nixos/modules/services/databases/couchdb.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / databases / couchdb.nix
at master 6.5 kB view raw
  1{
  2  config,
  3  options,
  4  lib,
  5  pkgs,
  6  ...
  7}:
  8let
  9  cfg = config.services.couchdb;
 10  opt = options.services.couchdb;
 11
 12  baseConfig = {
 13    couchdb = {
 14      database_dir = cfg.databaseDir;
 15      uri_file = cfg.uriFile;
 16      view_index_dir = cfg.viewIndexDir;
 17    };
 18    chttpd = {
 19      port = cfg.port;
 20      bind_address = cfg.bindAddress;
 21    };
 22    log = {
 23      file = cfg.logFile;
 24    };
 25  };
 26  adminConfig = lib.optionalAttrs (cfg.adminPass != null) {
 27    admins = {
 28      "${cfg.adminUser}" = cfg.adminPass;
 29    };
 30  };
 31  appConfig = lib.recursiveUpdate (lib.recursiveUpdate baseConfig adminConfig) cfg.extraConfig;
 32
 33  optionsConfigFile = pkgs.writeText "couchdb.ini" (lib.generators.toINI { } appConfig);
 34
 35  # we are actually specifying 5 configuration files:
 36  # 1. the preinstalled default.ini
 37  # 2. the module configuration
 38  # 3. the extraConfigFiles from the module options
 39  # 4. the locally writable config file, which couchdb itself writes to
 40  configFiles = [
 41    "${cfg.package}/etc/default.ini"
 42    optionsConfigFile
 43  ]
 44  ++ cfg.extraConfigFiles
 45  ++ [ cfg.configFile ];
 46  executable = "${cfg.package}/bin/couchdb";
 47in
 48{
 49  ###### interface
 50
 51  options = {
 52    services.couchdb = {
 53      enable = lib.mkEnableOption "CouchDB Server";
 54
 55      package = lib.mkPackageOption pkgs "couchdb3" { };
 56
 57      adminUser = lib.mkOption {
 58        type = lib.types.str;
 59        default = "admin";
 60        description = ''
 61          Couchdb (i.e. fauxton) account with permission for all dbs and
 62          tasks.
 63        '';
 64      };
 65
 66      adminPass = lib.mkOption {
 67        type = lib.types.nullOr lib.types.str;
 68        default = null;
 69        description = ''
 70          Couchdb (i.e. fauxton) account with permission for all dbs and
 71          tasks.
 72        '';
 73      };
 74
 75      user = lib.mkOption {
 76        type = lib.types.str;
 77        default = "couchdb";
 78        description = ''
 79          User account under which couchdb runs.
 80        '';
 81      };
 82
 83      group = lib.mkOption {
 84        type = lib.types.str;
 85        default = "couchdb";
 86        description = ''
 87          Group account under which couchdb runs.
 88        '';
 89      };
 90
 91      # couchdb options: https://docs.couchdb.org/en/latest/config/index.html
 92
 93      databaseDir = lib.mkOption {
 94        type = lib.types.path;
 95        default = "/var/lib/couchdb";
 96        description = ''
 97          Specifies location of CouchDB database files (*.couch named). This
 98          location should be writable and readable for the user the CouchDB
 99          service runs as (couchdb by default).
100        '';
101      };
102
103      uriFile = lib.mkOption {
104        type = lib.types.path;
105        default = "/run/couchdb/couchdb.uri";
106        description = ''
107          This file contains the full URI that can be used to access this
108          instance of CouchDB. It is used to help discover the port CouchDB is
109          running on (if it was set to 0 (e.g. automatically assigned any free
110          one). This file should be writable and readable for the user that
111          runs the CouchDB service (couchdb by default).
112        '';
113      };
114
115      viewIndexDir = lib.mkOption {
116        type = lib.types.path;
117        default = "/var/lib/couchdb";
118        description = ''
119          Specifies location of CouchDB view index files. This location should
120          be writable and readable for the user that runs the CouchDB service
121          (couchdb by default).
122        '';
123      };
124
125      bindAddress = lib.mkOption {
126        type = lib.types.str;
127        default = "127.0.0.1";
128        description = ''
129          Defines the IP address by which CouchDB will be accessible.
130        '';
131      };
132
133      port = lib.mkOption {
134        type = lib.types.port;
135        default = 5984;
136        description = ''
137          Defined the port number to listen.
138        '';
139      };
140
141      logFile = lib.mkOption {
142        type = lib.types.path;
143        default = "/var/log/couchdb.log";
144        description = ''
145          Specifies the location of file for logging output.
146        '';
147      };
148
149      extraConfig = lib.mkOption {
150        type = lib.types.attrs;
151        default = { };
152        description = "Extra configuration options for CouchDB";
153      };
154      extraConfigFiles = lib.mkOption {
155        type = lib.types.listOf lib.types.path;
156        default = [ ];
157        description = ''
158          Extra configuration files. Overrides any other configuration. You can use this to setup the Admin user without putting the password in your nix store.
159        '';
160      };
161
162      argsFile = lib.mkOption {
163        type = lib.types.path;
164        default = "${cfg.package}/etc/vm.args";
165        defaultText = lib.literalExpression ''"config.${opt.package}/etc/vm.args"'';
166        description = ''
167          vm.args configuration. Overrides Couchdb's Erlang VM parameters file.
168        '';
169      };
170
171      configFile = lib.mkOption {
172        type = lib.types.path;
173        default = "/var/lib/couchdb/local.ini";
174        description = ''
175          Configuration file for persisting runtime changes. File
176          needs to be readable and writable from couchdb user/group.
177        '';
178      };
179    };
180  };
181
182  ###### implementation
183
184  config = lib.mkIf cfg.enable {
185    environment.systemPackages = [ cfg.package ];
186
187    systemd.tmpfiles.rules = [
188      "d '${dirOf cfg.uriFile}' - ${cfg.user} ${cfg.group} - -"
189      "f '${cfg.logFile}' - ${cfg.user} ${cfg.group} - -"
190      "d '${cfg.databaseDir}' -  ${cfg.user} ${cfg.group} - -"
191      "d '${cfg.viewIndexDir}' -  ${cfg.user} ${cfg.group} - -"
192    ];
193
194    systemd.services.couchdb = {
195      description = "CouchDB Server";
196      wantedBy = [ "multi-user.target" ];
197
198      preStart = ''
199        touch ${cfg.configFile}
200        if ! test -e ${cfg.databaseDir}/.erlang.cookie; then
201          touch ${cfg.databaseDir}/.erlang.cookie
202          chmod 600 ${cfg.databaseDir}/.erlang.cookie
203          dd if=/dev/random bs=16 count=1 | base64 > ${cfg.databaseDir}/.erlang.cookie
204        fi
205      '';
206
207      environment = {
208        ERL_FLAGS = ''-couch_ini ${lib.concatStringsSep " " configFiles}'';
209        # 5. the vm.args file
210        COUCHDB_ARGS_FILE = ''${cfg.argsFile}'';
211        HOME = ''${cfg.databaseDir}'';
212      };
213
214      serviceConfig = {
215        User = cfg.user;
216        Group = cfg.group;
217        ExecStart = executable;
218      };
219    };
220
221    users.users.couchdb = {
222      description = "CouchDB Server user";
223      group = "couchdb";
224      uid = config.ids.uids.couchdb;
225    };
226
227    users.groups.couchdb.gid = config.ids.gids.couchdb;
228  };
229}