m 3 rtorrent: mkIf, recursiveUpdate and multiple changes in systemd.services and nginx config do not work well together it seems
This commit is contained in:
parent
7110552e30
commit
5231d21dfb
@ -8,8 +8,11 @@ let
|
|||||||
|
|
||||||
nginx-user = config.services.nginx.user;
|
nginx-user = config.services.nginx.user;
|
||||||
nginx-group = config.services.nginx.group;
|
nginx-group = config.services.nginx.group;
|
||||||
|
fpm-socket = "/var/run/php5-fpm-rutorrent.sock";
|
||||||
|
|
||||||
|
webdir = rucfg.webdir;
|
||||||
rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++
|
rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++
|
||||||
(if config.nixpkgs.config.allowUnfree then
|
(if (config.nixpkgs.config.allowUnfree or false) then
|
||||||
trace "enabling unfree packages for rutorrent" [ unrar unzip ] else
|
trace "enabling unfree packages for rutorrent" [ unrar unzip ] else
|
||||||
trace "not enabling unfree packages for rutorrent because allowUnfree is unset" [])
|
trace "not enabling unfree packages for rutorrent because allowUnfree is unset" [])
|
||||||
;
|
;
|
||||||
@ -34,7 +37,6 @@ let
|
|||||||
echo "replacing scgi port and host variable in conf/config.php"
|
echo "replacing scgi port and host variable in conf/config.php"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
fpm-socket = "/var/run/php5-fpm.sock";
|
|
||||||
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
|
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
|
||||||
configFile = pkgs.writeText "rtorrent-config" ''
|
configFile = pkgs.writeText "rtorrent-config" ''
|
||||||
# THIS FILE IS AUTOGENERATED
|
# THIS FILE IS AUTOGENERATED
|
||||||
@ -73,9 +75,12 @@ let
|
|||||||
|
|
||||||
out = {
|
out = {
|
||||||
options.makefu.rtorrent = api;
|
options.makefu.rtorrent = api;
|
||||||
config = lib.recursiveUpdate (lib.mkIf cfg.enable imp)
|
# This only works because none of the attrsets returns the same key
|
||||||
( lib.recursiveUpdate (lib.mkIf cfg.web.enable rpcweb-imp)
|
config = with lib; mkIf cfg.enable (lib.mkMerge [
|
||||||
(lib.mkIf cfg.rutorrent.enable rutorrent-imp));
|
(lib.mkIf webcfg.enable rpcweb-imp)
|
||||||
|
(lib.mkIf rucfg.enable rutorrent-imp)
|
||||||
|
imp
|
||||||
|
]);
|
||||||
};
|
};
|
||||||
|
|
||||||
api = {
|
api = {
|
||||||
@ -91,7 +96,7 @@ let
|
|||||||
description =''
|
description =''
|
||||||
nginx listen address for rtorrent web
|
nginx listen address for rtorrent web
|
||||||
'';
|
'';
|
||||||
default = "localhost:8005";
|
default = "localhost:8006";
|
||||||
};
|
};
|
||||||
|
|
||||||
enableAuth = mkEnableOption "rutorrent authentication";
|
enableAuth = mkEnableOption "rutorrent authentication";
|
||||||
@ -225,38 +230,62 @@ let
|
|||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
systemd.services.rtorrent-daemon = {
|
systemd.services = {
|
||||||
description = "rtorrent headless";
|
rtorrent-daemon = {
|
||||||
after = [ "network.target" ];
|
description = "rtorrent headless";
|
||||||
wantedBy = [ "multi-user.target" ];
|
after = [ "network.target" ];
|
||||||
restartIfChanged = true;
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig = {
|
restartIfChanged = true;
|
||||||
Type = "forking";
|
serviceConfig = {
|
||||||
ExecStartPre = pkgs.writeDash "prepare-folder" ''
|
Type = "forking";
|
||||||
mkdir -p ${cfg.workDir} ${cfg.sessionDir}
|
ExecStartPre = pkgs.writeDash "prepare-folder" ''
|
||||||
touch ${systemd-logfile}
|
mkdir -p ${cfg.workDir} ${cfg.sessionDir}
|
||||||
cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc
|
chmod 770 ${cfg.workDir} ${cfg.sessionDir}
|
||||||
'';
|
touch ${systemd-logfile}
|
||||||
ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'";
|
cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc
|
||||||
|
'';
|
||||||
|
ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'";
|
||||||
|
|
||||||
# PrivateTmp = true;
|
# PrivateTmp = true;
|
||||||
## now you can simply sudo -u rtorrent tmux a
|
## now you can simply sudo -u rtorrent tmux a
|
||||||
## otherwise the tmux session is stored in some private folder in /tmp
|
## otherwise the tmux session is stored in some private folder in /tmp
|
||||||
WorkingDirectory = cfg.workDir;
|
WorkingDirectory = cfg.workDir;
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
User = "${cfg.user}";
|
User = "${cfg.user}";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
rtorrent-log = {
|
||||||
};
|
after = [ "rtorrent-daemon.service" ];
|
||||||
systemd.services.rtorrent-log = {
|
bindsTo = [ "rtorrent-daemon.service" ];
|
||||||
after = [ "rtorrent-daemon.service" ];
|
wantedBy = [ "rtorrent-daemon.service" ];
|
||||||
bindsTo = [ "rtorrent-daemon.service" ];
|
serviceConfig = {
|
||||||
wantedBy = [ "rtorrent-daemon.service" ];
|
ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}";
|
||||||
serviceConfig = {
|
User = "${cfg.user}";
|
||||||
ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}";
|
};
|
||||||
User = "${cfg.user}";
|
|
||||||
};
|
};
|
||||||
};
|
} // (optionalAttrs webcfg.enable {
|
||||||
|
rutorrent-prepare = {
|
||||||
|
after = [ "rtorrent-daemon.service" ];
|
||||||
|
bindsTo = [ "rtorrent-daemon.service" ];
|
||||||
|
wantedBy = [ "rtorrent-daemon.service" ];
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
# we create the folder and set the permissions to allow nginx
|
||||||
|
# TODO: update files if the version of rutorrent changed
|
||||||
|
ExecStart = pkgs.writeDash "create-webconfig-dir" ''
|
||||||
|
if [ ! -e ${webdir} ];then
|
||||||
|
echo "creating webconfiguration directory for rutorrent: ${webdir}"
|
||||||
|
cp -r ${rucfg.package} ${webdir}
|
||||||
|
chown -R ${cfg.user}:${nginx-group} ${webdir}
|
||||||
|
chmod -R 770 ${webdir}
|
||||||
|
else
|
||||||
|
echo "not overwriting ${webdir}"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
// (optionalAttrs rucfg.enable { });
|
||||||
|
|
||||||
users = lib.mkIf (cfg.user == "rtorrent") {
|
users = lib.mkIf (cfg.user == "rtorrent") {
|
||||||
users.rtorrent = {
|
users.rtorrent = {
|
||||||
@ -264,6 +293,7 @@ let
|
|||||||
home = cfg.workDir;
|
home = cfg.workDir;
|
||||||
group = nginx-group;
|
group = nginx-group;
|
||||||
shell = "/bin/sh"; #required for tmux
|
shell = "/bin/sh"; #required for tmux
|
||||||
|
isSystemUser = true;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
};
|
};
|
||||||
groups.rtorrent.gid = genid "rtorrent";
|
groups.rtorrent.gid = genid "rtorrent";
|
||||||
@ -280,6 +310,9 @@ let
|
|||||||
auth_basic "rtorrent";
|
auth_basic "rtorrent";
|
||||||
auth_basic_user_file ${webcfg.authfile};
|
auth_basic_user_file ${webcfg.authfile};
|
||||||
''}
|
''}
|
||||||
|
${optionalString rucfg.enable ''
|
||||||
|
root ${webdir};
|
||||||
|
''}
|
||||||
'';
|
'';
|
||||||
locations = [
|
locations = [
|
||||||
(nameValuePair "/RPC2" ''
|
(nameValuePair "/RPC2" ''
|
||||||
@ -287,39 +320,7 @@ let
|
|||||||
scgi_param SCRIPT_NAME /RPC2;
|
scgi_param SCRIPT_NAME /RPC2;
|
||||||
scgi_pass unix:${cfg.xmlrpc-socket};
|
scgi_pass unix:${cfg.xmlrpc-socket};
|
||||||
'')
|
'')
|
||||||
];
|
] ++ (optional rucfg.enable
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
rutorrent-imp = let
|
|
||||||
webdir = rucfg.webdir;
|
|
||||||
in {
|
|
||||||
systemd.services.rutorrent-prepare = {
|
|
||||||
after = [ "rtorrent-daemon.service" ];
|
|
||||||
bindsTo = [ "rtorrent-daemon.service" ];
|
|
||||||
wantedBy = [ "rtorrent-daemon.service" ];
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
# we create the folder and set the permissions to allow nginx
|
|
||||||
# TODO: update files if the version of rutorrent changed
|
|
||||||
ExecStart = pkgs.writeDash "create-webconfig-dir" ''
|
|
||||||
if [ ! -e ${webdir} ];then
|
|
||||||
echo "creating webconfiguration directory for rutorrent: ${webdir}"
|
|
||||||
cp -r ${rucfg.package} ${webdir}
|
|
||||||
chown -R ${cfg.user}:${nginx-group} ${webdir}
|
|
||||||
chmod -R 770 ${webdir}
|
|
||||||
else
|
|
||||||
echo "not overwriting ${webdir}"
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
krebs.nginx.servers.rtorrent = {
|
|
||||||
extraConfig = ''
|
|
||||||
root ${webdir};
|
|
||||||
'';
|
|
||||||
locations = [
|
|
||||||
|
|
||||||
(nameValuePair "~ \.php$" ''
|
(nameValuePair "~ \.php$" ''
|
||||||
client_max_body_size 200M;
|
client_max_body_size 200M;
|
||||||
root ${webdir};
|
root ${webdir};
|
||||||
@ -330,22 +331,20 @@ let
|
|||||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||||
'')
|
'')
|
||||||
|
);
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
rutorrent-imp = {
|
||||||
services.phpfpm = {
|
services.phpfpm = {
|
||||||
# phpfpm does not have an enable option
|
# phpfpm does not have an enable option
|
||||||
poolConfigs = let
|
poolConfigs = {
|
||||||
user = config.services.nginx.user;
|
|
||||||
group = config.services.nginx.group;
|
|
||||||
fpm-socket = "/var/run/php5-fpm.sock";
|
|
||||||
in {
|
|
||||||
rutorrent = ''
|
rutorrent = ''
|
||||||
user = ${user}
|
user = ${nginx-user}
|
||||||
group = ${group}
|
group = ${nginx-group}
|
||||||
listen = ${fpm-socket}
|
listen = ${fpm-socket}
|
||||||
listen.owner = ${user}
|
listen.owner = ${nginx-user}
|
||||||
listen.group = ${group}
|
listen.group = ${nginx-group}
|
||||||
pm = dynamic
|
pm = dynamic
|
||||||
pm.max_children = 5
|
pm.max_children = 5
|
||||||
pm.start_servers = 2
|
pm.start_servers = 2
|
||||||
@ -356,7 +355,6 @@ let
|
|||||||
php_admin_value[error_log] = 'stderr'
|
php_admin_value[error_log] = 'stderr'
|
||||||
php_admin_flag[log_errors] = on
|
php_admin_flag[log_errors] = on
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
env[PATH] = ${makeBinPath rutorrent-deps}
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user