qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/services.athens: remove with lib;

Browse Source
This commit is contained in:
Felix Buehler 2024-08-27 20:43:07 +02:00
parent 8cf91e2c5b
commit 0717502d60
1 changed files with 203 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

409
nixos/modules/services/development/athens.nix
View File

@ -1,11 +1,8 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let let
cfg = config.services.athens; cfg = config.services.athens;
athensConfig = flip recursiveUpdate cfg.extraConfig ( athensConfig = lib.flip lib.recursiveUpdate cfg.extraConfig (
{ {
GoBinary = "${cfg.goBinary}/bin/go"; GoBinary = "${cfg.goBinary}/bin/go";
GoEnv = cfg.goEnv; GoEnv = cfg.goEnv;
@ -157,20 +154,20 @@ in
}; };
options.services.athens = { options.services.athens = {
enable = mkEnableOption "Go module datastore and proxy"; enable = lib.mkEnableOption "Go module datastore and proxy";
package = mkOption { package = lib.mkOption {
default = pkgs.athens; default = pkgs.athens;
defaultText = literalExpression "pkgs.athens"; defaultText = lib.literalExpression "pkgs.athens";
example = "pkgs.athens"; example = "pkgs.athens";
description = "Which athens derivation to use"; description = "Which athens derivation to use";
type = types.package; type = lib.types.package;
}; };
goBinary = mkOption { goBinary = lib.mkOption {
type = types.package; type = lib.types.package;
default = pkgs.go; default = pkgs.go;
defaultText = literalExpression "pkgs.go"; defaultText = lib.literalExpression "pkgs.go";
example = "pkgs.go_1_21"; example = "pkgs.go_1_21";
description = '' description = ''
The Go package used by Athens at runtime. The Go package used by Athens at runtime.
@ -181,15 +178,15 @@ in
''; '';
}; };
goEnv = mkOption { goEnv = lib.mkOption {
type = types.enum [ "development" "production" ]; type = lib.types.enum [ "development" "production" ];
description = "Specifies the type of environment to run. One of 'development' or 'production'."; description = "Specifies the type of environment to run. One of 'development' or 'production'.";
default = "development"; default = "development";
example = "production"; example = "production";
}; };
goBinaryEnvVars = mkOption { goBinaryEnvVars = lib.mkOption {
type = types.attrs; type = lib.types.attrs;
description = "Environment variables to pass to the Go binary."; description = "Environment variables to pass to the Go binary.";
example = '' example = ''
{ "GOPROXY" = "direct", "GODEBUG" = "true" } { "GOPROXY" = "direct", "GODEBUG" = "true" }
@ -197,15 +194,15 @@ in
default = { }; default = { };
}; };
goGetWorkers = mkOption { goGetWorkers = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Number of workers concurrently downloading modules."; description = "Number of workers concurrently downloading modules.";
default = 10; default = 10;
example = 32; example = 32;
}; };
goGetDir = mkOption { goGetDir = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = '' description = ''
Temporary directory that Athens will use to Temporary directory that Athens will use to
fetch modules from VCS prior to persisting fetch modules from VCS prior to persisting
@ -218,14 +215,14 @@ in
example = "/tmp/athens"; example = "/tmp/athens";
}; };
protocolWorkers = mkOption { protocolWorkers = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Number of workers concurrently serving protocol paths."; description = "Number of workers concurrently serving protocol paths.";
default = 30; default = 30;
}; };
logLevel = mkOption { logLevel = lib.mkOption {
type = types.nullOr (types.enum [ "panic" "fatal" "error" "warning" "info" "debug" "trace" ]); type = lib.types.nullOr (lib.types.enum [ "panic" "fatal" "error" "warning" "info" "debug" "trace" ]);
description = '' description = ''
Log level for Athens. Log level for Athens.
Supports all logrus log levels (https://github.com/Sirupsen/logrus#level-logging)". Supports all logrus log levels (https://github.com/Sirupsen/logrus#level-logging)".
@ -234,8 +231,8 @@ in
example = "debug"; example = "debug";
}; };
cloudRuntime = mkOption { cloudRuntime = lib.mkOption {
type = types.enum [ "GCP" "none" ]; type = lib.types.enum [ "GCP" "none" ];
description = '' description = ''
Specifies the Cloud Provider on which the Proxy/registry is running. Specifies the Cloud Provider on which the Proxy/registry is running.
''; '';
@ -243,24 +240,24 @@ in
example = "GCP"; example = "GCP";
}; };
enablePprof = mkOption { enablePprof = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = "Enable pprof endpoints."; description = "Enable pprof endpoints.";
default = false; default = false;
}; };
pprofPort = mkOption { pprofPort = lib.mkOption {
type = types.port; type = lib.types.port;
description = "Port number for pprof endpoints."; description = "Port number for pprof endpoints.";
default = 3301; default = 3301;
example = 443; example = 443;
}; };
filterFile = mkOption { filterFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = ''Filename for the include exclude filter.''; description = ''Filename for the include exclude filter.'';
default = null; default = null;
example = literalExpression '' example = lib.literalExpression ''
pkgs.writeText "filterFile" ''' pkgs.writeText "filterFile" '''
- github.com/azure - github.com/azure
+ github.com/azure/azure-sdk-for-go + github.com/azure/azure-sdk-for-go
@ -269,42 +266,42 @@ in
''; '';
}; };
robotsFile = mkOption { robotsFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = ''Provides /robots.txt for net crawlers.''; description = ''Provides /robots.txt for net crawlers.'';
default = null; default = null;
example = literalExpression ''pkgs.writeText "robots.txt" "# my custom robots.txt ..."''; example = lib.literalExpression ''pkgs.writeText "robots.txt" "# my custom robots.txt ..."'';
}; };
timeout = mkOption { timeout = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Timeout for external network calls in seconds."; description = "Timeout for external network calls in seconds.";
default = 300; default = 300;
example = 3; example = 3;
}; };
storageType = mkOption { storageType = lib.mkOption {
type = types.enum [ "memory" "disk" "mongo" "gcp" "minio" "s3" "azureblob" "external" ]; type = lib.types.enum [ "memory" "disk" "mongo" "gcp" "minio" "s3" "azureblob" "external" ];
description = "Specifies the type of storage backend to use."; description = "Specifies the type of storage backend to use.";
default = "disk"; default = "disk";
}; };
tlsCertFile = mkOption { tlsCertFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = "Path to the TLS certificate file."; description = "Path to the TLS certificate file.";
default = null; default = null;
example = "/etc/ssl/certs/athens.crt"; example = "/etc/ssl/certs/athens.crt";
}; };
tlsKeyFile = mkOption { tlsKeyFile = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = "Path to the TLS key file."; description = "Path to the TLS key file.";
default = null; default = null;
example = "/etc/ssl/certs/athens.key"; example = "/etc/ssl/certs/athens.key";
}; };
port = mkOption { port = lib.mkOption {
type = types.port; type = lib.types.port;
default = 3000; default = 3000;
description = '' description = ''
Port number Athens listens on. Port number Athens listens on.
@ -312,8 +309,8 @@ in
example = 443; example = 443;
}; };
unixSocket = mkOption { unixSocket = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = '' description = ''
Path to the unix socket file. Path to the unix socket file.
If set, Athens will listen on the unix socket instead of TCP socket. If set, Athens will listen on the unix socket instead of TCP socket.
@ -322,8 +319,8 @@ in
example = "/run/athens.sock"; example = "/run/athens.sock";
}; };
globalEndpoint = mkOption { globalEndpoint = lib.mkOption {
type = types.str; type = lib.types.str;
description = '' description = ''
Endpoint for a package registry in case of a proxy cache miss. Endpoint for a package registry in case of a proxy cache miss.
''; '';
@ -331,8 +328,8 @@ in
example = "http://upstream-athens.example.com:3000"; example = "http://upstream-athens.example.com:3000";
}; };
basicAuthUser = mkOption { basicAuthUser = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
Username for basic auth. Username for basic auth.
''; '';
@ -340,8 +337,8 @@ in
example = "user"; example = "user";
}; };
basicAuthPass = mkOption { basicAuthPass = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
Password for basic auth. Warning: this is stored in plain text in the config file. Password for basic auth. Warning: this is stored in plain text in the config file.
''; '';
@ -349,16 +346,16 @@ in
example = "swordfish"; example = "swordfish";
}; };
forceSSL = mkOption { forceSSL = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = '' description = ''
Force SSL redirects for incoming requests. Force SSL redirects for incoming requests.
''; '';
default = false; default = false;
}; };
validatorHook = mkOption { validatorHook = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
Endpoint to validate modules against. Endpoint to validate modules against.
@ -368,8 +365,8 @@ in
example = "https://validation.example.com"; example = "https://validation.example.com";
}; };
pathPrefix = mkOption { pathPrefix = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
Sets basepath for all routes. Sets basepath for all routes.
''; '';
@ -377,8 +374,8 @@ in
example = "/athens"; example = "/athens";
}; };
netrcPath = mkOption { netrcPath = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = '' description = ''
Path to the .netrc file. Path to the .netrc file.
''; '';
@ -386,8 +383,8 @@ in
example = "/home/user/.netrc"; example = "/home/user/.netrc";
}; };
githubToken = mkOption { githubToken = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
Creates .netrc file with the given token to be used for GitHub. Creates .netrc file with the given token to be used for GitHub.
Warning: this is stored in plain text in the config file. Warning: this is stored in plain text in the config file.
@ -396,8 +393,8 @@ in
example = "ghp_1234567890"; example = "ghp_1234567890";
}; };
hgrcPath = mkOption { hgrcPath = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = '' description = ''
Path to the .hgrc file. Path to the .hgrc file.
''; '';
@ -405,16 +402,16 @@ in
example = "/home/user/.hgrc"; example = "/home/user/.hgrc";
}; };
traceExporter = mkOption { traceExporter = lib.mkOption {
type = types.nullOr (types.enum [ "jaeger" "datadog" ]); type = lib.types.nullOr (lib.types.enum [ "jaeger" "datadog" ]);
description = '' description = ''
Trace exporter to use. Trace exporter to use.
''; '';
default = null; default = null;
}; };
traceExporterURL = mkOption { traceExporterURL = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = '' description = ''
URL endpoint that traces will be sent to. URL endpoint that traces will be sent to.
''; '';
@ -422,14 +419,14 @@ in
example = "http://localhost:14268"; example = "http://localhost:14268";
}; };
statsExporter = mkOption { statsExporter = lib.mkOption {
type = types.nullOr (types.enum [ "prometheus" ]); type = lib.types.nullOr (lib.types.enum [ "prometheus" ]);
description = "Stats exporter to use."; description = "Stats exporter to use.";
default = null; default = null;
}; };
sumDBs = mkOption { sumDBs = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
description = '' description = ''
List of fully qualified URLs that Athens will proxy List of fully qualified URLs that Athens will proxy
that the go command can use a checksum verifier. that the go command can use a checksum verifier.
@ -437,8 +434,8 @@ in
default = [ "https://sum.golang.org" ]; default = [ "https://sum.golang.org" ];
}; };
noSumPatterns = mkOption { noSumPatterns = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
description = '' description = ''
List of patterns that Athens sum db proxy will return a 403 for. List of patterns that Athens sum db proxy will return a 403 for.
''; '';
@ -446,8 +443,8 @@ in
example = [ "github.com/mycompany/*" ]; example = [ "github.com/mycompany/*" ];
}; };
downloadMode = mkOption { downloadMode = lib.mkOption {
type = types.oneOf [ (types.enum [ "sync" "async" "redirect" "async_redirect" "none" ]) (types.strMatching "^file:.*$|^custom:.*$") ]; type = lib.types.oneOf [ (lib.types.enum [ "sync" "async" "redirect" "async_redirect" "none" ]) (lib.types.strMatching "^file:.*$|^custom:.*$") ];
description = '' description = ''
Defines how Athens behaves when a module@version Defines how Athens behaves when a module@version
is not found in storage. There are 7 options: is not found in storage. There are 7 options:
@ -470,8 +467,8 @@ in
default = "async_redirect"; default = "async_redirect";
}; };
networkMode = mkOption { networkMode = lib.mkOption {
type = types.enum [ "strict" "offline" "fallback" ]; type = lib.types.enum [ "strict" "offline" "fallback" ];
description = '' description = ''
Configures how Athens will return the results Configures how Athens will return the results
of the /list endpoint as it can be assembled from both its own of the /list endpoint as it can be assembled from both its own
@ -490,30 +487,30 @@ in
default = "strict"; default = "strict";
}; };
downloadURL = mkOption { downloadURL = lib.mkOption {
type = types.str; type = lib.types.str;
description = "URL used if DownloadMode is set to redirect."; description = "URL used if DownloadMode is set to redirect.";
default = "https://proxy.golang.org"; default = "https://proxy.golang.org";
}; };
singleFlightType = mkOption { singleFlightType = lib.mkOption {
type = types.enum [ "memory" "etcd" "redis" "redis-sentinel" "gcp" "azureblob" ]; type = lib.types.enum [ "memory" "etcd" "redis" "redis-sentinel" "gcp" "azureblob" ];
description = '' description = ''
Determines what mechanism Athens uses to manage concurrency flowing into the Athens backend. Determines what mechanism Athens uses to manage concurrency flowing into the Athens backend.
''; '';
default = "memory"; default = "memory";
}; };
indexType = mkOption { indexType = lib.mkOption {
type = types.enum [ "none" "memory" "mysql" "postgres" ]; type = lib.types.enum [ "none" "memory" "mysql" "postgres" ];
description = '' description = ''
Type of index backend Athens will use. Type of index backend Athens will use.
''; '';
default = "none"; default = "none";
}; };
shutdownTimeout = mkOption { shutdownTimeout = lib.mkOption {
type = types.int; type = lib.types.int;
description = '' description = ''
Number of seconds to wait for the server to shutdown gracefully. Number of seconds to wait for the server to shutdown gracefully.
''; '';
@ -523,42 +520,42 @@ in
singleFlight = { singleFlight = {
etcd = { etcd = {
endpoints = mkOption { endpoints = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
description = "URLs that determine all distributed etcd servers."; description = "URLs that determine all distributed etcd servers.";
default = [ ]; default = [ ];
example = [ "localhost:2379" ]; example = [ "localhost:2379" ];
}; };
}; };
redis = { redis = {
endpoint = mkOption { endpoint = lib.mkOption {
type = types.str; type = lib.types.str;
description = "URL of the redis server."; description = "URL of the redis server.";
default = ""; default = "";
example = "localhost:6379"; example = "localhost:6379";
}; };
password = mkOption { password = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Password for the redis server. Warning: this is stored in plain text in the config file."; description = "Password for the redis server. Warning: this is stored in plain text in the config file.";
default = ""; default = "";
example = "swordfish"; example = "swordfish";
}; };
lockConfig = { lockConfig = {
ttl = mkOption { ttl = lib.mkOption {
type = types.int; type = lib.types.int;
description = "TTL for the lock in seconds."; description = "TTL for the lock in seconds.";
default = 900; default = 900;
example = 1; example = 1;
}; };
timeout = mkOption { timeout = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Timeout for the lock in seconds."; description = "Timeout for the lock in seconds.";
default = 15; default = 15;
example = 1; example = 1;
}; };
maxRetries = mkOption { maxRetries = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Maximum number of retries for the lock."; description = "Maximum number of retries for the lock.";
default = 10; default = 10;
example = 1; example = 1;
@ -567,40 +564,40 @@ in
}; };
redisSentinel = { redisSentinel = {
endpoints = mkOption { endpoints = lib.mkOption {
type = types.listOf types.str; type = lib.types.listOf lib.types.str;
description = "URLs that determine all distributed redis servers."; description = "URLs that determine all distributed redis servers.";
default = [ ]; default = [ ];
example = [ "localhost:26379" ]; example = [ "localhost:26379" ];
}; };
masterName = mkOption { masterName = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Name of the sentinel master server."; description = "Name of the sentinel master server.";
default = ""; default = "";
example = "redis-1"; example = "redis-1";
}; };
sentinelPassword = mkOption { sentinelPassword = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Password for the sentinel server. Warning: this is stored in plain text in the config file."; description = "Password for the sentinel server. Warning: this is stored in plain text in the config file.";
default = ""; default = "";
example = "swordfish"; example = "swordfish";
}; };
lockConfig = { lockConfig = {
ttl = mkOption { ttl = lib.mkOption {
type = types.int; type = lib.types.int;
description = "TTL for the lock in seconds."; description = "TTL for the lock in seconds.";
default = 900; default = 900;
example = 1; example = 1;
}; };
timeout = mkOption { timeout = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Timeout for the lock in seconds."; description = "Timeout for the lock in seconds.";
default = 15; default = 15;
example = 1; example = 1;
}; };
maxRetries = mkOption { maxRetries = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Maximum number of retries for the lock."; description = "Maximum number of retries for the lock.";
default = 10; default = 10;
example = 1; example = 1;
@ -611,8 +608,8 @@ in
storage = { storage = {
cdn = { cdn = {
endpoint = mkOption { endpoint = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "hostname of the CDN server."; description = "hostname of the CDN server.";
example = "cdn.example.com"; example = "cdn.example.com";
default = null; default = null;
@ -620,65 +617,65 @@ in
}; };
disk = { disk = {
rootPath = mkOption { rootPath = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = "Athens disk root folder."; description = "Athens disk root folder.";
default = "/var/lib/athens"; default = "/var/lib/athens";
}; };
}; };
gcp = { gcp = {
projectID = mkOption { projectID = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "GCP project ID."; description = "GCP project ID.";
example = "my-project"; example = "my-project";
default = null; default = null;
}; };
bucket = mkOption { bucket = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "GCP backend storage bucket."; description = "GCP backend storage bucket.";
example = "my-bucket"; example = "my-bucket";
default = null; default = null;
}; };
jsonKey = mkOption { jsonKey = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Base64 encoded GCP service account key. Warning: this is stored in plain text in the config file."; description = "Base64 encoded GCP service account key. Warning: this is stored in plain text in the config file.";
default = null; default = null;
}; };
}; };
minio = { minio = {
endpoint = mkOption { endpoint = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Endpoint of the minio storage backend."; description = "Endpoint of the minio storage backend.";
example = "minio.example.com:9001"; example = "minio.example.com:9001";
default = null; default = null;
}; };
key = mkOption { key = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Access key id for the minio storage backend."; description = "Access key id for the minio storage backend.";
example = "minio"; example = "minio";
default = null; default = null;
}; };
secret = mkOption { secret = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Secret key for the minio storage backend. Warning: this is stored in plain text in the config file."; description = "Secret key for the minio storage backend. Warning: this is stored in plain text in the config file.";
example = "minio123"; example = "minio123";
default = null; default = null;
}; };
enableSSL = mkOption { enableSSL = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = "Enable SSL for the minio storage backend."; description = "Enable SSL for the minio storage backend.";
default = false; default = false;
}; };
bucket = mkOption { bucket = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Bucket name for the minio storage backend."; description = "Bucket name for the minio storage backend.";
example = "gomods"; example = "gomods";
default = null; default = null;
}; };
region = mkOption { region = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Region for the minio storage backend."; description = "Region for the minio storage backend.";
example = "us-east-1"; example = "us-east-1";
default = null; default = null;
@ -686,108 +683,108 @@ in
}; };
mongo = { mongo = {
url = mkOption { url = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "URL of the mongo database."; description = "URL of the mongo database.";
example = "mongodb://localhost:27017"; example = "mongodb://localhost:27017";
default = null; default = null;
}; };
defaultDBName = mkOption { defaultDBName = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Name of the mongo database."; description = "Name of the mongo database.";
example = "athens"; example = "athens";
default = null; default = null;
}; };
certPath = mkOption { certPath = lib.mkOption {
type = types.nullOr types.path; type = lib.types.nullOr lib.types.path;
description = "Path to the certificate file for the mongo database."; description = "Path to the certificate file for the mongo database.";
example = "/etc/ssl/mongo.pem"; example = "/etc/ssl/mongo.pem";
default = null; default = null;
}; };
insecure = mkOption { insecure = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = "Allow insecure connections to the mongo database."; description = "Allow insecure connections to the mongo database.";
default = false; default = false;
}; };
}; };
s3 = { s3 = {
region = mkOption { region = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Region of the S3 storage backend."; description = "Region of the S3 storage backend.";
example = "eu-west-3"; example = "eu-west-3";
default = null; default = null;
}; };
key = mkOption { key = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Access key id for the S3 storage backend."; description = "Access key id for the S3 storage backend.";
example = "minio"; example = "minio";
default = null; default = null;
}; };
secret = mkOption { secret = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Secret key for the S3 storage backend. Warning: this is stored in plain text in the config file."; description = "Secret key for the S3 storage backend. Warning: this is stored in plain text in the config file.";
default = ""; default = "";
}; };
token = mkOption { token = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Token for the S3 storage backend. Warning: this is stored in plain text in the config file."; description = "Token for the S3 storage backend. Warning: this is stored in plain text in the config file.";
default = null; default = null;
}; };
bucket = mkOption { bucket = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Bucket name for the S3 storage backend."; description = "Bucket name for the S3 storage backend.";
example = "gomods"; example = "gomods";
default = null; default = null;
}; };
forcePathStyle = mkOption { forcePathStyle = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = "Force path style for the S3 storage backend."; description = "Force path style for the S3 storage backend.";
default = false; default = false;
}; };
useDefaultConfiguration = mkOption { useDefaultConfiguration = lib.mkOption {
type = types.bool; type = lib.types.bool;
description = "Use default configuration for the S3 storage backend."; description = "Use default configuration for the S3 storage backend.";
default = false; default = false;
}; };
credentialsEndpoint = mkOption { credentialsEndpoint = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Credentials endpoint for the S3 storage backend."; description = "Credentials endpoint for the S3 storage backend.";
default = ""; default = "";
}; };
awsContainerCredentialsRelativeURI = mkOption { awsContainerCredentialsRelativeURI = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Container relative url (used by fargate)."; description = "Container relative url (used by fargate).";
default = null; default = null;
}; };
endpoint = mkOption { endpoint = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Endpoint for the S3 storage backend."; description = "Endpoint for the S3 storage backend.";
default = null; default = null;
}; };
}; };
azureblob = { azureblob = {
accountName = mkOption { accountName = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Account name for the Azure Blob storage backend."; description = "Account name for the Azure Blob storage backend.";
default = null; default = null;
}; };
accountKey = mkOption { accountKey = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Account key for the Azure Blob storage backend. Warning: this is stored in plain text in the config file."; description = "Account key for the Azure Blob storage backend. Warning: this is stored in plain text in the config file.";
default = null; default = null;
}; };
containerName = mkOption { containerName = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Container name for the Azure Blob storage backend."; description = "Container name for the Azure Blob storage backend.";
default = null; default = null;
}; };
}; };
external = { external = {
url = mkOption { url = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "URL of the backend storage layer."; description = "URL of the backend storage layer.";
example = "https://athens.example.com"; example = "https://athens.example.com";
default = null; default = null;
@ -797,44 +794,44 @@ in
index = { index = {
mysql = { mysql = {
protocol = mkOption { protocol = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Protocol for the MySQL database."; description = "Protocol for the MySQL database.";
default = "tcp"; default = "tcp";
}; };
host = mkOption { host = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Host for the MySQL database."; description = "Host for the MySQL database.";
default = "localhost"; default = "localhost";
}; };
port = mkOption { port = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Port for the MySQL database."; description = "Port for the MySQL database.";
default = 3306; default = 3306;
}; };
user = mkOption { user = lib.mkOption {
type = types.str; type = lib.types.str;
description = "User for the MySQL database."; description = "User for the MySQL database.";
default = "root"; default = "root";
}; };
password = mkOption { password = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Password for the MySQL database. Warning: this is stored in plain text in the config file."; description = "Password for the MySQL database. Warning: this is stored in plain text in the config file.";
default = null; default = null;
}; };
database = mkOption { database = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Database name for the MySQL database."; description = "Database name for the MySQL database.";
default = "athens"; default = "athens";
}; };
params = { params = {
parseTime = mkOption { parseTime = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Parse time for the MySQL database."; description = "Parse time for the MySQL database.";
default = "true"; default = "true";
}; };
timeout = mkOption { timeout = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Timeout for the MySQL database."; description = "Timeout for the MySQL database.";
default = "30s"; default = "30s";
}; };
@ -842,39 +839,39 @@ in
}; };
postgres = { postgres = {
host = mkOption { host = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Host for the Postgres database."; description = "Host for the Postgres database.";
default = "localhost"; default = "localhost";
}; };
port = mkOption { port = lib.mkOption {
type = types.int; type = lib.types.int;
description = "Port for the Postgres database."; description = "Port for the Postgres database.";
default = 5432; default = 5432;
}; };
user = mkOption { user = lib.mkOption {
type = types.str; type = lib.types.str;
description = "User for the Postgres database."; description = "User for the Postgres database.";
default = "postgres"; default = "postgres";
}; };
password = mkOption { password = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Password for the Postgres database. Warning: this is stored in plain text in the config file."; description = "Password for the Postgres database. Warning: this is stored in plain text in the config file.";
default = null; default = null;
}; };
database = mkOption { database = lib.mkOption {
type = types.str; type = lib.types.str;
description = "Database name for the Postgres database."; description = "Database name for the Postgres database.";
default = "athens"; default = "athens";
}; };
params = { params = {
connect_timeout = mkOption { connect_timeout = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "Connect timeout for the Postgres database."; description = "Connect timeout for the Postgres database.";
default = "30s"; default = "30s";
}; };
sslmode = mkOption { sslmode = lib.mkOption {
type = types.nullOr types.str; type = lib.types.nullOr lib.types.str;
description = "SSL mode for the Postgres database."; description = "SSL mode for the Postgres database.";
default = "disable"; default = "disable";
}; };
@ -882,8 +879,8 @@ in
}; };
}; };
extraConfig = mkOption { extraConfig = lib.mkOption {
type = types.attrs; type = lib.types.attrs;
description = '' description = ''
Extra configuration options for the athens config file. Extra configuration options for the athens config file.
''; '';
@ -891,7 +888,7 @@ in
}; };
}; };
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.services.athens = { systemd.services.athens = {
description = "Athens Go module proxy"; description = "Athens Go module proxy";
documentation = [ "https://docs.gomods.io" ]; documentation = [ "https://docs.gomods.io" ];
@ -918,8 +915,8 @@ in
ProtectHome = "read-only"; ProtectHome = "read-only";
ProtectSystem = "full"; ProtectSystem = "full";
ReadWritePaths = mkIf (cfg.storage.disk.rootPath != null && (! hasPrefix "/var/lib/" cfg.storage.disk.rootPath)) [ cfg.storage.disk.rootPath ]; ReadWritePaths = lib.mkIf (cfg.storage.disk.rootPath != null && (! lib.hasPrefix "/var/lib/" cfg.storage.disk.rootPath)) [ cfg.storage.disk.rootPath ];
StateDirectory = mkIf (hasPrefix "/var/lib/" cfg.storage.disk.rootPath) [ (removePrefix "/var/lib/" cfg.storage.disk.rootPath) ]; StateDirectory = lib.mkIf (lib.hasPrefix "/var/lib/" cfg.storage.disk.rootPath) [ (lib.removePrefix "/var/lib/" cfg.storage.disk.rootPath) ];
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
@ -928,8 +925,8 @@ in
}; };
networking.firewall = { networking.firewall = {
allowedTCPPorts = optionals (cfg.unixSocket == null) [ cfg.port ] allowedTCPPorts = lib.optionals (cfg.unixSocket == null) [ cfg.port ]
++ optionals cfg.enablePprof [ cfg.pprofPort ]; ++ lib.optionals cfg.enablePprof [ cfg.pprofPort ];
}; };
}; };