nixos: rewrite uhub module

* Support for hosting multiple hubs * Using "settings" style configuration * Remove "uhub" user, use DynamicUser * Configuration reloading
2024-11-23 07:23:20 +00:00 · 2021-05-17 13:47:24 +02:00 · 2021-05-17 13:47:24 +02:00 · 0ac49d7c7b
commit 0ac49d7c7b
parent 4f78c88e81
2 changed files with 84 additions and 152 deletions
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@ -178,7 +178,7 @@ in
      radvd = 139;
      zookeeper = 140;
      dnsmasq = 141;
-      uhub = 142;
+      #uhub = 142; # unused
      yandexdisk = 143;
      mxisd = 144; # was once collectd
      consul = 145;
--- a/nixos/modules/services/misc/uhub.nix
+++ b/nixos/modules/services/misc/uhub.nix
@ -3,178 +3,110 @@
 with lib;

 let
-
-  cfg = config.services.uhub;
-
-  uhubPkg = pkgs.uhub.override { tlsSupport = cfg.enableTLS; };
-
-  pluginConfig = ""
-  + optionalString cfg.plugins.authSqlite.enable ''
-    plugin ${uhubPkg.mod_auth_sqlite}/mod_auth_sqlite.so "file=${cfg.plugins.authSqlite.file}"
-  ''
-  + optionalString cfg.plugins.logging.enable ''
-    plugin ${uhubPkg.mod_logging}/mod_logging.so ${if cfg.plugins.logging.syslog then "syslog=true" else "file=${cfg.plugins.logging.file}"}
-  ''
-  + optionalString cfg.plugins.welcome.enable ''
-    plugin ${uhubPkg.mod_welcome}/mod_welcome.so "motd=${pkgs.writeText "motd.txt"  cfg.plugins.welcome.motd} rules=${pkgs.writeText "rules.txt" cfg.plugins.welcome.rules}"
-  ''
-  + optionalString cfg.plugins.history.enable ''
-    plugin ${uhubPkg.mod_chat_history}/mod_chat_history.so "history_max=${toString cfg.plugins.history.max} history_default=${toString cfg.plugins.history.default} history_connect=${toString cfg.plugins.history.connect}"
-  '';
-
-  uhubConfigFile = pkgs.writeText "uhub.conf" ''
-    file_acl=${pkgs.writeText "users.conf" cfg.aclConfig}
-    file_plugins=${pkgs.writeText "plugins.conf" pluginConfig}
-    server_bind_addr=${cfg.address}
-    server_port=${toString cfg.port}
-    ${lib.optionalString cfg.enableTLS "tls_enable=yes"}
-    ${cfg.hubConfig}
-  '';
-
-in
-
-{
+  settingsFormat = {
+    type = with lib.types; attrsOf (oneOf [ bool int str ]);
+    generate = name: attrs:
+      pkgs.writeText name (lib.strings.concatStringsSep "\n"
+        (lib.attrsets.mapAttrsToList
+          (key: value: "${key}=${builtins.toJSON value}") attrs));
+  };
+in {
  options = {

-    services.uhub = {
+    services.uhub = mkOption {
+      default = { };
+      description = "Uhub ADC hub instances";
+      type = types.attrsOf (types.submodule {
+        options = {

-      enable = mkOption {
-        type = types.bool;
-        default = false;
-        description = "Whether to enable the uhub ADC hub.";
-      };
+          enable = mkEnableOption "hub instance" // { default = true; };

-      port = mkOption {
-        type = types.int;
-        default = 1511;
-        description = "TCP port to bind the hub to.";
-      };
-
-      address = mkOption {
-        type = types.str;
-        default = "any";
-        description = "Address to bind the hub to.";
-      };
-
-      enableTLS = mkOption {
-        type = types.bool;
-        default = false;
-        description = "Whether to enable TLS support.";
-      };
-
-      hubConfig = mkOption {
-        type = types.lines;
-        default = "";
-        description = "Contents of uhub configuration file.";
-      };
-
-      aclConfig = mkOption {
-        type = types.lines;
-        default = "";
-        description = "Contents of user ACL configuration file.";
-      };
-
-      plugins = {
-
-        authSqlite = {
-          enable = mkOption {
+          enableTLS = mkOption {
            type = types.bool;
            default = false;
-            description = "Whether to enable the Sqlite authentication database plugin";
+            description = "Whether to enable TLS support.";
          };
-          file = mkOption {
-            type = types.path;
-            example = "/var/db/uhub-users";
-            description = "Path to user database. Use the uhub-passwd utility to create the database and add/remove users.";
-          };
-        };

-        logging = {
-          enable = mkOption {
-            type = types.bool;
-            default = false;
-            description = "Whether to enable the logging plugin.";
-          };
-          file = mkOption {
-            type = types.str;
-            default = "";
-            description = "Path of log file.";
-          };
-          syslog = mkOption {
-            type = types.bool;
-            default = false;
-            description = "If true then the system log is used instead of writing to file.";
-          };
-        };
-
-        welcome = {
-          enable = mkOption {
-            type = types.bool;
-            default = false;
-            description = "Whether to enable the welcome plugin.";
-          };
-          motd = mkOption {
-            default = "";
-            type = types.lines;
+          settings = mkOption {
+            inherit (settingsFormat) type;
            description = ''
-              Welcome message displayed to clients after connecting
-              and with the <literal>!motd</literal> command.
+              Configuration of uhub.
+              See https://www.uhub.org/doc/config.php for a list of options.
            '';
+            default = { };
+            example = {
+              server_bind_addr = "any";
+              server_port = 1511;
+              hub_name = "My Public Hub";
+              hub_description = "Yet another ADC hub";
+              max_users = 150;
+            };
          };
-          rules = mkOption {
-            default = "";
-            type = types.lines;
-            description = ''
-              Rules message, displayed to clients with the <literal>!rules</literal> command.
-            '';
-          };
-        };

-        history = {
-          enable = mkOption {
-            type = types.bool;
-            default = false;
-            description = "Whether to enable the history plugin.";
+          plugins = mkOption {
+            description = "Uhub plugin configuration.";
+            type = with types;
+              listOf (submodule {
+                options = {
+                  plugin = mkOption {
+                    type = path;
+                    example = literalExample
+                      "$${pkgs.uhub}/plugins/mod_auth_sqlite.so";
+                    description = "Path to plugin file.";
+                  };
+                  settings = mkOption {
+                    description = "Settings specific to this plugin.";
+                    type = with types; attrsOf str;
+                    example = { file = "/etc/uhub/users.db"; };
+                  };
+                };
+              });
+            default = [ ];
          };
-          max = mkOption {
-            type = types.int;
-            default = 200;
-            description = "The maximum number of messages to keep in history";
-          };
-          default = mkOption {
-            type = types.int;
-            default = 10;
-            description = "When !history is provided without arguments, then this default number of messages are returned.";
-          };
-          connect = mkOption {
-            type = types.int;
-            default = 5;
-            description = "The number of chat history messages to send when users connect (0 = do not send any history).";
-          };
-        };

-      };
+        };
+      });
    };

  };

-  config = mkIf cfg.enable {
+  config = let
+    hubs = lib.attrsets.filterAttrs (_: cfg: cfg.enable) config.services.uhub;
+  in {

-    users = {
-      users.uhub.uid = config.ids.uids.uhub;
-      groups.uhub.gid = config.ids.gids.uhub;
-    };
+    environment.etc = lib.attrsets.mapAttrs' (name: cfg:
+      let
+        settings' = cfg.settings // {
+          tls_enable = cfg.enableTLS;
+          file_plugins = pkgs.writeText "uhub-plugins.conf"
+            (lib.strings.concatStringsSep "\n" (map ({ plugin, settings }:
+              "plugin ${plugin} ${
+                toString
+                (lib.attrsets.mapAttrsToList (key: value: ''"${key}=${value}"'')
+                  settings)
+              }") cfg.plugins));
+        };
+      in {
+        name = "uhub/${name}.conf";
+        value.source = settingsFormat.generate "uhub-${name}.conf" settings';
+      }) hubs;

-    systemd.services.uhub = {
-      description = "high performance peer-to-peer hub for the ADC network";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
-      serviceConfig = {
-        Type = "notify";
-        ExecStart  = "${uhubPkg}/bin/uhub -c ${uhubConfigFile} -u uhub -g uhub -L";
-        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+    systemd.services = lib.attrsets.mapAttrs' (name: cfg: {
+      name = "uhub-${name}";
+      value = let pkg = pkgs.uhub.override { tlsSupport = cfg.enableTLS; };
+      in {
+        description = "high performance peer-to-peer hub for the ADC network";
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        reloadIfChanged = true;
+        serviceConfig = {
+          Type = "notify";
+          ExecStart = "${pkg}/bin/uhub -c /etc/uhub/${name}.conf -L";
+          ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
+          DynamicUser = true;
+        };
      };
-    };
+    }) hubs;
  };

 }