pyrox.dev / nixpkgs
lol
fork atom

locate: enhance mlocate support

Gregor Kleen cc1ebd1d 114e738e

+66 -15
unified split
+65 -15
nixos/modules/misc/locate.nix
··· 4 4 5 5 let 6 6 cfg = config.services.locate; 7 + isMLocate = hasPrefix "mlocate" cfg.locate.name; 8 + isFindutils = hasPrefix "findutils" cfg.locate.name; 7 9 in { 8 - options.services.locate = { 10 + options.services.locate = with types; { 9 11 enable = mkOption { 10 - type = types.bool; 12 + type = bool; 11 13 default = false; 12 14 description = '' 13 15 If enabled, NixOS will periodically update the database of ··· 16 18 }; 17 19 18 20 locate = mkOption { 19 - type = types.package; 21 + type = package; 20 22 default = pkgs.findutils; 21 23 defaultText = "pkgs.findutils"; 22 24 example = "pkgs.mlocate"; ··· 26 28 }; 27 29 28 30 interval = mkOption { 29 - type = types.str; 31 + type = str; 30 32 default = "02:15"; 31 33 example = "hourly"; 32 34 description = '' ··· 40 42 }; 41 43 42 44 extraFlags = mkOption { 43 - type = types.listOf types.str; 45 + type = listOf str; 44 46 default = [ ]; 45 47 description = '' 46 48 Extra flags to pass to <command>updatedb</command>. ··· 48 50 }; 49 51 50 52 output = mkOption { 51 - type = types.path; 53 + type = path; 52 54 default = "/var/cache/locatedb"; 53 55 description = '' 54 56 The database file to build. ··· 56 58 }; 57 59 58 60 localuser = mkOption { 59 - type = types.nullOr types.str; 61 + type = nullOr str; 60 62 default = "nobody"; 61 63 description = '' 62 64 The user to search non-network directories as, using ··· 64 66 ''; 65 67 }; 66 68 67 - includeStore = mkOption { 68 - type = types.bool; 69 + pruneFS = mkOption { 70 + type = listOf str; 71 + default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ]; 72 + description = '' 73 + Which filesystem types to exclude from indexing 74 + ''; 75 + }; 76 + 77 + prunePaths = mkOption { 78 + type = listOf path; 79 + default = ["/tmp" "/var/tmp" "/var/cache" "/var/lock" "/var/run" "/var/spool" "/nix/store"]; 80 + description = '' 81 + Which paths to exclude from indexing 82 + ''; 83 + }; 84 + 85 + pruneNames = mkOption { 86 + type = listOf str; 87 + default = []; 88 + description = '' 89 + Directory components which should exclude paths containing them from indexing 90 + ''; 91 + }; 92 + 93 + pruneBindMounts = mkOption { 94 + type = bool; 69 95 default = false; 70 96 description = '' 71 - Whether to include <filename>/nix/store</filename> in the locate database. 97 + Whether not to index bind mounts 72 98 ''; 73 99 }; 100 + 74 101 }; 75 102 76 - config = { 103 + config = mkIf cfg.enable { 104 + users.extraGroups = mkIf isMLocate { mlocate = {}; }; 105 + 106 + security.setuidOwners = mkIf isMLocate 107 + [ { group = "mlocate"; 108 + owner = "root"; 109 + permissions = "u+rx,g+x,o+x"; 110 + setgid = true; 111 + setuid = false; 112 + program = "locate"; 113 + } 114 + ]; 115 + 116 + environment.systemPackages = [ cfg.locate ]; 117 + 118 + warnings = optional (isMLocate && cfg.localuser != null) "mlocate does not support searching as user other than root" 119 + ++ optional (isFindutils && cfg.pruneNames != []) "findutils locate does not support pruning by directory component" 120 + ++ optional (isFindutils && cfg.pruneBindMounts) "findutils locate does not support skipping bind mounts"; 121 + 77 122 systemd.services.update-locatedb = 78 123 { description = "Update Locate Database"; 79 - path = [ pkgs.su ]; 124 + path = mkIf (!isMLocate) [ pkgs.su ]; 80 125 script = 81 126 '' 82 - mkdir -m 0755 -p $(dirname ${toString cfg.output}) 127 + install -m ${if isMLocate then "0750" else "0755"} -o root -g ${if isMLocate then "mlocate" else "root"} -d $(dirname ${cfg.output}) 83 128 exec ${cfg.locate}/bin/updatedb \ 84 129 ${optionalString (cfg.localuser != null) ''--localuser=${cfg.localuser}''} \ 85 - ${optionalString (!cfg.includeStore) "--prunepaths='/nix/store'"} \ 86 130 --output=${toString cfg.output} ${concatStringsSep " " cfg.extraFlags} 87 131 ''; 132 + environment = { 133 + PRUNEFS = concatStringsSep " " cfg.pruneFS; 134 + PRUNEPATHS = concatStringsSep " " cfg.prunePaths; 135 + PRUNENAMES = concatStringsSep " " cfg.pruneNames; 136 + PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no"; 137 + }; 88 138 serviceConfig.Nice = 19; 89 139 serviceConfig.IOSchedulingClass = "idle"; 90 140 serviceConfig.PrivateTmp = "yes"; ··· 94 144 serviceConfig.ReadWriteDirectories = dirOf cfg.output; 95 145 }; 96 146 97 - systemd.timers.update-locatedb = mkIf cfg.enable 147 + systemd.timers.update-locatedb = 98 148 { description = "Update timer for locate database"; 99 149 partOf = [ "update-locatedb.service" ]; 100 150 wantedBy = [ "timers.target" ];
+1
nixos/modules/rename.nix
··· 170 170 171 171 # locate 172 172 (mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ]) 173 + (mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths" ) 173 174 174 175 # Options that are obsolete and have no replacement. 175 176 (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "")