Merge pull request #258520 from Benjamin-L/soju-admin-socket
This commit is contained in:
commit
b32f206faa
|
@ -513,6 +513,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||||
|
|
||||||
- The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
|
- The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
|
||||||
|
|
||||||
|
- `services.soju` now has a wrapper for the `sojuctl` command, pointed at the service config file. It also has the new option `adminSocket.enable`, which creates a unix admin socket at `/run/soju/admin`.
|
||||||
|
|
||||||
- Gitea 1.21 upgrade has several breaking changes, including:
|
- Gitea 1.21 upgrade has several breaking changes, including:
|
||||||
- Custom themes and other assets that were previously stored in `custom/public/*` now belong in `custom/public/assets/*`
|
- Custom themes and other assets that were previously stored in `custom/public/*` now belong in `custom/public/assets/*`
|
||||||
- New instances of Gitea using MySQL now ignore the `[database].CHARSET` config option and always use the `utf8mb4` charset, existing instances should migrate via the `gitea doctor convert` CLI command.
|
- New instances of Gitea using MySQL now ignore the `[database].CHARSET` config option and always use the `utf8mb4` charset, existing instances should migrate via the `gitea doctor convert` CLI command.
|
||||||
|
|
|
@ -5,7 +5,10 @@ with lib;
|
||||||
let
|
let
|
||||||
cfg = config.services.soju;
|
cfg = config.services.soju;
|
||||||
stateDir = "/var/lib/soju";
|
stateDir = "/var/lib/soju";
|
||||||
listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") cfg.listen;
|
runtimeDir = "/run/soju";
|
||||||
|
listen = cfg.listen
|
||||||
|
++ optional cfg.adminSocket.enable "unix+admin://${runtimeDir}/admin";
|
||||||
|
listenCfg = concatMapStringsSep "\n" (l: "listen ${l}") listen;
|
||||||
tlsCfg = optionalString (cfg.tlsCertificate != null)
|
tlsCfg = optionalString (cfg.tlsCertificate != null)
|
||||||
"tls ${cfg.tlsCertificate} ${cfg.tlsCertificateKey}";
|
"tls ${cfg.tlsCertificate} ${cfg.tlsCertificateKey}";
|
||||||
logCfg = optionalString cfg.enableMessageLogging
|
logCfg = optionalString cfg.enableMessageLogging
|
||||||
|
@ -22,6 +25,10 @@ let
|
||||||
|
|
||||||
${cfg.extraConfig}
|
${cfg.extraConfig}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
sojuctl = pkgs.writeShellScriptBin "sojuctl" ''
|
||||||
|
exec ${cfg.package}/bin/sojuctl --config ${configFile} "$@"
|
||||||
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
###### interface
|
###### interface
|
||||||
|
@ -29,6 +36,8 @@ in
|
||||||
options.services.soju = {
|
options.services.soju = {
|
||||||
enable = mkEnableOption (lib.mdDoc "soju");
|
enable = mkEnableOption (lib.mdDoc "soju");
|
||||||
|
|
||||||
|
package = mkPackageOption pkgs "soju" { };
|
||||||
|
|
||||||
listen = mkOption {
|
listen = mkOption {
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
default = [ ":6697" ];
|
default = [ ":6697" ];
|
||||||
|
@ -66,6 +75,14 @@ in
|
||||||
description = lib.mdDoc "Whether to enable message logging.";
|
description = lib.mdDoc "Whether to enable message logging.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
adminSocket.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
description = lib.mdDoc ''
|
||||||
|
Listen for admin connections from sojuctl at /run/soju/admin.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
httpOrigins = mkOption {
|
httpOrigins = mkOption {
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
default = [];
|
default = [];
|
||||||
|
@ -107,6 +124,8 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
environment.systemPackages = [ sojuctl ];
|
||||||
|
|
||||||
systemd.services.soju = {
|
systemd.services.soju = {
|
||||||
description = "soju IRC bouncer";
|
description = "soju IRC bouncer";
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
@ -115,8 +134,9 @@ in
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
DynamicUser = true;
|
DynamicUser = true;
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
ExecStart = "${pkgs.soju}/bin/soju -config ${configFile}";
|
ExecStart = "${cfg.package}/bin/soju -config ${configFile}";
|
||||||
StateDirectory = "soju";
|
StateDirectory = "soju";
|
||||||
|
RuntimeDirectory = "soju";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -826,6 +826,7 @@ in {
|
||||||
soapui = handleTest ./soapui.nix {};
|
soapui = handleTest ./soapui.nix {};
|
||||||
soft-serve = handleTest ./soft-serve.nix {};
|
soft-serve = handleTest ./soft-serve.nix {};
|
||||||
sogo = handleTest ./sogo.nix {};
|
sogo = handleTest ./sogo.nix {};
|
||||||
|
soju = handleTest ./soju.nix {};
|
||||||
solanum = handleTest ./solanum.nix {};
|
solanum = handleTest ./solanum.nix {};
|
||||||
sonarr = handleTest ./sonarr.nix {};
|
sonarr = handleTest ./sonarr.nix {};
|
||||||
sonic-server = handleTest ./sonic-server.nix {};
|
sonic-server = handleTest ./sonic-server.nix {};
|
||||||
|
|
31
nixos/tests/soju.nix
Normal file
31
nixos/tests/soju.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
certs = import ./common/acme/server/snakeoil-certs.nix;
|
||||||
|
domain = certs.domain;
|
||||||
|
|
||||||
|
user = "testuser";
|
||||||
|
pass = "hunter2";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
name = "soju";
|
||||||
|
meta.maintainers = with lib.maintainers; [ Benjamin-L ];
|
||||||
|
|
||||||
|
nodes.machine = { ... }: {
|
||||||
|
services.soju = {
|
||||||
|
enable = true;
|
||||||
|
adminSocket.enable = true;
|
||||||
|
hostName = domain;
|
||||||
|
tlsCertificate = certs.${domain}.cert;
|
||||||
|
tlsCertificateKey = certs.${domain}.key;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
testScript = ''
|
||||||
|
start_all()
|
||||||
|
|
||||||
|
machine.wait_for_unit("soju")
|
||||||
|
machine.wait_for_file("/run/soju/admin")
|
||||||
|
|
||||||
|
machine.succeed("sojuctl user create -username ${user} -password ${pass}")
|
||||||
|
'';
|
||||||
|
})
|
Loading…
Reference in New Issue
Block a user