diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-11-26 06:01:19 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-11-26 06:01:19 +0000 |
commit | 4069806fb6f0e457266dc1cd4de2dfb4989f9197 (patch) | |
tree | 31957584464a8f9175b183bd89f50c26fc5578d7 /nixos | |
parent | dc40324f5959753fee712e78e1a43c2275c6e759 (diff) | |
parent | b6eefb4ac4b96a81d6c63027f2ea7a40ebe3559d (diff) | |
download | nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar.gz nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar.bz2 nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar.lz nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar.xz nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.tar.zst nixlib-4069806fb6f0e457266dc1cd4de2dfb4989f9197.zip |
Merge staging-next into staging
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2311.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/preload.nix | 31 | ||||
-rw-r--r-- | nixos/modules/services/search/sonic-server.nix | 77 | ||||
-rw-r--r-- | nixos/tests/all-tests.nix | 1 | ||||
-rw-r--r-- | nixos/tests/gvisor.nix | 36 | ||||
-rw-r--r-- | nixos/tests/sonic-server.nix | 22 |
7 files changed, 150 insertions, 21 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index bb2e8e1d10fc..46ba82a55d71 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -150,6 +150,8 @@ - [c2FmZQ](https://github.com/c2FmZQ/c2FmZQ/), an application that can securely encrypt, store, and share files, including but not limited to pictures and videos. Available as [services.c2fmzq-server](#opt-services.c2fmzq-server.enable). +- [preload](http://sourceforge.net/projects/preload), a service that makes applications run faster by prefetching binaries and shared objects. Available as [services.preload](#opt-services.preload.enable). + ## Backward Incompatibilities {#sec-release-23.11-incompatibilities} - `services.postgresql.ensurePermissions` has been deprecated in favor of `services.postgresql.ensureUsers.*.ensureDBOwnership` which simplifies the setup of database owned by a certain system user diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 2e2b94e5a97b..3017857ec645 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -723,6 +723,7 @@ ./services/misc/podgrab.nix ./services/misc/polaris.nix ./services/misc/portunus.nix + ./services/misc/preload.nix ./services/misc/prowlarr.nix ./services/misc/pufferpanel.nix ./services/misc/pykms.nix @@ -1153,6 +1154,7 @@ ./services/search/meilisearch.nix ./services/search/opensearch.nix ./services/search/qdrant.nix + ./services/search/sonic-server.nix ./services/search/typesense.nix ./services/security/aesmd.nix ./services/security/authelia.nix diff --git a/nixos/modules/services/misc/preload.nix b/nixos/modules/services/misc/preload.nix new file mode 100644 index 000000000000..19b2531087dd --- /dev/null +++ b/nixos/modules/services/misc/preload.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.preload; +in { + meta = { maintainers = pkgs.preload.meta.maintainers; }; + + options.services.preload = { + enable = mkEnableOption "preload"; + package = mkPackageOption pkgs "preload" { }; + }; + + config = mkIf cfg.enable { + systemd.services.preload = { + description = "Loads data into ram during idle time of CPU."; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + EnvironmentFile = "${cfg.package}/etc/conf.d/preload"; + ExecStart = "${getExe cfg.package} --foreground $PRELOAD_OPTS"; + Type = "simple"; + # Only preload data during CPU idle time + IOSchedulingClass = 3; + DynamicUser = true; + StateDirectory = "preload"; + }; + }; + }; +} diff --git a/nixos/modules/services/search/sonic-server.nix b/nixos/modules/services/search/sonic-server.nix new file mode 100644 index 000000000000..ac186260fa97 --- /dev/null +++ b/nixos/modules/services/search/sonic-server.nix @@ -0,0 +1,77 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.services.sonic-server; + + settingsFormat = pkgs.formats.toml { }; + configFile = settingsFormat.generate "sonic-server-config.toml" cfg.settings; + +in { + meta.maintainers = [ lib.maintainers.anthonyroussel ]; + + options = { + services.sonic-server = { + enable = lib.mkEnableOption (lib.mdDoc "Sonic Search Index"); + + package = lib.mkPackageOptionMD pkgs "sonic-server" { }; + + settings = lib.mkOption { + type = lib.types.submodule { freeformType = settingsFormat.type; }; + default = { + store.kv.path = "/var/lib/sonic/kv"; + store.fst.path = "/var/lib/sonic/fst"; + }; + example = { + server.log_level = "debug"; + channel.inet = "[::1]:1491"; + }; + description = lib.mdDoc '' + Sonic Server configuration options. + + Refer to + <https://github.com/valeriansaliou/sonic/blob/master/CONFIGURATION.md> + for a full list of available options. + ''; + }; + }; + }; + + config = lib.mkIf cfg.enable { + services.sonic-server.settings = lib.mapAttrs (name: lib.mkDefault) { + server = {}; + channel.search = {}; + store = { + kv = { + path = "/var/lib/sonic/kv"; + database = {}; + pool = {}; + }; + fst = { + path = "/var/lib/sonic/fst"; + graph = {}; + pool = {}; + }; + }; + }; + + systemd.services.sonic-server = { + description = "Sonic Search Index"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + Type = "simple"; + + ExecStart = "${lib.getExe cfg.package} -c ${configFile}"; + DynamicUser = true; + Group = "sonic"; + LimitNOFILE = "infinity"; + Restart = "on-failure"; + StateDirectory = "sonic"; + StateDirectoryMode = "750"; + User = "sonic"; + }; + }; + }; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index dba394a91d64..1e11cc220805 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -766,6 +766,7 @@ in { sogo = handleTest ./sogo.nix {}; solanum = handleTest ./solanum.nix {}; sonarr = handleTest ./sonarr.nix {}; + sonic-server = handleTest ./sonic-server.nix {}; sourcehut = handleTest ./sourcehut.nix {}; spacecookie = handleTest ./spacecookie.nix {}; spark = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./spark {}; diff --git a/nixos/tests/gvisor.nix b/nixos/tests/gvisor.nix index 77ff29341bed..7f130b709fc9 100644 --- a/nixos/tests/gvisor.nix +++ b/nixos/tests/gvisor.nix @@ -1,6 +1,6 @@ # This test runs a container through gvisor and checks if simple container starts -import ./make-test-python.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ... }: { name = "gvisor"; meta = with pkgs.lib.maintainers; { maintainers = [ andrew-d ]; @@ -9,21 +9,21 @@ import ./make-test-python.nix ({ pkgs, ...} : { nodes = { gvisor = { pkgs, ... }: - { - virtualisation.docker = { - enable = true; - extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc"; - }; + { + virtualisation.docker = { + enable = true; + extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc"; + }; - networking = { - dhcpcd.enable = false; - defaultGateway = "192.168.1.1"; - interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ - { address = "192.168.1.2"; prefixLength = 24; } - ]; - }; + networking = { + dhcpcd.enable = false; + defaultGateway = "192.168.1.1"; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = "192.168.1.2"; prefixLength = 24; } + ]; }; - }; + }; + }; testScript = '' start_all() @@ -31,13 +31,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { gvisor.wait_for_unit("network.target") gvisor.wait_for_unit("sockets.target") - # Start by verifying that gvisor itself works - output = gvisor.succeed( - "${pkgs.gvisor}/bin/runsc -alsologtostderr do ${pkgs.coreutils}/bin/echo hello world" - ) - assert output.strip() == "hello world" - - # Also test the Docker runtime + # Test the Docker runtime gvisor.succeed("tar cv --files-from /dev/null | docker import - scratchimg") gvisor.succeed( "docker run -d --name=sleeping --runtime=runsc -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" diff --git a/nixos/tests/sonic-server.nix b/nixos/tests/sonic-server.nix new file mode 100644 index 000000000000..bb98047619b2 --- /dev/null +++ b/nixos/tests/sonic-server.nix @@ -0,0 +1,22 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: { + name = "sonic-server"; + + meta = { + maintainers = with lib.maintainers; [ anthonyroussel ]; + }; + + nodes.machine = { pkgs, ... }: { + services.sonic-server.enable = true; + }; + + testScript = '' + machine.start() + + machine.wait_for_unit("sonic-server.service") + machine.wait_for_open_port(1491) + + with subtest("Check control mode"): + result = machine.succeed('(echo START control; sleep 1; echo PING; echo QUIT) | nc localhost 1491').splitlines() + assert result[2] == "PONG", f"expected 'PONG', got '{result[2]}'" + ''; +}) |