlGroups = true; |
@@ -85,16 +100,6 @@ in | |||
85 | 100 | ||
86 | unitConfig.RequiresMountsFor = cfg.dataDir; | 101 | unitConfig.RequiresMountsFor = cfg.dataDir; |
87 | }; | 102 | }; |
88 | |||
89 | system.activationScripts.peertube = { | ||
90 | deps = [ "users" ]; | ||
91 | text = '' | ||
92 | install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir} | ||
93 | install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config | ||
94 | ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml | ||
95 | ''; | ||
96 | }; | ||
97 | |||
98 | }; | 103 | }; |
99 | } | 104 | } |
100 | 105 | ||
diff --git a/modules/webapps/webstats/default.nix b/modules/webapps/webstats/default.nix index f4916bd..feff951 100644 --- a/modules/webapps/webstats/default.nix +++ b/modules/webapps/webstats/default.nix | |||
@@ -58,6 +58,7 @@ in { | |||
58 | TMPFILE=$(mktemp) | 58 | TMPFILE=$(mktemp) |
59 | trap "rm -f $TMPFILE" EXIT | 59 | trap "rm -f $TMPFILE" EXIT |
60 | 60 | ||
61 | mkdir -p ${cfg.dataDir}/${domain} | ||
61 | cat /var/log/httpd/access_log-${domain} | sed -n "/\\[$date_regex/ p" > $TMPFILE | 62 | cat /var/log/httpd/access_log-${domain} | sed -n "/\\[$date_regex/ p" > $TMPFILE |
62 | for i in /var/log/httpd/access_log-${domain}*.gz; do | 63 | for i in /var/log/httpd/access_log-${domain}*.gz; do |
63 | zcat "$i" | sed -n "/\\[$date_regex/ p" >> $TMPFILE | 64 | zcat "$i" | sed -n "/\\[$date_regex/ p" >> $TMPFILE |
@@ -68,6 +69,7 @@ in { | |||
68 | allStats = sites: pkgs.writeScript "stats" '' | 69 | allStats = sites: pkgs.writeScript "stats" '' |
69 | #!${pkgs.stdenv.shell} | 70 | #!${pkgs.stdenv.shell} |
70 | 71 | ||
72 | mkdir -p ${cfg.dataDir} | ||
71 | ${builtins.concatStringsSep "\n" (map (v: stats v.name v.conf) sites)} | 73 | ${builtins.concatStringsSep "\n" (map (v: stats v.name v.conf) sites)} |
72 | ''; | 74 | ''; |
73 | in | 75 | in |
@@ -75,10 +77,5 @@ in { | |||
75 | "5 0 * * * root ${allStats cfg.sites}" | 77 | "5 0 * * * root ${allStats cfg.sites}" |
76 | ]; | 78 | ]; |
77 | }; | 79 | }; |
78 | |||
79 | system.activationScripts.goaccess = '' | ||
80 | mkdir -p /var/lib/goaccess | ||
81 | '' + | ||
82 | builtins.concatStringsSep "\n" (map (v: "mkdir -p ${cfg.dataDir}/${v.name}") cfg.sites); | ||
83 | }; | 80 | }; |
84 | } | 81 | } |