diff options
| author | Rob Vermaas <rob.vermaas@gmail.com> | 2014-08-06 17:00:54 +0200 |
|---|---|---|
| committer | Rob Vermaas <rob.vermaas@gmail.com> | 2014-08-06 17:00:54 +0200 |
| commit | 34e6cb5083e2752215d9f6819ddb99cc0b3d6b15 (patch) | |
| tree | cd678fe8f4f4f92e692e2a788007ebf51329f233 /nixos/modules | |
| parent | b2f601234e02970904c425cf4b05551843e1c8c4 (diff) | |
| parent | 377454ff0ef8f2e643f37edb953760e0dc1503f4 (diff) | |
| download | nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar.gz nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar.bz2 nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar.lz nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar.xz nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.tar.zst nixpkgs-34e6cb5083e2752215d9f6819ddb99cc0b3d6b15.zip | |
Merge pull request #3476 from wkennington/master.unifi
Add support for the unifi access point controller
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/misc/ids.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/services/networking/unifi.nix | 88 |
3 files changed, 90 insertions, 0 deletions
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 4ba81dadb31..853efcc09dc 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -138,6 +138,7 @@ znc = 128; polipo = 129; mopidy = 130; + unifi = 131; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 2cbda50ba29..ea647b43c9d 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -233,6 +233,7 @@ ./services/networking/teamspeak3.nix ./services/networking/tftpd.nix ./services/networking/unbound.nix + ./services/networking/unifi.nix ./services/networking/vsftpd.nix ./services/networking/wakeonlan.nix ./services/networking/websockify.nix diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix new file mode 100644 index 00000000000..634f760328f --- /dev/null +++ b/nixos/modules/services/networking/unifi.nix @@ -0,0 +1,88 @@ +{ config, lib, pkgs, ... }: +with lib; +let + cfg = config.services.unifi; + stateDir = "/var/lib/unifi"; + cmd = "@${pkgs.icedtea7_jre}/bin/java java -jar ${stateDir}/lib/ace.jar"; +in +{ + + options = { + + services.unifi.enable = mkOption { + type = types.uniq types.bool; + default = false; + description = '' + Whether or not to enable the unifi controller service. + ''; + }; + + }; + + config = mkIf cfg.enable { + + users.extraUsers.unifi = { + uid = config.ids.uids.unifi; + description = "UniFi controller daemon user"; + home = "${stateDir}"; + }; + + # We must create the binary directories as bind mounts instead of symlinks + # This is because the controller resolves all symlinks to absolute paths + # to be used as the working directory. + systemd.mounts = map ({ what, where }: { + bindsTo = [ "unifi.service" ]; + requiredBy = [ "unifi.service" ]; + before = [ "unifi.service" ]; + options = "bind"; + what = what; + where = where; + }) [ + { + what = "${pkgs.unifi}/dl"; + where = "${stateDir}/dl"; + } + { + what = "${pkgs.unifi}/lib"; + where = "${stateDir}/lib"; + } + { + what = "${pkgs.mongodb}/bin"; + where = "${stateDir}/bin"; + } + ]; + + systemd.services.unifi = { + description = "UniFi controller daemon"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + preStart = '' + # Ensure privacy of state + chown unifi "${stateDir}" + chmod 0700 "${stateDir}" + + # Create the volatile webapps + mkdir -p "${stateDir}/webapps" + chown unifi "${stateDir}/webapps" + ln -s "${pkgs.unifi}/webapps/ROOT.war" "${stateDir}/webapps/ROOT.war" + ''; + + postStop = '' + rm "${stateDir}/webapps/ROOT.war" + ''; + + serviceConfig = { + Type = "simple"; + ExecStart = "${cmd} start"; + ExecStop = "${cmd} stop"; + User = "unifi"; + PermissionsStartOnly = true; + UMask = "0077"; + WorkingDirectory = "${stateDir}"; + }; + }; + + }; + +} |