From 5231d21dfbfd0e1aead9d654831e40aa481181a4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 24 Aug 2016 00:14:43 +0200 Subject: m 3 rtorrent: mkIf, recursiveUpdate and multiple changes in systemd.services and nginx config do not work well together it seems --- makefu/3modules/rtorrent.nix | 160 +++++++++++++++++++++---------------------- 1 file changed, 79 insertions(+), 81 deletions(-) (limited to 'makefu/3modules') diff --git a/makefu/3modules/rtorrent.nix b/makefu/3modules/rtorrent.nix index 2532e1f5..98eb5f10 100644 --- a/makefu/3modules/rtorrent.nix +++ b/makefu/3modules/rtorrent.nix @@ -8,8 +8,11 @@ let nginx-user = config.services.nginx.user; nginx-group = config.services.nginx.group; + fpm-socket = "/var/run/php5-fpm-rutorrent.sock"; + + webdir = rucfg.webdir; rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++ - (if config.nixpkgs.config.allowUnfree then + (if (config.nixpkgs.config.allowUnfree or false) then trace "enabling unfree packages for rutorrent" [ unrar unzip ] else trace "not enabling unfree packages for rutorrent because allowUnfree is unset" []) ; @@ -34,7 +37,6 @@ let echo "replacing scgi port and host variable in conf/config.php" ''; }; - fpm-socket = "/var/run/php5-fpm.sock"; systemd-logfile = cfg.workDir + "/rtorrent-systemd.log"; configFile = pkgs.writeText "rtorrent-config" '' # THIS FILE IS AUTOGENERATED @@ -73,9 +75,12 @@ let out = { options.makefu.rtorrent = api; - config = lib.recursiveUpdate (lib.mkIf cfg.enable imp) - ( lib.recursiveUpdate (lib.mkIf cfg.web.enable rpcweb-imp) - (lib.mkIf cfg.rutorrent.enable rutorrent-imp)); + # This only works because none of the attrsets returns the same key + config = with lib; mkIf cfg.enable (lib.mkMerge [ + (lib.mkIf webcfg.enable rpcweb-imp) + (lib.mkIf rucfg.enable rutorrent-imp) + imp + ]); }; api = { @@ -91,7 +96,7 @@ let description ='' nginx listen address for rtorrent web ''; - default = "localhost:8005"; + default = "localhost:8006"; }; enableAuth = mkEnableOption "rutorrent authentication"; @@ -225,38 +230,62 @@ let }; imp = { - systemd.services.rtorrent-daemon = { - description = "rtorrent headless"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - serviceConfig = { - Type = "forking"; - ExecStartPre = pkgs.writeDash "prepare-folder" '' - mkdir -p ${cfg.workDir} ${cfg.sessionDir} - touch ${systemd-logfile} - cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc - ''; - ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'"; - - # PrivateTmp = true; - ## now you can simply sudo -u rtorrent tmux a - ## otherwise the tmux session is stored in some private folder in /tmp - WorkingDirectory = cfg.workDir; - Restart = "on-failure"; - User = "${cfg.user}"; + systemd.services = { + rtorrent-daemon = { + description = "rtorrent headless"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + restartIfChanged = true; + serviceConfig = { + Type = "forking"; + ExecStartPre = pkgs.writeDash "prepare-folder" '' + mkdir -p ${cfg.workDir} ${cfg.sessionDir} + chmod 770 ${cfg.workDir} ${cfg.sessionDir} + touch ${systemd-logfile} + cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc + ''; + ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'"; + + # PrivateTmp = true; + ## now you can simply sudo -u rtorrent tmux a + ## otherwise the tmux session is stored in some private folder in /tmp + WorkingDirectory = cfg.workDir; + Restart = "on-failure"; + User = "${cfg.user}"; + }; }; - - }; - systemd.services.rtorrent-log = { - after = [ "rtorrent-daemon.service" ]; - bindsTo = [ "rtorrent-daemon.service" ]; - wantedBy = [ "rtorrent-daemon.service" ]; - serviceConfig = { - ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}"; - User = "${cfg.user}"; + rtorrent-log = { + after = [ "rtorrent-daemon.service" ]; + bindsTo = [ "rtorrent-daemon.service" ]; + wantedBy = [ "rtorrent-daemon.service" ]; + serviceConfig = { + ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}"; + User = "${cfg.user}"; + }; }; - }; + } // (optionalAttrs webcfg.enable { + rutorrent-prepare = { + after = [ "rtorrent-daemon.service" ]; + bindsTo = [ "rtorrent-daemon.service" ]; + wantedBy = [ "rtorrent-daemon.service" ]; + serviceConfig = { + Type = "oneshot"; + # we create the folder and set the permissions to allow nginx + # TODO: update files if the version of rutorrent changed + ExecStart = pkgs.writeDash "create-webconfig-dir" '' + if [ ! -e ${webdir} ];then + echo "creating webconfiguration directory for rutorrent: ${webdir}" + cp -r ${rucfg.package} ${webdir} + chown -R ${cfg.user}:${nginx-group} ${webdir} + chmod -R 770 ${webdir} + else + echo "not overwriting ${webdir}" + fi + ''; + }; + }; + }) + // (optionalAttrs rucfg.enable { }); users = lib.mkIf (cfg.user == "rtorrent") { users.rtorrent = { @@ -264,6 +293,7 @@ let home = cfg.workDir; group = nginx-group; shell = "/bin/sh"; #required for tmux + isSystemUser = true; createHome = true; }; groups.rtorrent.gid = genid "rtorrent"; @@ -280,6 +310,9 @@ let auth_basic "rtorrent"; auth_basic_user_file ${webcfg.authfile}; ''} + ${optionalString rucfg.enable '' + root ${webdir}; + ''} ''; locations = [ (nameValuePair "/RPC2" '' @@ -287,39 +320,7 @@ let scgi_param SCRIPT_NAME /RPC2; scgi_pass unix:${cfg.xmlrpc-socket}; '') - ]; - }; - }; - - rutorrent-imp = let - webdir = rucfg.webdir; - in { - systemd.services.rutorrent-prepare = { - after = [ "rtorrent-daemon.service" ]; - bindsTo = [ "rtorrent-daemon.service" ]; - wantedBy = [ "rtorrent-daemon.service" ]; - serviceConfig = { - Type = "oneshot"; - # we create the folder and set the permissions to allow nginx - # TODO: update files if the version of rutorrent changed - ExecStart = pkgs.writeDash "create-webconfig-dir" '' - if [ ! -e ${webdir} ];then - echo "creating webconfiguration directory for rutorrent: ${webdir}" - cp -r ${rucfg.package} ${webdir} - chown -R ${cfg.user}:${nginx-group} ${webdir} - chmod -R 770 ${webdir} - else - echo "not overwriting ${webdir}" - fi - ''; - }; - }; - krebs.nginx.servers.rtorrent = { - extraConfig = '' - root ${webdir}; - ''; - locations = [ - + ] ++ (optional rucfg.enable (nameValuePair "~ \.php$" '' client_max_body_size 200M; root ${webdir}; @@ -330,22 +331,20 @@ let include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi.conf; '') - - ]; + ); }; + }; + + rutorrent-imp = { services.phpfpm = { # phpfpm does not have an enable option - poolConfigs = let - user = config.services.nginx.user; - group = config.services.nginx.group; - fpm-socket = "/var/run/php5-fpm.sock"; - in { + poolConfigs = { rutorrent = '' - user = ${user} - group = ${group} + user = ${nginx-user} + group = ${nginx-group} listen = ${fpm-socket} - listen.owner = ${user} - listen.group = ${group} + listen.owner = ${nginx-user} + listen.group = ${nginx-group} pm = dynamic pm.max_children = 5 pm.start_servers = 2 @@ -356,7 +355,6 @@ let php_admin_value[error_log] = 'stderr' php_admin_flag[log_errors] = on catch_workers_output = yes - env[PATH] = ${makeBinPath rutorrent-deps} ''; }; }; -- cgit v1.2.3