Skip to content

Commit

Permalink
nixos/xandikos: support UNIX sockets, use systemd socket activation
Browse files Browse the repository at this point in the history 
This way systemd takes care of the owner and the permissions of the socket.
  • Loading branch information
@schnusch
schnusch committed Dec 13, 2022
1 parent 2a04b5f commit a624b26
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 17 deletions.
37 changes: 28 additions & 9 deletions nixos/modules/services/networking/xandikos.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,24 @@ with lib;

let
cfg = config.services.xandikos;

listenStream =
if cfg.address == null then
[ "[::1]:${toString cfg.port}" "127.0.0.1:${toString cfg.port}" ]
else if hasInfix "/" cfg.address then
[ cfg.address ]
else if hasInfix ":" cfg.address then
[ "[${cfg.address}]:${toString cfg.port}" ]
else
[ "${cfg.address}:${toString cfg.port}" ]
;

nginxProxyAddress =
if hasInfix "/" (head listenStream) then
"unix:${head listenStream}"
else
head listenStream
;
in
{

Expand All @@ -19,12 +37,13 @@ in
};

address = mkOption {
type = types.str;
default = "localhost";
type = types.nullOr types.str;
default = null;
description = lib.mdDoc ''
The IP address on which Xandikos will listen.
The IP address or socket path on which Xandikos will listen.
By default listens on localhost.
'';
example = "/run/xandikos/socket";
};

port = mkOption {
Expand Down Expand Up @@ -92,11 +111,13 @@ in
{
meta.maintainers = with lib.maintainers; [ _0x4A6F ];

systemd.sockets.xandikos = {
wantedBy = [ "sockets.target" ];
socketConfig.ListenStream = listenStream;
};

systemd.services.xandikos = {
description = "A Simple Calendar and Contact Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];

serviceConfig = {
User = "xandikos";
Group = "xandikos";
Expand All @@ -122,8 +143,6 @@ in
ExecStart = ''
${cfg.package}/bin/xandikos \
--directory /var/lib/xandikos \
--listen-address ${cfg.address} \
--port ${toString cfg.port} \
--route-prefix ${cfg.routePrefix} \
${lib.concatStringsSep " " cfg.extraOptions}
'';
Expand All @@ -137,7 +156,7 @@ in
enable = true;
virtualHosts."${cfg.nginx.hostName}" = {
locations."/" = {
proxyPass = "http://${cfg.address}:${toString cfg.port}/";
proxyPass = "http://${nginxProxyAddress}";
};
};
};
Expand Down
10 changes: 2 additions & 8 deletions nixos/tests/xandikos.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,6 @@ import ./make-test-python.nix (
xandikos_proxy = {
networking.firewall.allowedTCPPorts = [ 80 8080 ];
services.xandikos.enable = true;
services.xandikos.address = "localhost";
services.xandikos.port = 8080;
services.xandikos.routePrefix = "/xandikos-prefix/";
services.xandikos.extraOptions = [
"--defaults"
Expand All @@ -39,9 +37,7 @@ import ./make-test-python.nix (
start_all()
with subtest("Xandikos default"):
xandikos_default.wait_for_unit("multi-user.target")
xandikos_default.wait_for_unit("xandikos.service")
xandikos_default.wait_for_open_port(8080)
xandikos_default.wait_for_unit("sockets.target")
xandikos_default.succeed("curl --fail http://localhost:8080/")
xandikos_default.succeed(
"curl -s --fail --location http://localhost:8080/ | grep -i Xandikos"
Expand All @@ -50,9 +46,7 @@ import ./make-test-python.nix (
xandikos_client.fail("curl --fail http://xandikos_default:8080/")
with subtest("Xandikos proxy"):
xandikos_proxy.wait_for_unit("multi-user.target")
xandikos_proxy.wait_for_unit("xandikos.service")
xandikos_proxy.wait_for_open_port(8080)
xandikos_proxy.wait_for_unit("sockets.target")
xandikos_proxy.succeed("curl --fail http://localhost:8080/")
xandikos_proxy.succeed(
"curl -s --fail --location http://localhost:8080/ | grep -i Xandikos"
Expand Down

0 comments on commit a624b26

Please sign in to comment.