nixos/modules/services/databases/firebird.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / databases / firebird.nix
at 25.11-pre 4.5 kB view raw
  1{
  2  config,
  3  lib,
  4  pkgs,
  5  ...
  6}:
  7
  8# TODO: This may file may need additional review, eg which configurations to
  9# expose to the user.
 10#
 11# I only used it to access some simple databases.
 12
 13# test:
 14# isql, then type the following commands:
 15# CREATE DATABASE '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 16# CONNECT '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 17# CREATE TABLE test ( text varchar(100) );
 18# DROP DATABASE;
 19#
 20# Be careful, virtuoso-opensource also provides a different isql command !
 21
 22# There are at least two ways to run firebird. superserver has been chosen
 23# however there are no strong reasons to prefer this or the other one AFAIK
 24# Eg superserver is said to be most efficiently using resources according to
 25# https://www.firebirdsql.org/manual/qsg25-classic-or-super.html
 26let
 27
 28  cfg = config.services.firebird;
 29
 30  firebird = cfg.package;
 31
 32  dataDir = "${cfg.baseDir}/data";
 33  systemDir = "${cfg.baseDir}/system";
 34
 35in
 36
 37{
 38
 39  ###### interface
 40
 41  options = {
 42
 43    services.firebird = {
 44
 45      enable = lib.mkEnableOption "the Firebird super server";
 46
 47      package = lib.mkPackageOption pkgs "firebird" {
 48        example = "firebird_3";
 49        extraDescription = ''
 50          For SuperServer use override: `pkgs.firebird_3.override { superServer = true; };`
 51        '';
 52      };
 53
 54      port = lib.mkOption {
 55        default = 3050;
 56        type = lib.types.port;
 57        description = ''
 58          Port Firebird uses.
 59        '';
 60      };
 61
 62      user = lib.mkOption {
 63        default = "firebird";
 64        type = lib.types.str;
 65        description = ''
 66          User account under which firebird runs.
 67        '';
 68      };
 69
 70      baseDir = lib.mkOption {
 71        default = "/var/lib/firebird";
 72        type = lib.types.str;
 73        description = ''
 74          Location containing data/ and system/ directories.
 75          data/ stores the databases, system/ stores the password database security2.fdb.
 76        '';
 77      };
 78
 79    };
 80
 81  };
 82
 83  ###### implementation
 84
 85  config = lib.mkIf config.services.firebird.enable {
 86
 87    environment.systemPackages = [ cfg.package ];
 88
 89    systemd.tmpfiles.rules = [
 90      "d '${dataDir}' 0700 ${cfg.user} - - -"
 91      "d '${systemDir}' 0700 ${cfg.user} - - -"
 92    ];
 93
 94    systemd.services.firebird = {
 95      description = "Firebird Super-Server";
 96
 97      wantedBy = [ "multi-user.target" ];
 98
 99      # TODO: moving security2.fdb into the data directory works, maybe there
100      # is a better way
101      preStart = ''
102        if ! test -e "${systemDir}/security2.fdb"; then
103            cp ${firebird}/security2.fdb "${systemDir}"
104        fi
105
106        if ! test -e "${systemDir}/security3.fdb"; then
107            cp ${firebird}/security3.fdb "${systemDir}"
108        fi
109
110        if ! test -e "${systemDir}/security4.fdb"; then
111            cp ${firebird}/security4.fdb "${systemDir}"
112        fi
113
114        chmod -R 700         "${dataDir}" "${systemDir}" /var/log/firebird
115      '';
116
117      serviceConfig.User = cfg.user;
118      serviceConfig.LogsDirectory = "firebird";
119      serviceConfig.LogsDirectoryMode = "0700";
120      serviceConfig.ExecStart = "${firebird}/bin/fbserver -d";
121
122      # TODO think about shutdown
123    };
124
125    environment.etc."firebird/firebird.msg".source = "${firebird}/firebird.msg";
126
127    # think about this again - and eventually make it an option
128    environment.etc."firebird/firebird.conf".text = ''
129      # RootDirectory = Restrict ${dataDir}
130      DatabaseAccess = Restrict ${dataDir}
131      ExternalFileAccess = Restrict ${dataDir}
132      # what is this? is None allowed?
133      UdfAccess = None
134      # "Native" =  traditional interbase/firebird, "mixed" is windows only
135      Authentication = Native
136
137      # defaults to -1 on non Win32
138      #MaxUnflushedWrites = 100
139      #MaxUnflushedWriteTime = 100
140
141      # show trace if trouble occurs (does this require debug build?)
142      # BugcheckAbort = 0
143      # ConnectionTimeout = 180
144
145      #RemoteServiceName = gds_db
146      RemoteServicePort = ${toString cfg.port}
147
148      # randomly choose port for server Event Notification
149      #RemoteAuxPort = 0
150      # rsetrict connections to a network card:
151      #RemoteBindAddress =
152      # there are some additional settings which should be reviewed
153    '';
154
155    users.users.firebird = {
156      description = "Firebird server user";
157      group = "firebird";
158      uid = config.ids.uids.firebird;
159    };
160
161    users.groups.firebird.gid = config.ids.gids.firebird;
162
163  };
164}