blob: 56c13d791920c446bc86d7ac1df410511f95a2ba (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
{ config, lib, pkgs, ... }:
let
cfg = config.services.hockeypuck;
settingsFormat = pkgs.formats.toml { };
in {
meta.maintainers = with lib.maintainers; [ etu ];
options.services.hockeypuck = {
enable = lib.mkEnableOption (lib.mdDoc "Hockeypuck OpenPGP Key Server");
port = lib.mkOption {
default = 11371;
type = lib.types.port;
description = lib.mdDoc "HKP port to listen on.";
};
settings = lib.mkOption {
type = settingsFormat.type;
default = { };
example = lib.literalExpression ''
{
hockeypuck = {
loglevel = "INFO";
logfile = "/var/log/hockeypuck/hockeypuck.log";
indexTemplate = "''${pkgs.hockeypuck-web}/share/templates/index.html.tmpl";
vindexTemplate = "''${pkgs.hockeypuck-web}/share/templates/index.html.tmpl";
statsTemplate = "''${pkgs.hockeypuck-web}/share/templates/stats.html.tmpl";
webroot = "''${pkgs.hockeypuck-web}/share/webroot";
hkp.bind = ":''${toString cfg.port}";
openpgp.db = {
driver = "postgres-jsonb";
dsn = "database=hockeypuck host=/var/run/postgresql sslmode=disable";
};
};
}
'';
description = lib.mdDoc ''
Configuration file for hockeypuck, here you can override
certain settings (`loglevel` and
`openpgp.db.dsn`) by just setting those values.
For other settings you need to use lib.mkForce to override them.
This service doesn't provision or enable postgres on your
system, it rather assumes that you enable postgres and create
the database yourself.
Example:
```
services.postgresql = {
enable = true;
ensureDatabases = [ "hockeypuck" ];
ensureUsers = [{
name = "hockeypuck";
ensureDBOwnership = true;
}];
};
```
'';
};
};
config = lib.mkIf cfg.enable {
services.hockeypuck.settings.hockeypuck = {
loglevel = lib.mkDefault "INFO";
logfile = "/var/log/hockeypuck/hockeypuck.log";
indexTemplate = "${pkgs.hockeypuck-web}/share/templates/index.html.tmpl";
vindexTemplate = "${pkgs.hockeypuck-web}/share/templates/index.html.tmpl";
statsTemplate = "${pkgs.hockeypuck-web}/share/templates/stats.html.tmpl";
webroot = "${pkgs.hockeypuck-web}/share/webroot";
hkp.bind = ":${toString cfg.port}";
openpgp.db = {
driver = "postgres-jsonb";
dsn = lib.mkDefault "database=hockeypuck host=/var/run/postgresql sslmode=disable";
};
};
users.users.hockeypuck = {
isSystemUser = true;
group = "hockeypuck";
description = "Hockeypuck user";
};
users.groups.hockeypuck = {};
systemd.services.hockeypuck = {
description = "Hockeypuck OpenPGP Key Server";
after = [ "network.target" "postgresql.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
WorkingDirectory = "/var/lib/hockeypuck";
User = "hockeypuck";
ExecStart = "${pkgs.hockeypuck}/bin/hockeypuck -config ${settingsFormat.generate "config.toml" cfg.settings}";
Restart = "always";
RestartSec = "5s";
LogsDirectory = "hockeypuck";
LogsDirectoryMode = "0755";
StateDirectory = "hockeypuck";
};
};
};
}
|