diff options
author | Sandro <sandro.jaeckel@gmail.com> | 2024-03-27 11:17:39 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-27 11:17:39 +0100 |
commit | f87c956ea7bf39dd166c3572646ed23761801155 (patch) | |
tree | 5b3a506ef5492264c5177d6e89b9420fdf1b24e1 /nixos | |
parent | da524b7072b238973ae8dd02b0d75f45261b806a (diff) | |
parent | 6bf7438e4fc40aaeba2890f4e84fac74da38b946 (diff) |
Merge pull request #281236 from melvyn2/update-kavita
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2405.section.md | 4 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/kavita.nix | 63 | ||||
-rw-r--r-- | nixos/tests/kavita.nix | 46 |
3 files changed, 73 insertions, 40 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 3f2b55e60080b..4ad01e2b158c1 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -446,6 +446,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `nextcloud-setup.service` no longer changes the group of each file & directory inside `/var/lib/nextcloud/{config,data,store-apps}` if one of these directories has the wrong owner group. This was part of transitioning the group used for `/var/lib/nextcloud`, but isn't necessary anymore. +- `services.kavita` now uses the freeform option `services.kavita.settings` for the application settings file. + The options `services.kavita.ipAdresses` and `services.kavita.port` now exist at `services.kavita.settings.IpAddresses` + and `services.kavita.settings.IpAddresses`. + - The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`. - Gitea 1.21 upgrade has several breaking changes, including: diff --git a/nixos/modules/services/web-apps/kavita.nix b/nixos/modules/services/web-apps/kavita.nix index c3e39f0b54761..c90697bcfa8b2 100644 --- a/nixos/modules/services/web-apps/kavita.nix +++ b/nixos/modules/services/web-apps/kavita.nix @@ -2,7 +2,18 @@ let cfg = config.services.kavita; -in { + settingsFormat = pkgs.formats.json { }; + appsettings = settingsFormat.generate "appsettings.json" ({ TokenKey = "@TOKEN@"; } // cfg.settings); +in +{ + imports = [ + (lib.mkChangedOptionModule [ "services" "kavita" "ipAdresses" ] [ "services" "kavita" "settings" "IpAddresses" ] (config: + let value = lib.getAttrFromPath [ "services" "kavita" "ipAdresses" ] config; in + lib.concatStringsSep "," value + )) + (lib.mkRenamedOptionModule [ "services" "kavita" "port" ] [ "services" "kavita" "settings" "Port" ]) + ]; + options.services.kavita = { enable = lib.mkEnableOption (lib.mdDoc "Kavita reading server"); @@ -27,16 +38,31 @@ in { It can be generated with `head -c 32 /dev/urandom | base64`. ''; }; - port = lib.mkOption { - default = 5000; - type = lib.types.port; - description = lib.mdDoc "Port to bind to."; - }; - ipAdresses = lib.mkOption { - default = ["0.0.0.0" "::"]; - type = lib.types.listOf lib.types.str; - description = lib.mdDoc "IP Addresses to bind to. The default is to bind - to all IPv4 and IPv6 addresses."; + + settings = lib.mkOption { + default = { }; + description = lib.mdDoc '' + Kavita configuration options, as configured in {file}`appsettings.json`. + ''; + type = lib.types.submodule { + freeformType = settingsFormat.type; + + options = { + Port = lib.mkOption { + default = 5000; + type = lib.types.port; + description = lib.mdDoc "Port to bind to."; + }; + + IpAddresses = lib.mkOption { + default = "0.0.0.0,::"; + type = lib.types.commas; + description = lib.mdDoc '' + IP Addresses to bind to. The default is to bind to all IPv4 and IPv6 addresses. + ''; + }; + }; + }; }; }; @@ -46,18 +72,15 @@ in { wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; preStart = '' - umask u=rwx,g=rx,o= - cat > "${cfg.dataDir}/config/appsettings.json" <<EOF - { - "TokenKey": "$(cat ${cfg.tokenKeyFile})", - "Port": ${toString cfg.port}, - "IpAddresses": "${lib.concatStringsSep "," cfg.ipAdresses}" - } - EOF + install -m600 ${appsettings} ${lib.escapeShellArg cfg.dataDir}/config/appsettings.json + ${pkgs.replace-secret}/bin/replace-secret '@TOKEN@' \ + ''${CREDENTIALS_DIRECTORY}/token \ + '${cfg.dataDir}/config/appsettings.json' ''; serviceConfig = { WorkingDirectory = cfg.dataDir; - ExecStart = "${lib.getExe cfg.package}"; + LoadCredential = [ "token:${cfg.tokenKeyFile}" ]; + ExecStart = lib.getExe cfg.package; Restart = "always"; User = cfg.user; }; diff --git a/nixos/tests/kavita.nix b/nixos/tests/kavita.nix index f27b3fffbcf64..bb55e1fb29d43 100644 --- a/nixos/tests/kavita.nix +++ b/nixos/tests/kavita.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ... }: { name = "kavita"; meta = with pkgs.lib.maintainers; { maintainers = [ misterio77 ]; @@ -8,29 +8,35 @@ import ./make-test-python.nix ({ pkgs, ...} : { kavita = { config, pkgs, ... }: { services.kavita = { enable = true; - port = 5000; - tokenKeyFile = builtins.toFile "kavita.key" "QfpjFvjT83BLtZ74GE3U3Q=="; + tokenKeyFile = builtins.toFile "kavita.key" "d26ba694b455271a8872415830fb7b5c58f8da98f9ef7f58b2ca4c34bd406512"; }; }; }; - testScript = let - regUrl = "http://kavita:5000/api/Account/register"; - payload = builtins.toFile "payload.json" (builtins.toJSON { - username = "foo"; - password = "correcthorsebatterystaple"; - email = "foo@bar"; - }); - in '' - kavita.start - kavita.wait_for_unit("kavita.service") + testScript = + let + regUrl = "http://kavita:5000/api/Account/register"; + loginUrl = "http://kavita:5000/api/Account/login"; + localeUrl = "http://kavita:5000/api/locale"; + in + '' + import json - # Check that static assets are working - kavita.wait_until_succeeds("curl http://kavita:5000/site.webmanifest | grep Kavita") + kavita.start + kavita.wait_for_unit("kavita.service") - # Check that registration is working - kavita.succeed("curl -fX POST ${regUrl} --json @${payload}") - # But only for the first one - kavita.fail("curl -fX POST ${regUrl} --json @${payload}") - ''; + # Check that static assets are working + kavita.wait_until_succeeds("curl http://kavita:5000/site.webmanifest | grep Kavita") + + # Check that registration is working + kavita.succeed("""curl -fX POST ${regUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'""") + # But only for the first one + kavita.fail("""curl -fX POST ${regUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'""") + + # Log in and retrieve token + session = json.loads(kavita.succeed("""curl -fX POST ${loginUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'""")) + # Check list of locales + locales = json.loads(kavita.succeed(f"curl -fX GET ${localeUrl} -H 'Authorization: Bearer {session['token']}'")) + assert len(locales) > 0, "expected a list of locales" + ''; }) |