nixos/modules/services/databases/firebird.nix at release-16.03-start · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / databases / firebird.nix
at release-16.03-start 4.6 kB view raw
  1{ config, lib, pkgs, ... }:
  2
  3# TODO: This may file may need additional review, eg which configuartions to
  4# expose to the user.
  5#
  6# I only used it to access some simple databases.
  7
  8# test:
  9# isql, then type the following commands:
 10# CREATE DATABASE '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 11# CONNECT '/var/db/firebird/data/test.fdb' USER 'SYSDBA' PASSWORD 'masterkey';
 12# CREATE TABLE test ( text varchar(100) );
 13# DROP DATABASE;
 14#
 15# Be careful, virtuoso-opensource also provides a different isql command !
 16
 17# There are at least two ways to run firebird. superserver has been choosen
 18# however there are no strong reasons to prefer this or the other one AFAIK
 19# Eg superserver is said to be most efficiently using resources according to
 20# http://www.firebirdsql.org/manual/qsg25-classic-or-super.html
 21
 22with lib;
 23
 24let
 25
 26  cfg = config.services.firebird;
 27
 28  firebird = cfg.package;
 29
 30  dataDir = "${cfg.baseDir}/data";
 31  systemDir = "${cfg.baseDir}/system";
 32
 33in
 34
 35{
 36
 37  ###### interface
 38
 39  options = {
 40
 41    services.firebird = {
 42
 43      enable = mkOption {
 44        default = false;
 45        description = ''
 46          Whether to enable the Firebird super server.
 47        '';
 48      };
 49
 50      package = mkOption {
 51        default = pkgs.firebirdSuper;
 52        defaultText = "pkgs.firebirdSuper";
 53        type = types.package;
 54        /*
 55          Example: <code>package = pkgs.firebirdSuper.override { icu =
 56            pkgs.icu; };</code> which is not recommended for compatibility
 57            reasons. See comments at the firebirdSuper derivation
 58        */
 59
 60        description = ''
 61          Which firebird derivation to use.
 62        '';
 63      };
 64
 65      port = mkOption {
 66        default = "3050";
 67        description = ''
 68          Port Firebird uses.
 69        '';
 70      };
 71
 72      user = mkOption {
 73        default = "firebird";
 74        description = ''
 75          User account under which firebird runs.
 76        '';
 77      };
 78
 79      baseDir = mkOption {
 80        default = "/var/db/firebird"; # ubuntu is using /var/lib/firebird/2.1/data/.. ?
 81        description = ''
 82          Location containing data/ and system/ directories.
 83          data/ stores the databases, system/ stores the password database security2.fdb.
 84        '';
 85      };
 86
 87    };
 88
 89  };
 90
 91
 92  ###### implementation
 93
 94  config = mkIf config.services.firebird.enable {
 95
 96    environment.systemPackages = [cfg.package];
 97
 98    systemd.services.firebird =
 99      { description = "Firebird Super-Server";
100
101        wantedBy = [ "multi-user.target" ];
102
103        # TODO: moving security2.fdb into the data directory works, maybe there
104        # is a better way
105        preStart =
106          ''
107            mkdir -m 0700 -p \
108              "${dataDir}" \
109              "${systemDir}" \
110              /var/log/firebird
111
112            if ! test -e "${systemDir}/security2.fdb"; then
113                cp ${firebird}/security2.fdb "${systemDir}"
114            fi
115
116            chown -R ${cfg.user} "${dataDir}" "${systemDir}" /var/log/firebird
117            chmod -R 700         "${dataDir}" "${systemDir}" /var/log/firebird
118          '';
119
120        serviceConfig.PermissionsStartOnly = true; # preStart must be run as root
121        serviceConfig.User = cfg.user;
122        serviceConfig.ExecStart = ''${firebird}/bin/fbserver -d'';
123
124        # TODO think about shutdown
125      };
126
127    environment.etc."firebird/firebird.msg".source = "${firebird}/firebird.msg";
128
129    # think about this again - and eventually make it an option
130    environment.etc."firebird/firebird.conf".text = ''
131      # RootDirectory = Restrict ${dataDir}
132      DatabaseAccess = Restrict ${dataDir}
133      ExternalFileAccess = Restrict ${dataDir}
134      # what is this? is None allowed?
135      UdfAccess = None
136      # "Native" =  traditional interbase/firebird, "mixed" is windows only
137      Authentication = Native
138
139      # defaults to -1 on non Win32
140      #MaxUnflushedWrites = 100
141      #MaxUnflushedWriteTime = 100
142
143      # show trace if trouble occurs (does this require debug build?)
144      # BugcheckAbort = 0
145      # ConnectionTimeout = 180
146
147      #RemoteServiceName = gds_db
148      RemoteServicePort = ${cfg.port}
149
150      # randomly choose port for server Event Notification
151      #RemoteAuxPort = 0
152      # rsetrict connections to a network card:
153      #RemoteBindAddress =
154      # there are some additional settings which should be reviewed
155    '';
156
157    users.extraUsers.firebird = {
158      description = "Firebird server user";
159      group = "firebird";
160      uid = config.ids.uids.firebird;
161    };
162
163    users.extraGroups.firebird.gid = config.ids.gids.firebird;
164
165  };
166}