gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/locate: drop with lib{,.types}, misc cleanup

Browse Source
This commit is contained in:
Sandro Jäckel
2024-06-11 00:11:43 +02:00
parent dec5ef74b0
commit 8e66b653e8
1 changed files with 78 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

158
nixos/modules/misc/locate.nix
View File

@@ -1,24 +1,22 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
cfg = config.services.locate; cfg = config.services.locate;
isMLocate = hasPrefix "mlocate" cfg.package.name; isMLocate = lib.hasPrefix "mlocate" cfg.package.name;
isPLocate = hasPrefix "plocate" cfg.package.name; isPLocate = lib.hasPrefix "plocate" cfg.package.name;
isMorPLocate = isMLocate || isPLocate; isMorPLocate = isMLocate || isPLocate;
isFindutils = hasPrefix "findutils" cfg.package.name; isFindutils = lib.hasPrefix "findutils" cfg.package.name;
in in
{ {
imports = [ imports = [
(mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ]) (lib.mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ])
(mkRenamedOptionModule [ "services" "locate" "locate" ] [ "services" "locate" "package" ]) (lib.mkRenamedOptionModule [ "services" "locate" "locate" ] [ "services" "locate" "package" ])
(mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths") (lib.mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths")
]; ];
options.services.locate = with types; { options.services.locate = {
enable = mkOption { enable = lib.mkOption {
type = bool; type = lib.types.bool;
default = false; default = false;
description = '' description = ''
If enabled, NixOS will periodically update the database of If enabled, NixOS will periodically update the database of
@@ -26,12 +24,12 @@ in
''; '';
}; };
package = mkPackageOption pkgs [ "findutils" "locate" ] { package = lib.mkPackageOption pkgs [ "findutils" "locate" ] {
example = "mlocate"; example = "mlocate";
}; };
interval = mkOption { interval = lib.mkOption {
type = str; type = lib.types.str;
default = "02:15"; default = "02:15";
example = "hourly"; example = "hourly";
description = '' description = ''
@@ -46,24 +44,24 @@ in
''; '';
}; };
extraFlags = mkOption { extraFlags = lib.mkOption {
type = listOf str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [ ];
description = '' description = ''
Extra flags to pass to {command}`updatedb`. Extra flags to pass to {command}`updatedb`.
''; '';
}; };
output = mkOption { output = lib.mkOption {
type = path; type = lib.types.path;
default = "/var/cache/locatedb"; default = "/var/cache/locatedb";
description = '' description = ''
The database file to build. The database file to build.
''; '';
}; };
localuser = mkOption { localuser = lib.mkOption {
type = nullOr str; type = lib.types.nullOr lib.types.str;
default = "nobody"; default = "nobody";
description = '' description = ''
The user to search non-network directories as, using The user to search non-network directories as, using
@@ -71,8 +69,8 @@ in
''; '';
}; };
pruneFS = mkOption { pruneFS = lib.mkOption {
type = listOf str; type = lib.types.listOf lib.types.str;
default = [ default = [
"afs" "afs"
"anon_inodefs" "anon_inodefs"
@@ -158,8 +156,8 @@ in
''; '';
}; };
prunePaths = mkOption { prunePaths = lib.mkOption {
type = listOf path; type = lib.types.listOf lib.types.path;
default = [ default = [
"/tmp" "/tmp"
"/var/tmp" "/var/tmp"
@@ -175,10 +173,10 @@ in
''; '';
}; };
pruneNames = mkOption { pruneNames = lib.mkOption {
type = listOf str; type = lib.types.listOf lib.types.str;
default = lib.optionals (!isFindutils) [ ".bzr" ".cache" ".git" ".hg" ".svn" ]; default = lib.optionals (!isFindutils) [ ".bzr" ".cache" ".git" ".hg" ".svn" ];
defaultText = literalMD '' defaultText = lib.literalMD ''
`[ ".bzr" ".cache" ".git" ".hg" ".svn" ]`, if `[ ".bzr" ".cache" ".git" ".hg" ".svn" ]`, if
supported by the locate implementation (i.e. mlocate or plocate). supported by the locate implementation (i.e. mlocate or plocate).
''; '';
@@ -187,8 +185,8 @@ in
''; '';
}; };
pruneBindMounts = mkOption { pruneBindMounts = lib.mkOption {
type = bool; type = lib.types.bool;
default = false; default = false;
description = '' description = ''
Whether not to index bind mounts Whether not to index bind mounts
@@ -197,10 +195,10 @@ in
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.groups = mkMerge [ users.groups = lib.mkMerge [
(mkIf isMLocate { mlocate = { }; }) (lib.mkIf isMLocate { mlocate = { }; })
(mkIf isPLocate { plocate = { }; }) (lib.mkIf isPLocate { plocate = { }; })
]; ];
security.wrappers = security.wrappers =
@@ -211,48 +209,46 @@ in
setgid = true; setgid = true;
setuid = false; setuid = false;
}; };
mlocate = mkIf isMLocate { mlocate = lib.mkIf isMLocate {
group = "mlocate"; group = "mlocate";
source = "${cfg.package}/bin/locate"; source = "${cfg.package}/bin/locate";
}; };
plocate = mkIf isPLocate { plocate = lib.mkIf isPLocate {
group = "plocate"; group = "plocate";
source = "${cfg.package}/bin/plocate"; source = "${cfg.package}/bin/plocate";
}; };
in in
mkIf isMorPLocate { lib.mkIf isMorPLocate {
locate = mkMerge [ common mlocate plocate ]; locate = lib.mkMerge [ common mlocate plocate ];
plocate = mkIf isPLocate (mkMerge [ common plocate ]); plocate = lib.mkIf isPLocate (lib.mkMerge [ common plocate ]);
}; };
environment.systemPackages = [ cfg.package ]; environment = {
environment.variables = lib.mkIf isFindutils {
LOCATE_PATH = cfg.output;
};
environment.etc = {
# write /etc/updatedb.conf for manual calls to `updatedb` # write /etc/updatedb.conf for manual calls to `updatedb`
"updatedb.conf" = { etc."updatedb.conf".text = ''
text = '' PRUNEFS="${lib.concatStringsSep " " cfg.pruneFS}"
PRUNEFS="${lib.concatStringsSep " " cfg.pruneFS}" PRUNENAMES="${lib.concatStringsSep " " cfg.pruneNames}"
PRUNENAMES="${lib.concatStringsSep " " cfg.pruneNames}" PRUNEPATHS="${lib.concatStringsSep " " cfg.prunePaths}"
PRUNEPATHS="${lib.concatStringsSep " " cfg.prunePaths}" PRUNE_BIND_MOUNTS="${if cfg.pruneBindMounts then "yes" else "no"}"
PRUNE_BIND_MOUNTS="${if cfg.pruneBindMounts then "yes" else "no"}" '';
'';
systemPackages = [ cfg.package ];
variables = lib.mkIf isFindutils {
LOCATE_PATH = cfg.output;
}; };
}; };
warnings = optional (isMorPLocate && cfg.localuser != null) warnings = lib.optional (isMorPLocate && cfg.localuser != null)
"mlocate and plocate do not support the services.locate.localuser option. updatedb will run as root. Silence this warning by setting services.locate.localuser = null." "mlocate and plocate do not support the services.locate.localuser option. updatedb will run as root. Silence this warning by setting services.locate.localuser = null."
++ optional (isFindutils && cfg.pruneNames != [ ]) ++ lib.optional (isFindutils && cfg.pruneNames != [ ])
"findutils locate does not support pruning by directory component" "findutils locate does not support pruning by directory component"
++ optional (isFindutils && cfg.pruneBindMounts) ++ lib.optional (isFindutils && cfg.pruneBindMounts)
"findutils locate does not support skipping bind mounts"; "findutils locate does not support skipping bind mounts";
systemd.services.update-locatedb = { systemd.services.update-locatedb = {
description = "Update Locate Database"; description = "Update Locate Database";
path = mkIf (!isMorPLocate) [ pkgs.su ]; path = lib.mkIf (!isMorPLocate) [ pkgs.su ];
# mlocate's updatedb takes flags via a configuration file or # mlocate's updatedb takes flags via a configuration file or
# on the command line, but not by environment variable. # on the command line, but not by environment variable.
@@ -260,42 +256,44 @@ in
if isMorPLocate then if isMorPLocate then
let let
toFlags = x: toFlags = x:
optional (cfg.${x} != [ ]) lib.optional (cfg.${x} != [ ])
"--${lib.toLower x} '${concatStringsSep " " cfg.${x}}'"; "--${lib.toLower x} '${lib.concatStringsSep " " cfg.${x}}'";
args = concatLists (map toFlags [ "pruneFS" "pruneNames" "prunePaths" ]); args = lib.concatLists (map toFlags [ "pruneFS" "pruneNames" "prunePaths" ]);
in in
'' ''
exec ${cfg.package}/bin/updatedb \ exec ${cfg.package}/bin/updatedb \
--output ${toString cfg.output} ${concatStringsSep " " args} \ --output ${toString cfg.output} ${lib.concatStringsSep " " args} \
--prune-bind-mounts ${if cfg.pruneBindMounts then "yes" else "no"} \ --prune-bind-mounts ${if cfg.pruneBindMounts then "yes" else "no"} \
${concatStringsSep " " cfg.extraFlags} ${lib.concatStringsSep " " cfg.extraFlags}
'' ''
else '' else ''
exec ${cfg.package}/bin/updatedb \ exec ${cfg.package}/bin/updatedb \
${optionalString (cfg.localuser != null && !isMorPLocate) "--localuser=${cfg.localuser}"} \ ${lib.optionalString (cfg.localuser != null && !isMorPLocate) "--localuser=${cfg.localuser}"} \
--output=${toString cfg.output} ${concatStringsSep " " cfg.extraFlags} --output=${toString cfg.output} ${lib.concatStringsSep " " cfg.extraFlags}
''; '';
environment = optionalAttrs (!isMorPLocate) { environment = lib.optionalAttrs (!isMorPLocate) {
PRUNEFS = concatStringsSep " " cfg.pruneFS; PRUNEFS = lib.concatStringsSep " " cfg.pruneFS;
PRUNEPATHS = concatStringsSep " " cfg.prunePaths; PRUNEPATHS = lib.concatStringsSep " " cfg.prunePaths;
PRUNENAMES = concatStringsSep " " cfg.pruneNames; PRUNENAMES = lib.concatStringsSep " " cfg.pruneNames;
PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no"; PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no";
}; };
serviceConfig.Nice = 19; serviceConfig = {
serviceConfig.IOSchedulingClass = "idle"; Nice = 19;
serviceConfig.PrivateTmp = "yes"; IOSchedulingClass = "idle";
serviceConfig.PrivateNetwork = "yes"; PrivateTmp = "yes";
serviceConfig.NoNewPrivileges = "yes"; PrivateNetwork = "yes";
serviceConfig.ReadOnlyPaths = "/"; NoNewPrivileges = "yes";
# Use dirOf cfg.output because mlocate creates temporary files next to ReadOnlyPaths = "/";
# the actual database. We could specify and create them as well, # Use dirOf cfg.output because mlocate creates temporary files next to
# but that would make this quite brittle when they change something. # the actual database. We could specify and create them as well,
# NOTE: If /var/cache does not exist, this leads to the misleading error message: # but that would make this quite brittle when they change something.
# update-locatedb.service: Failed at step NAMESPACE spawning …/update-locatedb-start: No such file or directory # NOTE: If /var/cache does not exist, this leads to the misleading error message:
serviceConfig.ReadWritePaths = dirOf cfg.output; # update-locatedb.service: Failed at step NAMESPACE spawning …/update-locatedb-start: No such file or directory
ReadWritePaths = dirOf cfg.output;
};
}; };
systemd.timers.update-locatedb = mkIf (cfg.interval != "never") { systemd.timers.update-locatedb = lib.mkIf (cfg.interval != "never") {
description = "Update timer for locate database"; description = "Update timer for locate database";
partOf = [ "update-locatedb.service" ]; partOf = [ "update-locatedb.service" ];
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];