nixos/static-web-server: create module which uses upstream systemd units

lol

This commit creates a nixos module for static-web-server.
The module uses upstream systemd units to start static-web-server.
It also includes options for configuring static-web-server.

Mac Chaffee 2 years ago 61cb4170 b520edce

+110 -1

5 changed files

expand all

nixos

modules

module-list.nix

services

web-servers

static-web-server.nix

tests

all-tests.nix

web-servers

static-web-server.nix

pkgs

servers

static-web-server

default.nix

nixos/modules/module-list.nix

··· 1282 1282 ./services/web-servers/pomerium.nix 1283 1283 ./services/web-servers/rustus.nix 1284 1284 ./services/web-servers/stargazer.nix 1285 + ./services/web-servers/static-web-server.nix 1285 1286 ./services/web-servers/tomcat.nix 1286 1287 ./services/web-servers/traefik.nix 1287 1288 ./services/web-servers/trafficserver/default.nix

+68

nixos/modules/services/web-servers/static-web-server.nix

··· 1 + { config, lib, pkgs, ... }: 2 + 3 + let 4 + cfg = config.services.static-web-server; 5 + toml = pkgs.formats.toml {}; 6 + configFilePath = toml.generate "config.toml" cfg.configuration; 7 + in { 8 + options = { 9 + services.static-web-server = { 10 + enable = lib.mkEnableOption (lib.mdDoc ''Static Web Server''); 11 + listen = lib.mkOption { 12 + default = "[::]:8787"; 13 + type = lib.types.str; 14 + description = lib.mdDoc '' 15 + The "ListenStream" used in static-web-server.socket. 16 + This is equivalent to SWS's "host" and "port" options. 17 + See here for specific syntax: <https://www.freedesktop.org/software/systemd/man/systemd.socket.html#ListenStream=> 18 + ''; 19 + }; 20 + root = lib.mkOption { 21 + type = lib.types.path; 22 + description = lib.mdDoc '' 23 + The location of files for SWS to serve. Equivalent to SWS's "root" config value. 24 + NOTE: This folder must exist before starting SWS. 25 + ''; 26 + }; 27 + configuration = lib.mkOption { 28 + default = { }; 29 + type = toml.type; 30 + example = { 31 + general = { log-level = "error"; directory-listing = true; }; 32 + }; 33 + description = lib.mdDoc '' 34 + Configuration for Static Web Server. See 35 + <https://static-web-server.net/configuration/config-file/>. 36 + NOTE: Don't set "host", "port", or "root" here. They will be ignored. 37 + Use the top-level "listen" and "root" options instead. 38 + ''; 39 + }; 40 + }; 41 + }; 42 + 43 + config = lib.mkIf cfg.enable { 44 + environment.systemPackages = [ pkgs.static-web-server ]; 45 + systemd.packages = [ pkgs.static-web-server ]; 46 + # Have to set wantedBy since systemd.packages ignores the "Install" section 47 + systemd.sockets.static-web-server = { 48 + wantedBy = [ "sockets.target" ]; 49 + # Start with empty string to reset upstream option 50 + listenStreams = [ "" cfg.listen ]; 51 + }; 52 + systemd.services.static-web-server = { 53 + wantedBy = [ "multi-user.target" ]; 54 + serviceConfig = { 55 + # Remove upstream sample environment file; use config.toml exclusively 56 + EnvironmentFile = [ "" ]; 57 + ExecStart = [ "" "${pkgs.static-web-server}/bin/static-web-server --fd 0 --config-file ${configFilePath} --root ${cfg.root}" ]; 58 + # Supplementary groups doesn't work unless we create the group ourselves 59 + SupplementaryGroups = [ "" ]; 60 + # If the user is serving files from their home dir, override ProtectHome to allow that 61 + ProtectHome = if lib.hasPrefix "/home" cfg.root then "tmpfs" else "true"; 62 + BindReadOnlyPaths = cfg.root; 63 + }; 64 + }; 65 + }; 66 + 67 + meta.maintainers = with lib.maintainers; [ mac-chaffee ]; 68 + }

nixos/tests/all-tests.nix

··· 709 709 sssd-ldap = handleTestOn ["x86_64-linux"] ./sssd-ldap.nix {}; 710 710 stargazer = runTest ./web-servers/stargazer.nix; 711 711 starship = handleTest ./starship.nix {}; 712 + static-web-server = handleTest ./web-servers/static-web-server.nix {}; 712 713 step-ca = handleTestOn ["x86_64-linux"] ./step-ca.nix {}; 713 714 stratis = handleTest ./stratis {}; 714 715 strongswan-swanctl = handleTest ./strongswan-swanctl.nix {};

+32

nixos/tests/web-servers/static-web-server.nix

··· 1 + import ../make-test-python.nix ({ pkgs, lib, ... } : { 2 + name = "static-web-server"; 3 + meta = { 4 + maintainers = with lib.maintainers; [ mac-chaffee ]; 5 + }; 6 + 7 + nodes.machine = { pkgs, ... }: { 8 + services.static-web-server = { 9 + enable = true; 10 + listen = "[::]:8080"; 11 + root = toString (pkgs.writeTextDir "nixos-test.html" '' 12 + <h1>Hello NixOS!</h1> 13 + ''); 14 + configuration = { 15 + general = { directory-listing = true; }; 16 + }; 17 + }; 18 + }; 19 + 20 + testScript = '' 21 + machine.start() 22 + machine.wait_for_unit("static-web-server.socket") 23 + machine.wait_for_open_port(8080) 24 + # We don't use wait_until_succeeds() because we're testing socket 25 + # activation which better work on the first request 26 + response = machine.succeed("curl -fsS localhost:8080") 27 + assert "nixos-test.html" in response, "The directory listing page did not include a link to our nixos-test.html file" 28 + response = machine.succeed("curl -fsS localhost:8080/nixos-test.html") 29 + assert "Hello NixOS!" in response 30 + machine.wait_for_unit("static-web-server.service") 31 + ''; 32 + })

+8 -1

pkgs/servers/static-web-server/default.nix

··· 1 - { lib, rustPlatform, fetchFromGitHub, stdenv, darwin }: 1 + { lib, rustPlatform, fetchFromGitHub, stdenv, darwin, nixosTests }: 2 2 3 3 rustPlatform.buildRustPackage rec { 4 4 pname = "static-web-server"; ··· 23 23 "--skip=tests::handle_not_modified" 24 24 "--skip=handle_precondition" 25 25 ]; 26 + 27 + # Need to copy in the systemd units for systemd.packages to discover them 28 + postInstall = '' 29 + install -Dm444 -t $out/lib/systemd/system/ systemd/static-web-server.{service,socket} 30 + ''; 31 + 32 + passthru.tests = { inherit (nixosTests) static-web-server; }; 26 33 27 34 meta = with lib; { 28 35 description = "An asynchronus web server for static files-serving";