nixos/modules/services/databases/firebird.nix at 15.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / databases / firebird.nix
at 15.09-beta 4.6 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3# TODO: This may file may need additional review, eg which configuartions to
  4# expose to the user.
  5#
  6# I only used it to access some simple databases.
  7
  8# test:
  9# isql, then type the following commands:
 10# CREATE DATABASE '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 11# CONNECT '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 12# CREATE TABLE test ( text varchar(100) );
 13# DROP DATABASE;
 14#
 15# Be careful, virtuoso-opensource also provides a different isql command !
 16
 17# There are at least two ways to run firebird. superserver has been choosen
 18# however there are no strong reasons to prefer this or the other one AFAIK
 19# Eg superserver is said to be most efficiently using resources according to
 20# http://www.firebirdsql.org/manual/qsg25-classic-or-super.html
 21
 22with lib;
 23
 24let
 25
 26  cfg = config.services.firebird;
 27
 28  firebird = cfg.package;
 29
 30  dataDir = "${cfg.baseDir}/data";
 31  systemDir = "${cfg.baseDir}/system";
 32
 33in
 34
 35{
 36
 37  ###### interface
 38
 39  options = {
 40
 41    services.firebird = {
 42
 43      enable = mkOption {
 44        default = false;
 45        description = ''
 46          Whether to enable the Firebird super server.
 47        '';
 48      };
 49
 50      package = mkOption {
 51        default = pkgs.firebirdSuper;
 52        type = types.package;
 53        /*
 54          Example: <code>package = pkgs.firebirdSuper.override { icu =
 55            pkgs.icu; };</code> which is not recommended for compatibility
 56            reasons. See comments at the firebirdSuper derivation
 57        */
 58
 59        description = ''
 60          Which firebird derivation to use.
 61        '';
 62      };
 63
 64      port = mkOption {
 65        default = "3050";
 66        description = ''
 67          Port Firebird uses.
 68        '';
 69      };
 70
 71      user = mkOption {
 72        default = "firebird";
 73        description = ''
 74          User account under which firebird runs.
 75        '';
 76      };
 77
 78      baseDir = mkOption {
 79        default = "/var/db/firebird"; # ubuntu is using /var/lib/firebird/2.1/data/.. ?
 80        description = ''
 81          Location containing data/ and system/ directories.
 82          data/ stores the databases, system/ stores the password database security2.fdb.
 83        '';
 84      };
 85
 86    };
 87
 88  };
 89
 90
 91  ###### implementation
 92
 93  config = mkIf config.services.firebird.enable {
 94
 95    environment.systemPackages = [cfg.package];
 96
 97    systemd.services.firebird =
 98      { description = "Firebird Super-Server";
 99
100        wantedBy = [ "multi-user.target" ];
101
102        # TODO: moving security2.fdb into the data directory works, maybe there
103        # is a better way
104        preStart =
105          ''
106            mkdir -m 0700 -p \
107              "${dataDir}" \
108              "${systemDir}" \
109              /var/log/firebird
110
111            if ! test -e "${systemDir}/security2.fdb"; then
112                cp ${firebird}/security2.fdb "${systemDir}"
113            fi
114
115            chown -R ${cfg.user} "${dataDir}" "${systemDir}" /var/log/firebird
116            chmod -R 700         "${dataDir}" "${systemDir}" /var/log/firebird
117          '';
118
119        serviceConfig.PermissionsStartOnly = true; # preStart must be run as root
120        serviceConfig.User = cfg.user;
121        serviceConfig.ExecStart = ''${firebird}/bin/fbserver -d'';
122
123        # TODO think about shutdown
124      };
125
126    environment.etc."firebird/firebird.msg".source = "${firebird}/firebird.msg";
127
128    # think about this again - and eventually make it an option
129    environment.etc."firebird/firebird.conf".text = ''
130      # RootDirectory = Restrict ${dataDir}
131      DatabaseAccess = Restrict ${dataDir}
132      ExternalFileAccess = Restrict ${dataDir}
133      # what is this? is None allowed?
134      UdfAccess = None
135      # "Native" =  traditional interbase/firebird, "mixed" is windows only
136      Authentication = Native
137
138      # defaults to -1 on non Win32
139      #MaxUnflushedWrites = 100
140      #MaxUnflushedWriteTime = 100
141
142      # show trace if trouble occurs (does this require debug build?)
143      # BugcheckAbort = 0
144      # ConnectionTimeout = 180
145
146      #RemoteServiceName = gds_db
147      RemoteServicePort = ${cfg.port}
148
149      # randomly choose port for server Event Notification
150      #RemoteAuxPort = 0
151      # rsetrict connections to a network card:
152      #RemoteBindAddress =
153      # there are some additional settings which should be reviewed
154    '';
155
156    users.extraUsers.firebird = {
157      description = "Firebird server user";
158      group = "firebird";
159      uid = config.ids.uids.firebird;
160    };
161
162    users.extraGroups.firebird.gid = config.ids.gids.firebird;
163
164  };
165}