commit d042d834af6eaf9a5db1c3ec89aa1a750ef8cc29 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #153986 from abbradar/prosody-filer

prosody-filer: init at unstable-2021-05-24

authored by Nikolay Amiantov and committed by GitHub 4 years ago d042d834 dfbf064a

+125

6 changed files

expand all

unified split

nixos

doc

manual

from_md

release-notes

rl-2205.section.xml

release-notes

rl-2205.section.md

modules

module-list.nix

services

web-apps

prosody-filer.nix

pkgs

servers

xmpp

prosody-filer

default.nix

top-level

all-packages.nix

nixos/doc/manual/from_md/release-notes/rl-2205.section.xml

··· 135 135 <link linkend="opt-services.baget.enable">services.baget</link>. 136 136 </para> 137 137 </listitem> 138 + <listitem> 139 + <para> 140 + <link xlink:href="https://github.com/ThomasLeister/prosody-filer">prosody-filer</link>, 141 + a server for handling XMPP HTTP Upload requests. Available at 142 + <link linkend="opt-services.prosody-filer.enable">services.prosody-filer</link>. 143 + </para> 144 + </listitem> 138 145 </itemizedlist> 139 146 </section> 140 147 <section xml:id="sec-release-22.05-incompatibilities">

nixos/doc/manual/release-notes/rl-2205.section.md

··· 41 41 42 42 - [BaGet](https://loic-sharma.github.io/BaGet/), a lightweight NuGet and symbol server. Available at [services.baget](#opt-services.baget.enable). 43 43 44 + - [prosody-filer](https://github.com/ThomasLeister/prosody-filer), a server for handling XMPP HTTP Upload requests. Available at [services.prosody-filer](#opt-services.prosody-filer.enable). 45 + 44 46 ## Backward Incompatibilities {#sec-release-22.05-incompatibilities} 45 47 46 48 - `pkgs.ghc` now refers to `pkgs.targetPackages.haskellPackages.ghc`.

nixos/modules/module-list.nix

··· 1032 1032 ./services/web-apps/plausible.nix 1033 1033 ./services/web-apps/pgpkeyserver-lite.nix 1034 1034 ./services/web-apps/powerdns-admin.nix 1035 + ./services/web-apps/prosody-filer.nix 1035 1036 ./services/web-apps/matomo.nix 1036 1037 ./services/web-apps/openwebrx.nix 1037 1038 ./services/web-apps/restya-board.nix

+88

nixos/modules/services/web-apps/prosody-filer.nix

··· 1 + { config, lib, pkgs, ... }: 2 + 3 + with lib; 4 + let 5 + 6 + cfg = config.services.prosody-filer; 7 + 8 + settingsFormat = pkgs.formats.toml { }; 9 + configFile = settingsFormat.generate "prosody-filer.toml" cfg.settings; 10 + in { 11 + 12 + options = { 13 + services.prosody-filer = { 14 + enable = mkEnableOption "Prosody Filer XMPP upload file server"; 15 + 16 + settings = mkOption { 17 + description = '' 18 + Configuration for Prosody Filer. 19 + Refer to <link xlink:href="https://github.com/ThomasLeister/prosody-filer#configure-prosody-filer"/> for details on supported values. 20 + ''; 21 + 22 + type = settingsFormat.type; 23 + 24 + example = literalExample '' 25 + { 26 + secret = "mysecret"; 27 + storeDir = "/srv/http/nginx/prosody-upload"; 28 + } 29 + ''; 30 + 31 + defaultText = literalExpression '' 32 + { 33 + listenport = mkDefault "127.0.0.1:5050"; 34 + uploadSubDir = mkDefault "upload/"; 35 + } 36 + ''; 37 + }; 38 + }; 39 + }; 40 + 41 + config = mkIf cfg.enable { 42 + services.prosody-filer.settings = { 43 + listenport = mkDefault "127.0.0.1:5050"; 44 + uploadSubDir = mkDefault "upload/"; 45 + }; 46 + 47 + users.users.prosody-filer = { 48 + group = "prosody-filer"; 49 + isSystemUser = true; 50 + }; 51 + 52 + users.groups.prosody-filer = { }; 53 + 54 + systemd.services.prosody-filer = { 55 + description = "Prosody file upload server"; 56 + wantedBy = [ "multi-user.target" ]; 57 + after = [ "network.target" ]; 58 + 59 + serviceConfig = { 60 + User = "prosody-filer"; 61 + Group = "prosody-filer"; 62 + ExecStart = "${pkgs.prosody-filer}/bin/prosody-filer -config ${configFile}"; 63 + Restart = "on-failure"; 64 + CapabilityBoundingSet = ""; 65 + NoNewPrivileges = true; 66 + PrivateDevices = true; 67 + PrivateTmp = true; 68 + PrivateMounts = true; 69 + ProtectHome = true; 70 + ProtectClock = true; 71 + ProtectProc = "noaccess"; 72 + ProcSubset = "pid"; 73 + ProtectKernelLogs = true; 74 + ProtectKernelModules = true; 75 + ProtectKernelTunables = true; 76 + ProtectControlGroups = true; 77 + ProtectHostname = true; 78 + RestrictSUIDSGID = true; 79 + RestrictRealtime = true; 80 + RestrictNamespaces = true; 81 + LockPersonality = true; 82 + RemoveIPC = true; 83 + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; 84 + SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ]; 85 + }; 86 + }; 87 + }; 88 + }

+25

pkgs/servers/xmpp/prosody-filer/default.nix

··· 1 + { stdenv, lib, buildGoModule, fetchFromGitHub }: 2 + 3 + buildGoModule rec { 4 + pname = "prosody-filer"; 5 + version = "unstable-2021-05-24"; 6 + 7 + vendorSha256 = "05spkks77x88kc31c1zdg1cbf9ijymjs7qzmhg4c6lql5p2h5fbd"; 8 + 9 + src = fetchFromGitHub { 10 + owner = "ThomasLeister"; 11 + repo = "prosody-filer"; 12 + rev = "c65edd199b47dc505366c85b3702230fda797cd6"; 13 + sha256 = "0h6vp5flgy4wwmzhs6pf6qkk2j4ah8w919dwhfsq4wdpqs78kc0y"; 14 + }; 15 + 16 + doCheck = false; 17 + 18 + meta = with lib; { 19 + homepage = "https://github.com/ThomasLeister/prosody-filer"; 20 + maintainers = with maintainers; [ abbradar ]; 21 + license = licenses.mit; 22 + platforms = platforms.linux; 23 + description = "A simple file server for handling XMPP http_upload requests"; 24 + }; 25 + }

pkgs/top-level/all-packages.nix

··· 20945 20945 withExtraLibs = []; 20946 20946 }; 20947 20947 20948 + prosody-filer = callPackage ../servers/xmpp/prosody-filer { }; 20949 + 20948 20950 biboumi = callPackage ../servers/xmpp/biboumi { }; 20949 20951 20950 20952 elasticmq-server-bin = callPackage ../servers/elasticmq-server-bin {