Prepare upgrade to nixos 20.03

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-04-04 03:18:40 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2020-04-25 00:04:53 +0200
commit: 27794e1507ab5bd4b0f31278cf8049854790e4a7 (patch)
tree: 99dfc96ea31dfa4a5b3995edeac1e4aa9aa37f70 /modules/websites/httpd-service-builder.patch
parent: 72300eb8116c960935a462564d96db6fac355bca (diff)
download: NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.tar.gz
NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.tar.zst
NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.zip
1 files changed, 150 insertions, 0 deletions
diff --git a/modules/websites/httpd-service-builder.patch b/modules/websites/httpd-service-builder.patch
new file mode 100644
index 00000000..f0ad8366
--- /dev/null
+++ b/modules/websites/httpd-service-builder.patch
@@ -0,0 +1,150 @@
+--- /nix/store/xj651aslybfsma20hpbi5nznfcffq8ky-nixexprs.tar.xz/nixos/modules/services/web-servers/apache-httpd/default.nix     1970-01-01 01:00:01.000000000 +0100
+++ modules/websites/httpd-service-builder.nix  2020-04-04 03:08:29.068490345 +0200
+@@ -1,12 +1,15 @@
+# to help backporting this builder should stay as close as possible to
+# nixos/modules/services/web-servers/apache-httpd/default.nix
+{ httpdName, withUsers ? true }:
+ { config, lib, pkgs, ... }:
+ 
+ with lib;
+ 
+ let
+ 
+-  cfg = config.services.httpd;
+  cfg = config.services.httpd."${httpdName}";
+ 
+-  runtimeDir = "/run/httpd";
+  runtimeDir = "/run/httpd_${httpdName}";
+ 
+   pkg = cfg.package.out;
+ 
+@@ -318,13 +321,6 @@
+         Require all denied
+     </Directory>
+ 
+-    # But do allow access to files in the store so that we don't have
+-    # to generate <Directory> clauses for every generated file that we
+-    # want to serve.
+-    <Directory /nix/store>
+-        Require all granted
+-    </Directory>
+-
+     ${cfg.extraConfig}
+ 
+     ${concatMapStringsSep "\n" mkVHostConf vhosts}
+@@ -347,30 +343,30 @@
+ {
+ 
+   imports = [
+-    (mkRemovedOptionModule [ "services" "httpd" "extraSubservices" ] "Most existing subservices have been ported to the NixOS module system. Please update your configuration accordingly.")
+-    (mkRemovedOptionModule [ "services" "httpd" "stateDir" ] "The httpd module now uses /run/httpd as a runtime directory.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "extraSubservices" ] "Most existing subservices have been ported to the NixOS module system. Please update your configuration accordingly.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "stateDir" ] "The httpd module now uses /run/httpd as a runtime directory.")
+ 
+     # virtualHosts options
+-    (mkRemovedOptionModule [ "services" "httpd" "documentRoot" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "enableSSL" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "enableUserDir" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "globalRedirect" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "hostName" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "listen" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "robotsEntries" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "servedDirs" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "servedFiles" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "serverAliases" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "sslServerCert" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "sslServerChain" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+-    (mkRemovedOptionModule [ "services" "httpd" "sslServerKey" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "documentRoot" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "enableSSL" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "enableUserDir" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "globalRedirect" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "hostName" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "listen" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "robotsEntries" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "servedDirs" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "servedFiles" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "serverAliases" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerCert" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerChain" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+    (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerKey" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
+   ];
+ 
+   # interface
+ 
+   options = {
+ 
+-    services.httpd = {
+    services.httpd."${httpdName}" = {
+ 
+       enable = mkEnableOption "the Apache HTTP Server";
+ 
+@@ -622,7 +618,7 @@
+         Using config.services.httpd.virtualHosts."${name}".servedFiles is deprecated and will become unsupported in a future release. Your configuration will continue to work as is but please migrate your configuration to config.services.httpd.virtualHosts."${name}".locations before the 20.09 release of NixOS.
+       '') (filterAttrs (name: hostOpts: hostOpts.servedFiles != []) cfg.virtualHosts);
+ 
+-    users.users = optionalAttrs (cfg.user == "wwwrun") {
+    users.users = optionalAttrs (withUsers && cfg.user == "wwwrun") {
+       wwwrun = {
+         group = cfg.group;
+         description = "Apache httpd user";
+@@ -630,7 +626,7 @@
+       };
+     };
+ 
+-    users.groups = optionalAttrs (cfg.group == "wwwrun") {
+    users.groups = optionalAttrs (withUsers && cfg.group == "wwwrun") {
+       wwwrun.gid = config.ids.gids.wwwrun;
+     };
+ 
+@@ -646,9 +642,9 @@
+     environment.systemPackages = [ pkg ];
+ 
+     # required for "apachectl configtest"
+-    environment.etc."httpd/httpd.conf".source = httpdConf;
+    environment.etc."httpd/httpd_${httpdName}.conf".source = httpdConf;
+ 
+-    services.httpd.phpOptions =
+    services.httpd."${httpdName}" = { phpOptions =
+       ''
+         ; Needed for PHP's mail() function.
+         sendmail_path = sendmail -t -i
+@@ -661,7 +657,7 @@
+         date.timezone = "${config.time.timeZone}"
+       '';
+ 
+-    services.httpd.extraModules = mkBefore [
+    extraModules = mkBefore [
+       # HTTP authentication mechanisms: basic and digest.
+       "auth_basic" "auth_digest"
+ 
+@@ -682,17 +678,18 @@
+       # For compatibility with old configurations, the new module mod_access_compat is provided.
+       "access_compat"
+     ];
+    };
+ 
+     systemd.tmpfiles.rules =
+       let
+-        svc = config.systemd.services.httpd.serviceConfig;
+        svc = config.systemd.services."httpd${httpdName}".serviceConfig;
+       in
+         [
+           "d '${cfg.logDir}' 0700 ${svc.User} ${svc.Group}"
+           "Z '${cfg.logDir}' - ${svc.User} ${svc.Group}"
+         ];
+ 
+-    systemd.services.httpd =
+    systemd.services."httpd${httpdName}" =
+       let
+         vhostsACME = filter (hostOpts: hostOpts.enableACME) vhosts;
+       in
+@@ -730,7 +727,7 @@
+           PIDFile = "${runtimeDir}/httpd.pid";
+           Restart = "always";
+           RestartSec = "5s";
+-          RuntimeDirectory = "httpd httpd/runtime";
+          RuntimeDirectory = "httpd_${httpdName} httpd_${httpdName}/runtime";
+           RuntimeDirectoryMode = "0750";
+         };
+       };
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-04-04 03:18:40 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2020-04-25 00:04:53 +0200
commit	27794e1507ab5bd4b0f31278cf8049854790e4a7 (patch)
tree	99dfc96ea31dfa4a5b3995edeac1e4aa9aa37f70 /modules/websites/httpd-service-builder.patch
parent	72300eb8116c960935a462564d96db6fac355bca (diff)
download	NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.tar.gz NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.tar.zst NUR-27794e1507ab5bd4b0f31278cf8049854790e4a7.zip

diff --git a/modules/websites/httpd-service-builder.patch b/modules/websites/httpd-service-builder.patch new file mode 100644 index 00000000..f0ad8366 --- /dev/null +++ b/modules/websites/httpd-service-builder.patch
@@ -0,0 +1,150 @@
	1	--- /nix/store/xj651aslybfsma20hpbi5nznfcffq8ky-nixexprs.tar.xz/nixos/modules/services/web-servers/apache-httpd/default.nix 1970-01-01 01:00:01.000000000 +0100
	2	+++ modules/websites/httpd-service-builder.nix 2020-04-04 03:08:29.068490345 +0200
	3	@@ -1,12 +1,15 @@
	4	+# to help backporting this builder should stay as close as possible to
	5	+# nixos/modules/services/web-servers/apache-httpd/default.nix
	6	+{ httpdName, withUsers ? true }:
	7	{ config, lib, pkgs, ... }:
	8
	9	with lib;
	10
	11	let
	12
	13	- cfg = config.services.httpd;
	14	+ cfg = config.services.httpd."${httpdName}";
	15
	16	- runtimeDir = "/run/httpd";
	17	+ runtimeDir = "/run/httpd_${httpdName}";
	18
	19	pkg = cfg.package.out;
	20
	21	@@ -318,13 +321,6 @@
	22	Require all denied
	23	</Directory>
	24
	25	- # But do allow access to files in the store so that we don't have
	26	- # to generate <Directory> clauses for every generated file that we
	27	- # want to serve.
	28	- <Directory /nix/store>
	29	- Require all granted
	30	- </Directory>
	31	-
	32	${cfg.extraConfig}
	33
	34	${concatMapStringsSep "\n" mkVHostConf vhosts}
	35	@@ -347,30 +343,30 @@
	36	{
	37
	38	imports = [
	39	- (mkRemovedOptionModule [ "services" "httpd" "extraSubservices" ] "Most existing subservices have been ported to the NixOS module system. Please update your configuration accordingly.")
	40	- (mkRemovedOptionModule [ "services" "httpd" "stateDir" ] "The httpd module now uses /run/httpd as a runtime directory.")
	41	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "extraSubservices" ] "Most existing subservices have been ported to the NixOS module system. Please update your configuration accordingly.")
	42	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "stateDir" ] "The httpd module now uses /run/httpd as a runtime directory.")
	43
	44	# virtualHosts options
	45	- (mkRemovedOptionModule [ "services" "httpd" "documentRoot" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	46	- (mkRemovedOptionModule [ "services" "httpd" "enableSSL" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	47	- (mkRemovedOptionModule [ "services" "httpd" "enableUserDir" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	48	- (mkRemovedOptionModule [ "services" "httpd" "globalRedirect" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	49	- (mkRemovedOptionModule [ "services" "httpd" "hostName" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	50	- (mkRemovedOptionModule [ "services" "httpd" "listen" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	51	- (mkRemovedOptionModule [ "services" "httpd" "robotsEntries" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	52	- (mkRemovedOptionModule [ "services" "httpd" "servedDirs" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	53	- (mkRemovedOptionModule [ "services" "httpd" "servedFiles" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	54	- (mkRemovedOptionModule [ "services" "httpd" "serverAliases" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	55	- (mkRemovedOptionModule [ "services" "httpd" "sslServerCert" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	56	- (mkRemovedOptionModule [ "services" "httpd" "sslServerChain" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	57	- (mkRemovedOptionModule [ "services" "httpd" "sslServerKey" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	58	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "documentRoot" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	59	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "enableSSL" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	60	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "enableUserDir" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	61	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "globalRedirect" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	62	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "hostName" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	63	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "listen" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	64	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "robotsEntries" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	65	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "servedDirs" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	66	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "servedFiles" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	67	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "serverAliases" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	68	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerCert" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	69	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerChain" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	70	+ (mkRemovedOptionModule [ "services" "httpd" httpdName "sslServerKey" ] "Please define a virtual host using `services.httpd.virtualHosts`.")
	71	];
	72
	73	# interface
	74
	75	options = {
	76
	77	- services.httpd = {
	78	+ services.httpd."${httpdName}" = {
	79
	80	enable = mkEnableOption "the Apache HTTP Server";
	81
	82	@@ -622,7 +618,7 @@
	83	Using config.services.httpd.virtualHosts."${name}".servedFiles is deprecated and will become unsupported in a future release. Your configuration will continue to work as is but please migrate your configuration to config.services.httpd.virtualHosts."${name}".locations before the 20.09 release of NixOS.
	84	'') (filterAttrs (name: hostOpts: hostOpts.servedFiles != []) cfg.virtualHosts);
	85
	86	- users.users = optionalAttrs (cfg.user == "wwwrun") {
	87	+ users.users = optionalAttrs (withUsers && cfg.user == "wwwrun") {
	88	wwwrun = {
	89	group = cfg.group;
	90	description = "Apache httpd user";
	91	@@ -630,7 +626,7 @@
	92	};
	93	};
	94
	95	- users.groups = optionalAttrs (cfg.group == "wwwrun") {
	96	+ users.groups = optionalAttrs (withUsers && cfg.group == "wwwrun") {
	97	wwwrun.gid = config.ids.gids.wwwrun;
	98	};
	99
	100	@@ -646,9 +642,9 @@
	101	environment.systemPackages = [ pkg ];
	102
	103	# required for "apachectl configtest"
	104	- environment.etc."httpd/httpd.conf".source = httpdConf;
	105	+ environment.etc."httpd/httpd_${httpdName}.conf".source = httpdConf;
	106
	107	- services.httpd.phpOptions =
	108	+ services.httpd."${httpdName}" = { phpOptions =
	109	''
	110	; Needed for PHP's mail() function.
	111	sendmail_path = sendmail -t -i
	112	@@ -661,7 +657,7 @@
	113	date.timezone = "${config.time.timeZone}"
	114	'';
	115
	116	- services.httpd.extraModules = mkBefore [
	117	+ extraModules = mkBefore [
	118	# HTTP authentication mechanisms: basic and digest.
	119	"auth_basic" "auth_digest"
	120
	121	@@ -682,17 +678,18 @@
	122	# For compatibility with old configurations, the new module mod_access_compat is provided.
	123	"access_compat"
	124	];
	125	+ };
	126
	127	systemd.tmpfiles.rules =
	128	let
	129	- svc = config.systemd.services.httpd.serviceConfig;
	130	+ svc = config.systemd.services."httpd${httpdName}".serviceConfig;
	131	in
	132	[
	133	"d '${cfg.logDir}' 0700 ${svc.User} ${svc.Group}"
	134	"Z '${cfg.logDir}' - ${svc.User} ${svc.Group}"
	135	];
	136
	137	- systemd.services.httpd =
	138	+ systemd.services."httpd${httpdName}" =
	139	let
	140	vhostsACME = filter (hostOpts: hostOpts.enableACME) vhosts;
	141	in
	142	@@ -730,7 +727,7 @@
	143	PIDFile = "${runtimeDir}/httpd.pid";
	144	Restart = "always";
	145	RestartSec = "5s";
	146	- RuntimeDirectory = "httpd httpd/runtime";
	147	+ RuntimeDirectory = "httpd_${httpdName} httpd_${httpdName}/runtime";
	148	RuntimeDirectoryMode = "0750";
	149	};
	150	};