s0me1newithhand7s/system-manager
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Enable the upstream nginx module from nixpkgs.

Browse source
This commit is contained in:
r-vdp 2023-04-13 12:16:19 +02:00
parent 40597a9540
commit 29c967209a
No known key found for this signature in database
4 changed files with 114 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

58
nix/modules/default.nix
View file

@ -6,20 +6,25 @@
imports = [ imports = [
./etc.nix ./etc.nix
./systemd.nix ./systemd.nix
./upstream/nixpkgs
]; ];
options = { options =
let
inherit (lib) types;
in
{
nixpkgs = { nixpkgs = {
# TODO: switch to lib.systems.parsedPlatform # TODO: switch to lib.systems.parsedPlatform
hostPlatform = lib.mkOption { hostPlatform = lib.mkOption {
type = lib.types.str; type = types.str;
example = "x86_64-linux"; example = "x86_64-linux";
}; };
}; };
assertions = lib.mkOption { assertions = lib.mkOption {
type = lib.types.listOf lib.types.unspecified; type = types.listOf types.unspecified;
internal = true; internal = true;
default = [ ]; default = [ ];
example = [{ assertion = false; message = "you can't enable this for that reason"; }]; example = [{ assertion = false; message = "you can't enable this for that reason"; }];
@ -33,7 +38,7 @@
warnings = lib.mkOption { warnings = lib.mkOption {
internal = true; internal = true;
default = [ ]; default = [ ];
type = lib.types.listOf lib.types.str; type = types.listOf types.str;
example = [ "The `foo' service is deprecated and will go away soon!" ]; example = [ "The `foo' service is deprecated and will go away soon!" ];
description = lib.mdDoc '' description = lib.mdDoc ''
This option allows modules to show warnings to users during This option allows modules to show warnings to users during
@ -41,6 +46,47 @@
''; '';
}; };
# Statically assigned UIDs and GIDs.
# Ideally we use DynamicUser as much as possible to avoid the need for these.
ids = {
uids = lib.mkOption {
internal = true;
description = lib.mdDoc ''
The user IDs used by system-manager.
'';
type = types.attrsOf types.int;
};
gids = lib.mkOption {
internal = true;
description = lib.mdDoc ''
The group IDs used by system-manager.
'';
type = types.attrsOf types.int;
};
};
# No-op option for now.
# TODO: should we include the settings in /etc/logrotate.d ?
services.logrotate = lib.mkOption {
internal = true;
default = { };
type = types.freeform;
};
# No-op option for now.
users = lib.mkOption {
internal = true;
default = { };
type = types.freeform;
};
networking = {
enableIPv6 = lib.mkEnableOption "IPv6" // {
default = true;
};
};
system-manager = { system-manager = {
allowAnyDistro = lib.mkEnableOption "the usage of system-manager on untested distributions"; allowAnyDistro = lib.mkEnableOption "the usage of system-manager on untested distributions";
@ -50,12 +96,12 @@
enable = lib.mkEnableOption "the assertion"; enable = lib.mkEnableOption "the assertion";
name = lib.mkOption { name = lib.mkOption {
type = lib.types.str; type = types.str;
default = name; default = name;
}; };
script = lib.mkOption { script = lib.mkOption {
type = lib.types.str; type = types.str;
}; };
}; };
})); }));

15
nix/modules/upstream/nixpkgs/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ nixosModulesPath
, ...
}:
{
imports = [
./nginx.nix
] ++
# List of imported NixOS modules
# TODO: how will we manage this in the long term?
map (path: nixosModulesPath + path) [
"/misc/meta.nix"
"/security/acme/"
"/services/web-servers/nginx/"
];
}

6
nix/modules/upstream/nixpkgs/nginx.nix Normal file
View file

@ -0,0 +1,6 @@
{
systemd.services.nginx.serviceConfig.DynamicUser = true;
# Disable this for now
services.logrotate.settings.nginx = { };
}

2
test/nix/modules/default.nix
View file

@ -6,6 +6,8 @@
config = { config = {
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
services.nginx.enable = true;
environment.etc = { environment.etc = {
foo = { foo = {
text = '' text = ''