m 3 rtorrent: mkIf, recursiveUpdate and multiple changes in systemd.services and nginx config do not work well together it seems

This commit is contained in:
makefu 2016-08-24 00:14:43 +02:00
parent 7110552e30
commit 5231d21dfb
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225

View File

@ -8,8 +8,11 @@ let
nginx-user = config.services.nginx.user; nginx-user = config.services.nginx.user;
nginx-group = config.services.nginx.group; nginx-group = config.services.nginx.group;
fpm-socket = "/var/run/php5-fpm-rutorrent.sock";
webdir = rucfg.webdir;
rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++ rutorrent-deps = with pkgs; [ curl php coreutils procps ffmpeg mediainfo ] ++
(if config.nixpkgs.config.allowUnfree then (if (config.nixpkgs.config.allowUnfree or false) then
trace "enabling unfree packages for rutorrent" [ unrar unzip ] else trace "enabling unfree packages for rutorrent" [ unrar unzip ] else
trace "not enabling unfree packages for rutorrent because allowUnfree is unset" []) trace "not enabling unfree packages for rutorrent because allowUnfree is unset" [])
; ;
@ -34,7 +37,6 @@ let
echo "replacing scgi port and host variable in conf/config.php" echo "replacing scgi port and host variable in conf/config.php"
''; '';
}; };
fpm-socket = "/var/run/php5-fpm.sock";
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log"; systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
configFile = pkgs.writeText "rtorrent-config" '' configFile = pkgs.writeText "rtorrent-config" ''
# THIS FILE IS AUTOGENERATED # THIS FILE IS AUTOGENERATED
@ -73,9 +75,12 @@ let
out = { out = {
options.makefu.rtorrent = api; options.makefu.rtorrent = api;
config = lib.recursiveUpdate (lib.mkIf cfg.enable imp) # This only works because none of the attrsets returns the same key
( lib.recursiveUpdate (lib.mkIf cfg.web.enable rpcweb-imp) config = with lib; mkIf cfg.enable (lib.mkMerge [
(lib.mkIf cfg.rutorrent.enable rutorrent-imp)); (lib.mkIf webcfg.enable rpcweb-imp)
(lib.mkIf rucfg.enable rutorrent-imp)
imp
]);
}; };
api = { api = {
@ -91,7 +96,7 @@ let
description ='' description =''
nginx listen address for rtorrent web nginx listen address for rtorrent web
''; '';
default = "localhost:8005"; default = "localhost:8006";
}; };
enableAuth = mkEnableOption "rutorrent authentication"; enableAuth = mkEnableOption "rutorrent authentication";
@ -225,38 +230,62 @@ let
}; };
imp = { imp = {
systemd.services.rtorrent-daemon = { systemd.services = {
description = "rtorrent headless"; rtorrent-daemon = {
after = [ "network.target" ]; description = "rtorrent headless";
wantedBy = [ "multi-user.target" ]; after = [ "network.target" ];
restartIfChanged = true; wantedBy = [ "multi-user.target" ];
serviceConfig = { restartIfChanged = true;
Type = "forking"; serviceConfig = {
ExecStartPre = pkgs.writeDash "prepare-folder" '' Type = "forking";
mkdir -p ${cfg.workDir} ${cfg.sessionDir} ExecStartPre = pkgs.writeDash "prepare-folder" ''
touch ${systemd-logfile} mkdir -p ${cfg.workDir} ${cfg.sessionDir}
cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc chmod 770 ${cfg.workDir} ${cfg.sessionDir}
''; touch ${systemd-logfile}
ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'"; cp -f ${configFile} ${cfg.workDir}/.rtorrent.rc
'';
ExecStart = "${pkgs.tmux.bin}/bin/tmux new-session -s rt -n rtorrent -d 'PATH=/bin:/usr/bin:${makeBinPath rutorrent-deps} ${cfg.package}/bin/rtorrent'";
# PrivateTmp = true; # PrivateTmp = true;
## now you can simply sudo -u rtorrent tmux a ## now you can simply sudo -u rtorrent tmux a
## otherwise the tmux session is stored in some private folder in /tmp ## otherwise the tmux session is stored in some private folder in /tmp
WorkingDirectory = cfg.workDir; WorkingDirectory = cfg.workDir;
Restart = "on-failure"; Restart = "on-failure";
User = "${cfg.user}"; User = "${cfg.user}";
};
}; };
rtorrent-log = {
}; after = [ "rtorrent-daemon.service" ];
systemd.services.rtorrent-log = { bindsTo = [ "rtorrent-daemon.service" ];
after = [ "rtorrent-daemon.service" ]; wantedBy = [ "rtorrent-daemon.service" ];
bindsTo = [ "rtorrent-daemon.service" ]; serviceConfig = {
wantedBy = [ "rtorrent-daemon.service" ]; ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}";
serviceConfig = { User = "${cfg.user}";
ExecStart = "${pkgs.coreutils}/bin/tail -f ${systemd-logfile}"; };
User = "${cfg.user}";
}; };
}; } // (optionalAttrs webcfg.enable {
rutorrent-prepare = {
after = [ "rtorrent-daemon.service" ];
bindsTo = [ "rtorrent-daemon.service" ];
wantedBy = [ "rtorrent-daemon.service" ];
serviceConfig = {
Type = "oneshot";
# we create the folder and set the permissions to allow nginx
# TODO: update files if the version of rutorrent changed
ExecStart = pkgs.writeDash "create-webconfig-dir" ''
if [ ! -e ${webdir} ];then
echo "creating webconfiguration directory for rutorrent: ${webdir}"
cp -r ${rucfg.package} ${webdir}
chown -R ${cfg.user}:${nginx-group} ${webdir}
chmod -R 770 ${webdir}
else
echo "not overwriting ${webdir}"
fi
'';
};
};
})
// (optionalAttrs rucfg.enable { });
users = lib.mkIf (cfg.user == "rtorrent") { users = lib.mkIf (cfg.user == "rtorrent") {
users.rtorrent = { users.rtorrent = {
@ -264,6 +293,7 @@ let
home = cfg.workDir; home = cfg.workDir;
group = nginx-group; group = nginx-group;
shell = "/bin/sh"; #required for tmux shell = "/bin/sh"; #required for tmux
isSystemUser = true;
createHome = true; createHome = true;
}; };
groups.rtorrent.gid = genid "rtorrent"; groups.rtorrent.gid = genid "rtorrent";
@ -280,6 +310,9 @@ let
auth_basic "rtorrent"; auth_basic "rtorrent";
auth_basic_user_file ${webcfg.authfile}; auth_basic_user_file ${webcfg.authfile};
''} ''}
${optionalString rucfg.enable ''
root ${webdir};
''}
''; '';
locations = [ locations = [
(nameValuePair "/RPC2" '' (nameValuePair "/RPC2" ''
@ -287,39 +320,7 @@ let
scgi_param SCRIPT_NAME /RPC2; scgi_param SCRIPT_NAME /RPC2;
scgi_pass unix:${cfg.xmlrpc-socket}; scgi_pass unix:${cfg.xmlrpc-socket};
'') '')
]; ] ++ (optional rucfg.enable
};
};
rutorrent-imp = let
webdir = rucfg.webdir;
in {
systemd.services.rutorrent-prepare = {
after = [ "rtorrent-daemon.service" ];
bindsTo = [ "rtorrent-daemon.service" ];
wantedBy = [ "rtorrent-daemon.service" ];
serviceConfig = {
Type = "oneshot";
# we create the folder and set the permissions to allow nginx
# TODO: update files if the version of rutorrent changed
ExecStart = pkgs.writeDash "create-webconfig-dir" ''
if [ ! -e ${webdir} ];then
echo "creating webconfiguration directory for rutorrent: ${webdir}"
cp -r ${rucfg.package} ${webdir}
chown -R ${cfg.user}:${nginx-group} ${webdir}
chmod -R 770 ${webdir}
else
echo "not overwriting ${webdir}"
fi
'';
};
};
krebs.nginx.servers.rtorrent = {
extraConfig = ''
root ${webdir};
'';
locations = [
(nameValuePair "~ \.php$" '' (nameValuePair "~ \.php$" ''
client_max_body_size 200M; client_max_body_size 200M;
root ${webdir}; root ${webdir};
@ -330,22 +331,20 @@ let
include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf; include ${pkgs.nginx}/conf/fastcgi.conf;
'') '')
);
];
}; };
};
rutorrent-imp = {
services.phpfpm = { services.phpfpm = {
# phpfpm does not have an enable option # phpfpm does not have an enable option
poolConfigs = let poolConfigs = {
user = config.services.nginx.user;
group = config.services.nginx.group;
fpm-socket = "/var/run/php5-fpm.sock";
in {
rutorrent = '' rutorrent = ''
user = ${user} user = ${nginx-user}
group = ${group} group = ${nginx-group}
listen = ${fpm-socket} listen = ${fpm-socket}
listen.owner = ${user} listen.owner = ${nginx-user}
listen.group = ${group} listen.group = ${nginx-group}
pm = dynamic pm = dynamic
pm.max_children = 5 pm.max_children = 5
pm.start_servers = 2 pm.start_servers = 2
@ -356,7 +355,6 @@ let
php_admin_value[error_log] = 'stderr' php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on php_admin_flag[log_errors] = on
catch_workers_output = yes catch_workers_output = yes
env[PATH] = ${makeBinPath rutorrent-deps}
''; '';
}; };
}; };