diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-02-18 01:12:31 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-02-18 01:12:31 +0000 |
commit | 50053cda79099c9a0b2a7803aef61f730a54848f (patch) | |
tree | 6413bbed5cbdd3f58d26d54cbf1b37d54a8c3a22 /nixpkgs/nixos/modules | |
parent | 7fbd32a525182f2089e1098723219a1a4ef264bb (diff) | |
parent | 36f316007494c388df1fec434c1e658542e3c3cc (diff) | |
download | nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar.gz nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar.bz2 nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar.lz nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar.xz nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.tar.zst nixlib-50053cda79099c9a0b2a7803aef61f730a54848f.zip |
Merge commit '36f316007494c388df1fec434c1e658542e3c3cc'
Diffstat (limited to 'nixpkgs/nixos/modules')
3 files changed, 57 insertions, 27 deletions
diff --git a/nixpkgs/nixos/modules/installer/tools/nixos-generate-config.pl b/nixpkgs/nixos/modules/installer/tools/nixos-generate-config.pl index 3bcf90258d79..686204ee0342 100644 --- a/nixpkgs/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixpkgs/nixos/modules/installer/tools/nixos-generate-config.pl @@ -641,7 +641,6 @@ $bootLoaderConfig # Define a user account. Don't forget to set a password with ‘passwd’. # users.users.jane = { # isNormalUser = true; - # uid = 1000; # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. # }; diff --git a/nixpkgs/nixos/modules/services/networking/teamspeak3.nix b/nixpkgs/nixos/modules/services/networking/teamspeak3.nix index 410d650b1f64..9ea9c83e37cd 100644 --- a/nixpkgs/nixos/modules/services/networking/teamspeak3.nix +++ b/nixpkgs/nixos/modules/services/networking/teamspeak3.nix @@ -41,8 +41,9 @@ in }; voiceIP = mkOption { - type = types.str; - default = "0.0.0.0"; + type = types.nullOr types.str; + default = null; + example = "0.0.0.0"; description = '' IP on which the server instance will listen for incoming voice connections. Defaults to any IP. ''; @@ -57,8 +58,9 @@ in }; fileTransferIP = mkOption { - type = types.str; - default = "0.0.0.0"; + type = types.nullOr types.str; + default = null; + example = "0.0.0.0"; description = '' IP on which the server instance will listen for incoming file transfer connections. Defaults to any IP. ''; @@ -73,8 +75,9 @@ in }; queryIP = mkOption { - type = types.str; - default = "0.0.0.0"; + type = types.nullOr types.str; + default = null; + example = "0.0.0.0"; description = '' IP on which the server instance will listen for incoming ServerQuery connections. Defaults to any IP. ''; @@ -122,9 +125,12 @@ in ExecStart = '' ${ts3}/bin/ts3server \ dbsqlpath=${ts3}/lib/teamspeak/sql/ logpath=${cfg.logPath} \ - voice_ip=${cfg.voiceIP} default_voice_port=${toString cfg.defaultVoicePort} \ - filetransfer_ip=${cfg.fileTransferIP} filetransfer_port=${toString cfg.fileTransferPort} \ - query_ip=${cfg.queryIP} query_port=${toString cfg.queryPort} license_accepted=1 + ${optionalString (cfg.voiceIP != null) "voice_ip=${cfg.voiceIP}"} \ + default_voice_port=${toString cfg.defaultVoicePort} \ + ${optionalString (cfg.fileTransferIP != null) "filetransfer_ip=${cfg.fileTransferIP}"} \ + filetransfer_port=${toString cfg.fileTransferPort} \ + ${optionalString (cfg.queryIP != null) "query_ip=${cfg.queryIP}"} \ + query_port=${toString cfg.queryPort} license_accepted=1 ''; WorkingDirectory = cfg.dataDir; User = user; diff --git a/nixpkgs/nixos/modules/services/web-apps/tt-rss.nix b/nixpkgs/nixos/modules/services/web-apps/tt-rss.nix index 90b35d19ea11..e043ce4b5812 100644 --- a/nixpkgs/nixos/modules/services/web-apps/tt-rss.nix +++ b/nixpkgs/nixos/modules/services/web-apps/tt-rss.nix @@ -34,7 +34,14 @@ let define('DB_HOST', '${optionalString (cfg.database.host != null) cfg.database.host}'); define('DB_USER', '${cfg.database.user}'); define('DB_NAME', '${cfg.database.name}'); - define('DB_PASS', '${optionalString (cfg.database.password != null) (escape ["'" "\\"] cfg.database.password)}'); + define('DB_PASS', ${ + if (cfg.database.password != null) then + "'${(escape ["'" "\\"] cfg.database.password)}'" + else if (cfg.database.passwordFile != null) then + "file_get_contents('${cfg.database.passwordFile}')" + else + "" + }); define('DB_PORT', '${toString dbPort}'); define('AUTH_AUTO_CREATE', ${boolToString cfg.auth.autoCreate}); @@ -168,6 +175,14 @@ let ''; }; + passwordFile = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + The database user's password. + ''; + }; + port = mkOption { type = types.nullOr types.int; default = null; @@ -479,21 +494,30 @@ let config = mkIf cfg.enable { - services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") { - "${poolName}" = '' - listen = "${phpfpmSocketName}"; - listen.owner = nginx - listen.group = nginx - listen.mode = 0600 - user = ${cfg.user} - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - catch_workers_output = 1 - ''; + assertions = [ + { + assertion = cfg.database.password != null -> cfg.database.passwordFile == null; + message = "Cannot set both password and passwordFile"; + } + ]; + + services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") { + "${poolName}" = { + listen = "/var/run/phpfpm/${poolName}.sock"; + extraConfig = '' + listen.owner = nginx + listen.group = nginx + listen.mode = 0600 + user = ${cfg.user} + pm = dynamic + pm.max_children = 75 + pm.start_servers = 10 + pm.min_spare_servers = 5 + pm.max_spare_servers = 20 + pm.max_requests = 500 + catch_workers_output = 1 + ''; + }; }; # NOTE: No configuration is done if not using virtual host @@ -510,7 +534,7 @@ let locations."~ \.php$" = { extraConfig = '' fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${phpfpmSocketName}; + fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.listen}; fastcgi_index index.php; ''; }; @@ -528,6 +552,7 @@ let callSql = e: if cfg.database.type == "pgsql" then '' ${optionalString (cfg.database.password != null) "PGPASSWORD=${cfg.database.password}"} \ + ${optionalString (cfg.database.passwordFile != null) "PGPASSWORD=$(cat ${cfg.database.passwordFile}"}) \ ${pkgs.sudo}/bin/sudo -u ${cfg.user} ${config.services.postgresql.package}/bin/psql \ -U ${cfg.database.user} \ ${optionalString (cfg.database.host != null) "-h ${cfg.database.host} --port ${toString dbPort}"} \ |