diff options
author | Peter Hoeg <peter@speartail.com> | 2016-09-26 15:40:21 +0800 |
---|---|---|
committer | Jörg Thalheim <joerg@higgsboson.tk> | 2016-10-19 21:20:57 +0200 |
commit | 1026bebee61a1664605cf58136164e47478bc2f3 (patch) | |
tree | 5637431b6ffbf71ea8e0fef698e7f56a42de04b6 | |
parent | dac481d9991ef2de20c3c45772c8e5dbdaa581fa (diff) | |
download | nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar.gz nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar.bz2 nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar.lz nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar.xz nixlib-1026bebee61a1664605cf58136164e47478bc2f3.tar.zst nixlib-1026bebee61a1664605cf58136164e47478bc2f3.zip |
syncthing: use service files from upstream
Currently only for the user services as NixOS handles the named system instances slightly differently. syncthing and syncthing-inotify are done the same way. There are 4 parts to this: 1) Copy in the upstream unit files 2) Make the nixos module use the definition from upstream 3) Enable restarting of all instances (system and user) on resume 4) Allow the traffic in the firewall on default ports if wanted fixes #18973
-rw-r--r-- | nixos/modules/services/networking/syncthing.nix | 115 | ||||
-rw-r--r-- | pkgs/applications/networking/syncthing/default.nix | 19 | ||||
-rw-r--r-- | pkgs/applications/networking/syncthing/inotify.nix | 21 |
3 files changed, 85 insertions, 70 deletions
diff --git a/nixos/modules/services/networking/syncthing.nix b/nixos/modules/services/networking/syncthing.nix index 8a430734319b..dcdc203bdc62 100644 --- a/nixos/modules/services/networking/syncthing.nix +++ b/nixos/modules/services/networking/syncthing.nix @@ -3,46 +3,11 @@ with lib; let - cfg = config.services.syncthing; defaultUser = "syncthing"; - - header = { - description = "Syncthing service"; - after = [ "network.target" ]; - environment = { - STNORESTART = "yes"; - STNOUPGRADE = "yes"; - inherit (cfg) all_proxy; - } // config.networking.proxy.envVars; - }; - - service = { - Restart = "on-failure"; - SuccessExitStatus = "2 3 4"; - RestartForceExitStatus="3 4"; - }; - - iNotifyHeader = { - description = "Syncthing Inotify File Watcher service"; - after = [ "network.target" "syncthing.service" ]; - requires = [ "syncthing.service" ]; - }; - - iNotifyService = { - SuccessExitStatus = "2"; - RestartForceExitStatus = "3"; - Restart = "on-failure"; - }; - -in - -{ - +in { ###### interface - options = { - services.syncthing = { enable = mkEnableOption '' @@ -100,6 +65,19 @@ in ''; }; + openDefaultPorts = mkOption { + type = types.bool; + default = false; + example = literalExample "true"; + description = '' + Open the default ports in the firewall: + - TCP 22000 for transfers + - UDP 21027 for discovery + If multiple users are running syncthing on this machine, you will need to manually open a set of ports for each instance and leave this disabled. + Alternatively, if are running only a single instance on this machine using the default ports, enable this. + ''; + }; + package = mkOption { type = types.package; default = pkgs.syncthing; @@ -117,6 +95,14 @@ in config = mkIf cfg.enable { + networking.firewall = mkIf cfg.openDefaultPorts { + allowedTCPPorts = [ 22000 ]; + allowedUDPPorts = [ 21027 ]; + }; + + systemd.packages = [ pkgs.syncthing ] + ++ lib.optional cfg.useInotify pkgs.syncthing-inotify; + users = mkIf (cfg.user == defaultUser) { extraUsers."${defaultUser}" = { group = cfg.group; @@ -131,39 +117,44 @@ in }; systemd.services = { - syncthing = mkIf cfg.systemService (header // { - wants = mkIf cfg.useInotify [ "syncthing-inotify.service" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = service // { - User = cfg.user; - Group = cfg.group; - PermissionsStartOnly = true; - ExecStart = "${cfg.package}/bin/syncthing -no-browser -home=${cfg.dataDir}"; - }; - }); - - syncthing-inotify = mkIf (cfg.systemService && cfg.useInotify) (iNotifyHeader // { + syncthing = mkIf cfg.systemService { + description = "Syncthing service"; + after = [ "network.target" ]; + environment = { + STNORESTART = "yes"; + STNOUPGRADE = "yes"; + inherit (cfg) all_proxy; + } // config.networking.proxy.envVars; + wants = mkIf cfg.useInotify [ "syncthing-inotify.service" ]; wantedBy = [ "multi-user.target" ]; - serviceConfig = iNotifyService // { + serviceConfig = { + Restart = "on-failure"; + SuccessExitStatus = "2 3 4"; + RestartForceExitStatus="3 4"; User = cfg.user; - ExecStart = "${pkgs.syncthing-inotify.bin}/bin/syncthing-inotify -home=${cfg.dataDir} -logflags=0"; + Group = cfg.group; + PermissionsStartOnly = true; + ExecStart = "${cfg.package}/bin/syncthing -no-browser -home=${cfg.dataDir}"; }; - }); - }; + }; - systemd.user.services = { - syncthing = header // { - serviceConfig = service // { - ExecStart = "${cfg.package}/bin/syncthing -no-browser"; - }; + syncthing-resume = { + wantedBy = [ "suspend.target" ]; }; - syncthing-inotify = mkIf cfg.useInotify (iNotifyHeader // { - serviceConfig = iNotifyService // { - ExecStart = "${pkgs.syncthing-inotify.bin}/bin/syncthing-inotify -logflags=0"; + syncthing-inotify = mkIf (cfg.systemService && cfg.useInotify) { + description = "Syncthing Inotify File Watcher service"; + after = [ "network.target" "syncthing.service" ]; + requires = [ "syncthing.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + SuccessExitStatus = "2"; + RestartForceExitStatus = "3"; + Restart = "on-failure"; + User = cfg.user; + ExecStart = "${pkgs.syncthing-inotify.bin}/bin/syncthing-inotify -home=${cfg.dataDir} -logflags=0"; }; - }); + }; }; - }; } diff --git a/pkgs/applications/networking/syncthing/default.nix b/pkgs/applications/networking/syncthing/default.nix index 3d8733635ee0..d7918b3b9120 100644 --- a/pkgs/applications/networking/syncthing/default.nix +++ b/pkgs/applications/networking/syncthing/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, go }: +{ stdenv, lib, fetchFromGitHub, go, pkgs }: stdenv.mkDerivation rec { version = "0.14.8"; @@ -25,11 +25,24 @@ stdenv.mkDerivation rec { ''; installPhase = '' - mkdir -p $out/bin + mkdir -p $out/bin $out/etc/systemd/{system,user} + cp bin/* $out/bin + '' + lib.optionalString (stdenv.isLinux) '' + substitute etc/linux-systemd/system/syncthing-resume.service \ + $out/etc/systemd/system/syncthing-resume.service \ + --replace /usr/bin/pkill ${pkgs.procps}/bin/pkill + + substitute etc/linux-systemd/system/syncthing@.service \ + $out/etc/systemd/system/syncthing@.service \ + --replace /usr/bin/syncthing $out/bin/syncthing + + substitute etc/linux-systemd/user/syncthing.service \ + $out/etc/systemd/user/syncthing.service \ + --replace /usr/bin/syncthing $out/bin/syncthing ''; - meta = { + meta = with stdenv.lib; { homepage = https://www.syncthing.net/; description = "Open Source Continuous File Synchronization"; license = stdenv.lib.licenses.mpl20; diff --git a/pkgs/applications/networking/syncthing/inotify.nix b/pkgs/applications/networking/syncthing/inotify.nix index ea8d73cb8639..f1343d4a67ed 100644 --- a/pkgs/applications/networking/syncthing/inotify.nix +++ b/pkgs/applications/networking/syncthing/inotify.nix @@ -15,12 +15,23 @@ buildGoPackage rec { goDeps = ./inotify-deps.nix; - meta = { + postInstall = '' + mkdir -p $bin/etc/systemd/{system,user} + + substitute $src/etc/linux-systemd/system/syncthing-inotify@.service \ + $bin/etc/systemd/system/syncthing-inotify@.service \ + --replace /usr/bin/syncthing-inotify $bin/bin/syncthing-inotify + + substitute $src/etc/linux-systemd/user/syncthing-inotify.service \ + $bin/etc/systemd/user/syncthing-inotify.service \ + --replace /usr/bin/syncthing-inotify $bin/bin/syncthing-inotify + ''; + + meta = with stdenv.lib; { homepage = https://github.com/syncthing/syncthing-inotify; description = "File watcher intended for use with Syncthing"; - license = stdenv.lib.licenses.mpl20; - maintainers = with stdenv.lib.maintainers; [ joko ]; - platforms = with stdenv.lib.platforms; linux ++ freebsd ++ openbsd ++ netbsd; + license = licenses.mpl20; + maintainers = with maintainers; [ joko peterhoeg ]; + platforms = platforms.unix; }; - } |