From dee97b8b44d549fba19b14d351b1492cb6714152 Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 25 Aug 2020 11:27:30 -0400 Subject: [PATCH 1/3] nixos/redmine: replace extraConfig option with settings option --- nixos/modules/services/misc/redmine.nix | 61 ++++++++++++++----------- 1 file changed, 35 insertions(+), 26 deletions(-) diff --git a/nixos/modules/services/misc/redmine.nix b/nixos/modules/services/misc/redmine.nix index 0e71cf925692..f1415ea3f8f7 100644 --- a/nixos/modules/services/misc/redmine.nix +++ b/nixos/modules/services/misc/redmine.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: let - inherit (lib) mkDefault mkEnableOption mkIf mkOption types; + inherit (lib) mkDefault mkEnableOption mkIf mkOption mkRemovedOptionModule types; inherit (lib) concatStringsSep literalExample mapAttrsToList; - inherit (lib) optional optionalAttrs optionalString singleton versionAtLeast; + inherit (lib) optional optionalAttrs optionalString; cfg = config.services.redmine; - + format = pkgs.formats.yaml {}; bundle = "${cfg.package}/share/redmine/bin/bundle"; databaseYml = pkgs.writeText "database.yml" '' @@ -20,17 +20,7 @@ let ${optionalString (cfg.database.type == "mysql2" && cfg.database.socket != null) "socket: ${cfg.database.socket}"} ''; - configurationYml = pkgs.writeText "configuration.yml" '' - default: - scm_subversion_command: ${pkgs.subversion}/bin/svn - scm_mercurial_command: ${pkgs.mercurial}/bin/hg - scm_git_command: ${pkgs.gitAndTools.git}/bin/git - scm_cvs_command: ${pkgs.cvs}/bin/cvs - scm_bazaar_command: ${pkgs.breezy}/bin/bzr - scm_darcs_command: ${pkgs.darcs}/bin/darcs - - ${cfg.extraConfig} - ''; + configurationYml = format.generate "configuration.yml" cfg.settings; additionalEnvironment = pkgs.writeText "additional_environment.rb" '' config.logger = Logger.new("${cfg.stateDir}/log/production.log", 14, 1048576) @@ -56,8 +46,12 @@ let pgsqlLocal = cfg.database.createLocally && cfg.database.type == "postgresql"; in - { + imports = [ + (mkRemovedOptionModule [ "services" "redmine" "extraConfig" ] "Use services.redmine.settings instead.") + ]; + + # interface options = { services.redmine = { enable = mkEnableOption "Redmine"; @@ -93,21 +87,24 @@ in description = "The state directory, logs and plugins are stored here."; }; - extraConfig = mkOption { - type = types.lines; - default = ""; + settings = mkOption { + type = format.type; + default = {}; description = '' - Extra configuration in configuration.yml. - - See + Redmine configuration (configuration.yml). Refer to + for details. ''; example = literalExample '' - email_delivery: - delivery_method: smtp - smtp_settings: - address: mail.example.com - port: 25 + { + email_delivery = { + delivery_method = "smtp"; + smtp_settings = { + address = "mail.example.com"; + port = 25; + }; + }; + } ''; }; @@ -226,6 +223,7 @@ in }; }; + # implementation config = mkIf cfg.enable { assertions = [ @@ -243,6 +241,17 @@ in } ]; + services.redmine.settings = { + production = { + scm_subversion_command = "${pkgs.subversion}/bin/svn"; + scm_mercurial_command = "${pkgs.mercurial}/bin/hg"; + scm_git_command = "${pkgs.gitAndTools.git}/bin/git"; + scm_cvs_command = "${pkgs.cvs}/bin/cvs"; + scm_bazaar_command = "${pkgs.breezy}/bin/bzr"; + scm_darcs_command = "${pkgs.darcs}/bin/darcs"; + }; + }; + services.mysql = mkIf mysqlLocal { enable = true; package = mkDefault pkgs.mariadb; From 6cf743e52df90e0ddf520455b927f3138d71d85f Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 25 Aug 2020 11:33:25 -0400 Subject: [PATCH 2/3] nixos/redmine: allow user to override contents of additional_environment.rb --- nixos/modules/services/misc/redmine.nix | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/nixos/modules/services/misc/redmine.nix b/nixos/modules/services/misc/redmine.nix index f1415ea3f8f7..4e005f73da37 100644 --- a/nixos/modules/services/misc/redmine.nix +++ b/nixos/modules/services/misc/redmine.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (lib) mkDefault mkEnableOption mkIf mkOption mkRemovedOptionModule types; + inherit (lib) mkBefore mkDefault mkEnableOption mkIf mkOption mkRemovedOptionModule types; inherit (lib) concatStringsSep literalExample mapAttrsToList; inherit (lib) optional optionalAttrs optionalString; @@ -21,13 +21,7 @@ let ''; configurationYml = format.generate "configuration.yml" cfg.settings; - - additionalEnvironment = pkgs.writeText "additional_environment.rb" '' - config.logger = Logger.new("${cfg.stateDir}/log/production.log", 14, 1048576) - config.logger.level = Logger::INFO - - ${cfg.extraEnv} - ''; + additionalEnvironment = pkgs.writeText "additional_environment.rb" cfg.extraEnv; unpackTheme = unpack "theme"; unpackPlugin = unpack "plugin"; @@ -252,6 +246,11 @@ in }; }; + services.redmine.extraEnv = mkBefore '' + config.logger = Logger.new("${cfg.stateDir}/log/production.log", 14, 1048576) + config.logger.level = Logger::INFO + ''; + services.mysql = mkIf mysqlLocal { enable = true; package = mkDefault pkgs.mariadb; From a7c69047dfc86a33d2207a74591ac8ee3fb8b0fc Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 25 Aug 2020 11:55:06 -0400 Subject: [PATCH 3/3] nixos/redmine: remove database.password option --- nixos/modules/services/misc/redmine.nix | 28 ++++--------------------- 1 file changed, 4 insertions(+), 24 deletions(-) diff --git a/nixos/modules/services/misc/redmine.nix b/nixos/modules/services/misc/redmine.nix index 4e005f73da37..1313bdaccc49 100644 --- a/nixos/modules/services/misc/redmine.nix +++ b/nixos/modules/services/misc/redmine.nix @@ -43,6 +43,7 @@ in { imports = [ (mkRemovedOptionModule [ "services" "redmine" "extraConfig" ] "Use services.redmine.settings instead.") + (mkRemovedOptionModule [ "services" "redmine" "database" "password" ] "Use services.redmine.database.passwordFile instead.") ]; # interface @@ -177,16 +178,6 @@ in description = "Database user."; }; - password = mkOption { - type = types.str; - default = ""; - description = '' - The password corresponding to . - Warning: this is stored in cleartext in the Nix store! - Use instead. - ''; - }; - passwordFile = mkOption { type = types.nullOr types.path; default = null; @@ -221,8 +212,8 @@ in config = mkIf cfg.enable { assertions = [ - { assertion = cfg.database.passwordFile != null || cfg.database.password != "" || cfg.database.socket != null; - message = "one of services.redmine.database.socket, services.redmine.database.passwordFile, or services.redmine.database.password must be set"; + { assertion = cfg.database.passwordFile != null || cfg.database.socket != null; + message = "one of services.redmine.database.socket or services.redmine.database.passwordFile must be set"; } { assertion = cfg.database.createLocally -> cfg.database.user == cfg.user; message = "services.redmine.database.user must be set to ${cfg.user} if services.redmine.database.createLocally is set true"; @@ -346,7 +337,7 @@ in # handle database.passwordFile & permissions - DBPASS=$(head -n1 ${cfg.database.passwordFile}) + DBPASS=${optionalString (cfg.database.passwordFile != null) "$(head -n1 ${cfg.database.passwordFile})"} cp -f ${databaseYml} "${cfg.stateDir}/config/database.yml" sed -e "s,#dbpass#,$DBPASS,g" -i "${cfg.stateDir}/config/database.yml" chmod 440 "${cfg.stateDir}/config/database.yml" @@ -387,17 +378,6 @@ in redmine.gid = config.ids.gids.redmine; }; - warnings = optional (cfg.database.password != "") - ''config.services.redmine.database.password will be stored as plaintext - in the Nix store. Use database.passwordFile instead.''; - - # Create database passwordFile default when password is configured. - services.redmine.database.passwordFile = - (mkDefault (toString (pkgs.writeTextFile { - name = "redmine-database-password"; - text = cfg.database.password; - }))); - }; }