Merge pull request #32062 from volth/patch-73

nixos/varnish: check .vcl syntax at compile time
author: Joachim F <joachifm@users.noreply.github.com> 2018-02-20 19:22:28 +0000
committer: GitHub <noreply@github.com> 2018-02-20 19:22:28 +0000
commit: 46afc63b6f968b3322af99b272c8cf1a3b310ffc (patch)
tree: 97e0bac3366c6aa46a7d8eda8944d8dccda3a195 /nixos/modules
parent: b30fae01cddee73473a7b2eca9254b4c755741bd (diff)
parent: bfee33661493df9d995f581ffea542d25ccbbcc9 (diff)
download: nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.gz
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.bz2
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.lz
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.xz
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.zst
nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.zip
1 files changed, 14 insertions, 3 deletions
diff --git a/nixos/modules/services/web-servers/varnish/default.nix b/nixos/modules/services/web-servers/varnish/default.nix
index c3bc065d4651..d63fb954ef96 100644
--- a/nixos/modules/services/web-servers/varnish/default.nix
+++ b/nixos/modules/services/web-servers/varnish/default.nix
@@ -1,9 +1,13 @@
 { config, lib, pkgs, ...}:
+
+with lib;
+
 let
   cfg = config.services.varnish;
 
+  commandLine = "-f ${pkgs.writeText "default.vcl" cfg.config}" +
+      optionalString (cfg.extraModules != []) " -p vmod_path='${makeSearchPathOutput "lib" "lib/varnish/vmods" ([pkgs.varnish] ++ cfg.extraModules)}' -r vmod_path";
 in
-with lib;
 {
   options = {
     services.varnish = {
@@ -69,8 +73,7 @@ with lib;
       serviceConfig = {
         Type = "simple";
         PermissionsStartOnly = true;
-        ExecStart = "${pkgs.varnish}/sbin/varnishd -a ${cfg.http_address} -f ${pkgs.writeText "default.vcl" cfg.config} -n ${cfg.stateDir} -F ${cfg.extraCommandLine}"
-          + optionalString (cfg.extraModules != []) " -p vmod_path='${makeSearchPathOutput "lib" "lib/varnish/vmods" ([pkgs.varnish] ++ cfg.extraModules)}' -r vmod_path";
+        ExecStart = "${pkgs.varnish}/sbin/varnishd -a ${cfg.http_address} -n ${cfg.stateDir} -F ${cfg.extraCommandLine} ${commandLine}";
         Restart = "always";
         RestartSec = "5s";
         User = "varnish";
@@ -83,6 +86,14 @@ with lib;
 
     environment.systemPackages = [ pkgs.varnish ];
 
+    # check .vcl syntax at compile time (e.g. before nixops deployment)
+    system.extraDependencies = [
+      (pkgs.stdenv.mkDerivation {
+        name = "check-varnish-syntax";
+        buildCommand = "${pkgs.varnish}/sbin/varnishd -C ${commandLine} 2> $out";
+      })
+    ];
+
     users.extraUsers.varnish = {
       group = "varnish";
       uid = config.ids.uids.varnish;
author	Joachim F <joachifm@users.noreply.github.com>	2018-02-20 19:22:28 +0000
committer	GitHub <noreply@github.com>	2018-02-20 19:22:28 +0000
commit	46afc63b6f968b3322af99b272c8cf1a3b310ffc (patch)
tree	97e0bac3366c6aa46a7d8eda8944d8dccda3a195 /nixos/modules
parent	b30fae01cddee73473a7b2eca9254b4c755741bd (diff)
parent	bfee33661493df9d995f581ffea542d25ccbbcc9 (diff)
download	nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.gz nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.bz2 nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.lz nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.xz nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.tar.zst nixlib-46afc63b6f968b3322af99b272c8cf1a3b310ffc.zip