WIP
This commit is contained in:
parent
cd0b2c3e6d
commit
d554280741
GPG Key ID:
9F2F7D8250F35146
|
|
@ -1,5 +1,8 @@
|
|||
# This should go to `/etc/mysqladm/config.toml`
|
||||
|
||||
[server]
|
||||
socket_path = "/var/run/mysqladm/mysqladm.sock"
|
||||
|
||||
[mysql]
|
||||
host = "localhost"
|
||||
port = 3306
|
||||
|
|
|
|||
|
|
@ -52,11 +52,16 @@
|
|||
|
||||
overlays = {
|
||||
default = self.overlays.mysqladm-rs;
|
||||
greg-ng = final: prev: {
|
||||
mysqladm-rs = final: prev: {
|
||||
inherit (self.packages.${prev.system}) mysqladm-rs;
|
||||
};
|
||||
};
|
||||
|
||||
nixosModules = {
|
||||
default = self.nixosModules.mysqladm-rs;
|
||||
mysqladm-rs = import ./nix/module.nix;
|
||||
};
|
||||
|
||||
packages = let
|
||||
cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml);
|
||||
cargoLock = ./Cargo.lock;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,108 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
cfg = config.services.mysqladm-rs;
|
||||
format = pkgs.formats.toml { };
|
||||
in
|
||||
{
|
||||
options.services.mysqladm-rs = {
|
||||
enable = lib.mkEnableOption "Enable mysqladm-rs";
|
||||
|
||||
package = lib.mkPackageOption pkgs "mysqladm-rs" { };
|
||||
|
||||
createLocalUser = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Create a local database user for mysqladm-rs";
|
||||
};
|
||||
|
||||
settings = lib.mkOption {
|
||||
default = { };
|
||||
type = lib.types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
server = {
|
||||
socket_path = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/run/mysqladm/mysqladm.sock";
|
||||
description = "Path to the MySQL socket";
|
||||
};
|
||||
};
|
||||
|
||||
mysql = {
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "localhost";
|
||||
description = "MySQL host";
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 3306;
|
||||
description = "MySQL port";
|
||||
};
|
||||
username = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "root";
|
||||
description = "MySQL username";
|
||||
};
|
||||
# passwordFile = lib.mkOption {
|
||||
# type = lib.types.path;
|
||||
# default = "secret";
|
||||
# description = "Path to a file containing the MySQL password";
|
||||
# };
|
||||
password = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "secret";
|
||||
description = "MySQL password";
|
||||
};
|
||||
timeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 2;
|
||||
description = "Number of seconds to wait for a response from the MySQL server";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = let
|
||||
configFile = format.generate "mysqladm-rs.conf" cfg.settings;
|
||||
in lib.mkIf config.services.mysqladm-rs.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
services.mysql.ensureUsers = lib.mkIf cfg.createLocalUser [
|
||||
{
|
||||
name = "mysqladm";
|
||||
ensurePermissions = {
|
||||
"mysql.*" = "SELECT, INSERT, UPDATE, DELETE";
|
||||
"information_schema.*" = "SELECT";
|
||||
"*.*" = "CREATE USER, GRANT OPTION";
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
systemd.services."mysqladm@" = {
|
||||
description = "MySQL administration tool for non-admin users";
|
||||
# after = [ "mysql.target" ];
|
||||
environment.RUST_LOG = "debug";
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
ExecStart = "${lib.getExe cfg.package} server socket-activate --config ${configFile}";
|
||||
User = "mysqladm";
|
||||
Group = "mysqladm";
|
||||
DynamicUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.sockets."mysqladm" = {
|
||||
description = "MySQL administration tool for non-admin users";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
restartTriggers = [ configFile ];
|
||||
socketConfig = {
|
||||
ListenStream = cfg.settings.server.socket_path;
|
||||
Accept = "yes";
|
||||
PassCredentials = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Reference in New Issue