diff options
Diffstat (limited to 'gnu/services/databases.scm')
| -rw-r--r-- | gnu/services/databases.scm | 144 |
1 files changed, 86 insertions, 58 deletions
diff --git a/gnu/services/databases.scm b/gnu/services/databases.scm index 20f8a6977e..8fdd222a3b 100644 --- a/gnu/services/databases.scm +++ b/gnu/services/databases.scm @@ -19,12 +19,13 @@ (define-module (gnu services databases) #:use-module (gnu services) + #:use-module (gnu services dmd) #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages databases) #:use-module (guix records) - #:use-module (guix store) #:use-module (guix gexp) + #:use-module (ice-9 match) #:export (postgresql-service)) ;;; Commentary: @@ -33,6 +34,14 @@ ;;; ;;; Code: +(define-record-type* <postgresql-configuration> + postgresql-configuration make-postgresql-configuration + postgresql-configuration? + (postgresql postgresql-configuration-postgresql ;<package> + (default postgresql)) + (config-file postgresql-configuration-file) + (data-directory postgresql-configuration-data-directory)) + (define %default-postgres-hba (plain-file "pg_hba.conf" " @@ -49,6 +58,77 @@ host all all ::1/128 trust")) "hba_file = '" %default-postgres-hba "'\n" "ident_file = '" %default-postgres-ident "\n")) +(define %postgresql-accounts + (list (user-group (name "postgres") (system? #t)) + (user-account + (name "postgres") + (group "postgres") + (system? #t) + (comment "PostgreSQL server user") + (home-directory "/var/empty") + (shell #~(string-append #$shadow "/sbin/nologin"))))) + +(define postgresql-activation + (match-lambda + (($ <postgresql-configuration> postgresql config-file data-directory) + #~(begin + (use-modules (guix build utils) + (ice-9 match)) + + (let ((user (getpwnam "postgres")) + (initdb (string-append #$postgresql "/bin/initdb"))) + ;; Create db state directory. + (mkdir-p #$data-directory) + (chown #$data-directory (passwd:uid user) (passwd:gid user)) + + ;; Drop privileges and init state directory in a new + ;; process. Wait for it to finish before proceeding. + (match (primitive-fork) + (0 + ;; Exit with a non-zero status code if an exception is thrown. + (dynamic-wind + (const #t) + (lambda () + (setgid (passwd:gid user)) + (setuid (passwd:uid user)) + (primitive-exit (system* initdb "-D" #$data-directory))) + (lambda () + (primitive-exit 1)))) + (pid (waitpid pid)))))))) + +(define postgresql-dmd-service + (match-lambda + (($ <postgresql-configuration> postgresql config-file data-directory) + (let ((start-script + ;; Wrapper script that switches to the 'postgres' user before + ;; launching daemon. + (program-file "start-postgres" + #~(let ((user (getpwnam "postgres")) + (postgres (string-append #$postgresql + "/bin/postgres"))) + (setgid (passwd:gid user)) + (setuid (passwd:uid user)) + (system* postgres + (string-append "--config-file=" + #$config-file) + "-D" #$data-directory))))) + (list (dmd-service + (provision '(postgres)) + (documentation "Run the PostgreSQL daemon.") + (requirement '(user-processes loopback)) + (start #~(make-forkexec-constructor #$start-script)) + (stop #~(make-kill-destructor)))))))) + +(define postgresql-service-type + (service-type (name 'postgresql) + (extensions + (list (service-extension dmd-root-service-type + postgresql-dmd-service) + (service-extension activation-service-type + postgresql-activation) + (service-extension account-service-type + (const %postgresql-accounts)))))) + (define* (postgresql-service #:key (postgresql postgresql) (config-file %default-postgres-config) (data-directory "/var/lib/postgresql/data")) @@ -56,60 +136,8 @@ host all all ::1/128 trust")) The PostgreSQL daemon loads its runtime configuration from @var{config-file} and stores the database cluster in @var{data-directory}." - ;; Wrapper script that switches to the 'postgres' user before launching - ;; daemon. - (define start-script - (program-file "start-postgres" - #~(let ((user (getpwnam "postgres")) - (postgres (string-append #$postgresql - "/bin/postgres"))) - (setgid (passwd:gid user)) - (setuid (passwd:uid user)) - (system* postgres - (string-append "--config-file=" #$config-file) - "-D" #$data-directory)))) - - (define activate - #~(begin - (use-modules (guix build utils) - (ice-9 match)) - - (let ((user (getpwnam "postgres")) - (initdb (string-append #$postgresql "/bin/initdb"))) - ;; Create db state directory. - (mkdir-p #$data-directory) - (chown #$data-directory (passwd:uid user) (passwd:gid user)) - - ;; Drop privileges and init state directory in a new - ;; process. Wait for it to finish before proceeding. - (match (primitive-fork) - (0 - ;; Exit with a non-zero status code if an exception is thrown. - (dynamic-wind - (const #t) - (lambda () - (setgid (passwd:gid user)) - (setuid (passwd:uid user)) - (primitive-exit (system* initdb "-D" #$data-directory))) - (lambda () - (primitive-exit 1)))) - (pid (waitpid pid)))))) - - (service - (provision '(postgres)) - (documentation "Run the PostgreSQL daemon.") - (requirement '(user-processes loopback)) - (start #~(make-forkexec-constructor #$start-script)) - (stop #~(make-kill-destructor)) - (activate activate) - (user-groups (list (user-group - (name "postgres") - (system? #t)))) - (user-accounts (list (user-account - (name "postgres") - (group "postgres") - (system? #t) - (comment "PostgreSQL server user") - (home-directory "/var/empty") - (shell - #~(string-append #$shadow "/sbin/nologin"))))))) + (service postgresql-service-type + (postgresql-configuration + (postgresql postgresql) + (config-file config-file) + (data-directory data-directory)))) |