diff options
author | Nicolas B. Pierron <nicolas.b.pierron@gmail.com> | 2014-12-11 23:48:15 +0100 |
---|---|---|
committer | Nicolas B. Pierron <nicolas.b.pierron@gmail.com> | 2014-12-11 23:48:15 +0100 |
commit | 01886aef225a5fb03dc1ee08fb606899d87f6dcf (patch) | |
tree | 51566cc1ffea0629070478d138e43b6995136b4f /nixos/modules | |
parent | 0a0678cf5a7b3f6ea9b4f86fd875e6f2f9060f8b (diff) | |
download | nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar.gz nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar.bz2 nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar.lz nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar.xz nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.tar.zst nixpkgs-01886aef225a5fb03dc1ee08fb606899d87f6dcf.zip |
Add Firefox Sync server module.
Diffstat (limited to 'nixos/modules')
-rwxr-xr-x | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/firefox/sync-server.nix | 135 |
2 files changed, 136 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ecf68136f97..cbf42d44df6 100755 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -232,6 +232,7 @@ ./services/networking/dnscrypt-proxy.nix ./services/networking/dnsmasq.nix ./services/networking/ejabberd.nix + ./services/networking/firefox/sync-server.nix ./services/networking/firewall.nix ./services/networking/flashpolicyd.nix ./services/networking/freenet.nix diff --git a/nixos/modules/services/networking/firefox/sync-server.nix b/nixos/modules/services/networking/firefox/sync-server.nix new file mode 100644 index 00000000000..db249fe5a72 --- /dev/null +++ b/nixos/modules/services/networking/firefox/sync-server.nix @@ -0,0 +1,135 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.firefox.syncserver; + syncServerSecretFile = "/etc/firefox/syncserver-secret.ini"; + syncServerIni = pkgs.writeText "syncserver.ini" '' + [DEFAULT] + overrides = ${cfg.privateConfig} ${syncServerSecretFile} + + [server:main] + use = egg:Paste#http + host = ${cfg.listen.address} + port = ${toString cfg.listen.port} + + [app:main] + use = egg:syncserver + + [syncserver] + public_url = ${cfg.publicUrl} + ${optionalString (cfg.sqlUri != "") "sqluri = ${cfg.sqlUri}"} + allow_new_users = ${if cfg.allowNewUsers then "true" else "false"} + + [browserid] + backend = tokenserver.verifiers.LocalVerifier + audiences = ${removeSuffix "/" cfg.publicUrl} + ''; +in + +{ + options = { + services.firefox.syncserver = { + enable = mkOption { + type = types.bool; + default = false; + example = true; + description = '' + Whether to enable a Firefox Sync Server, this give the opportunity to + Firefox users to store all synchronized data on their own server. To use this + server, Firefox users should visit the <option>about:config</option>, and + replicate the following change + + <screen> + services.sync.tokenServerURI: http://localhost:5000/token/1.0/sync/1.5</screen> + + where <option>http://localhost:5000/</option> corresponds to the + public url of the server. + ''; + }; + + listen.address = mkOption { + type = types.str; + default = "0.0.0.0"; + description = '' + Address on which the sync server listen to. + ''; + }; + + listen.port = mkOption { + type = types.int; + default = 5000; + description = '' + Port on which the sync server listen to. + ''; + }; + + publicUrl = mkOption { + type = types.str; + default = "http://localhost:5000/"; + example = "http://sync.example.com/"; + description = '' + Public URL with which firefox users can use to access the sync server. + ''; + }; + + allowNewUsers = mkOption { + type = types.bool; + default = true; + example = false; + description = '' + Whether to allow new-user signups on the server. Only request by + existing accounts will be honored. + ''; + }; + + sqlUri = mkOption { + type = types.str; + default = "sqlite:////var/db/firefox-sync-server.db"; + example = "postgresql://scott:tiger@localhost/test"; + description = '' + The location of the database. This URL is composed of + <option>dialect[+driver]://user:password@host/dbname[?key=value..]</option>, + where <option>dialect</option> is a database name such as + <option>mysql</option>, <option>oracle</option>, <option>postgresql</option>, + etc., and <option>driver</option> the name of a DBAPI, such as + <option>psycopg2</option>, <option>pyodbc</option>, <option>cx_oracle</option>, + etc. + ''; + }; + + privateConfig = mkOption { + type = types.separatedString " "; + default = ""; + description = '' + If defined, this file would be used to set all fields which were omitted in the + generated ini files used for configuring the syncserver. This file is useful + for storing secrets, such as the syncserver.secret or the syncserver.sqluri + ''; + }; + }; + }; + + config = { + + systemd.services.syncserver = { + after = [ "network.target" ]; + description = "Firefox Sync Server"; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.pythonPackages.pasteScript pkgs.coreutils ]; + environment.PYTHONPATH = "${pkgs.pythonPackages.syncserver}/lib/${pkgs.pythonPackages.python.libPrefix}/site-packages"; + preStart = '' + if ! test -e ${syncServerSecretFile}; then + mkdir -p $(dirname ${syncServerSecretFile}) + echo > ${syncServerSecretFile} '[syncserver]' + echo >> ${syncServerSecretFile} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')" + fi + ''; + serviceConfig.ExecStart = "paster serve ${syncServerIni}"; + serviceConfig.User = "deluge"; + serviceConfig.Group = "deluge"; + }; + + }; +} |