pgadmin4: add option to enable desktop mode
By default, pgadmin4 uses SERVER_MODE = True. This requires access to system directories (e.g. /var/lib/pgadmin). There is no easy way to change this mode during runtime. One has to change or add config files withing pgadmin's directory structure to change it or add a system-wide config file under `/etc/pgadmin`[1]. This isn't always easy to achive or may not be possible at all. For those usecases this implements a switch in the pgadmin4 derivation and adds a new top-level package `pgadmin4-desktopmode`. This builds in DESKTOP MODE and allows the usage of pgadmin4 without the nixOS module and without access to system-wide directories. pgadmin4 module saves the configuration to /etc/pgadmin/config_system.py pgadmin4-desktopmode tries to read that as well. This normally fails with a PermissionError, as the config file is owned by the user of the pgadmin module. With the check-system-config-dir.patch this will just throw a warning but will continue and not read the file. If we run pgadmin4-desktopmode as root (something one really shouldn't do), it can read the config file and fail, because of the wrong config for desktopmode. [1]https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
This commit is contained in:
parent
2b63943be4
commit
a380674d85
6 changed files with 98 additions and 45 deletions
|
@ -513,7 +513,7 @@ in {
|
|||
peerflix = handleTest ./peerflix.nix {};
|
||||
peering-manager = handleTest ./web-apps/peering-manager.nix {};
|
||||
peertube = handleTestOn ["x86_64-linux"] ./web-apps/peertube.nix {};
|
||||
pgadmin4-standalone = handleTest ./pgadmin4-standalone.nix {};
|
||||
pgadmin4 = handleTest ./pgadmin4.nix {};
|
||||
pgjwt = handleTest ./pgjwt.nix {};
|
||||
pgmanage = handleTest ./pgmanage.nix {};
|
||||
phosh = handleTest ./phosh.nix {};
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
# This is separate from pgadmin4 since we don't want both running at once
|
||||
|
||||
{
|
||||
name = "pgadmin4-standalone";
|
||||
meta.maintainers = with lib.maintainers; [ mkg20001 ];
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
];
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
|
||||
authentication = ''
|
||||
host all all localhost trust
|
||||
'';
|
||||
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "postgres";
|
||||
ensurePermissions = {
|
||||
"DATABASE \"postgres\"" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
services.pgadmin = {
|
||||
enable = true;
|
||||
initialEmail = "bruh@localhost.de";
|
||||
initialPasswordFile = pkgs.writeText "pw" "bruh2012!";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.wait_for_unit("postgresql")
|
||||
machine.wait_for_unit("pgadmin")
|
||||
|
||||
machine.wait_until_succeeds("curl -s localhost:5050")
|
||||
'';
|
||||
})
|
57
nixos/tests/pgadmin4.nix
Normal file
57
nixos/tests/pgadmin4.nix
Normal file
|
@ -0,0 +1,57 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
name = "pgadmin4";
|
||||
meta.maintainers = with lib.maintainers; [ mkg20001 gador ];
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
|
||||
imports = [ ./common/user-account.nix ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
pgadmin4-desktopmode
|
||||
];
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
authentication = ''
|
||||
host all all localhost trust
|
||||
'';
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "postgres";
|
||||
ensurePermissions = {
|
||||
"DATABASE \"postgres\"" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
services.pgadmin = {
|
||||
port = 5051;
|
||||
enable = true;
|
||||
initialEmail = "bruh@localhost.de";
|
||||
initialPasswordFile = pkgs.writeText "pw" "bruh2012!";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
with subtest("Check pgadmin module"):
|
||||
machine.wait_for_unit("postgresql")
|
||||
machine.wait_for_unit("pgadmin")
|
||||
machine.wait_until_succeeds("curl -s localhost:5051")
|
||||
machine.wait_until_succeeds("curl -s localhost:5051/login | grep \"<title>pgAdmin 4</title>\" > /dev/null")
|
||||
|
||||
# pgadmin4 module saves the configuration to /etc/pgadmin/config_system.py
|
||||
# pgadmin4-desktopmode tries to read that as well. This normally fails with a PermissionError, as the config file
|
||||
# is owned by the user of the pgadmin module. With the check-system-config-dir.patch this will just throw a warning
|
||||
# but will continue and not read the file.
|
||||
# If we run pgadmin4-desktopmode as root (something one really shouldn't do), it can read the config file and fail,
|
||||
# because of the wrong config for desktopmode.
|
||||
with subtest("Check pgadmin standalone desktop mode"):
|
||||
machine.execute("sudo -u alice pgadmin4 >&2 &", timeout=60)
|
||||
machine.wait_until_succeeds("curl -s localhost:5050")
|
||||
machine.wait_until_succeeds("curl -s localhost:5050/browser/ | grep \"<title>pgAdmin 4</title>\" > /dev/null")
|
||||
'';
|
||||
})
|
17
pkgs/tools/admin/pgadmin/check-system-config-dir.patch
Normal file
17
pkgs/tools/admin/pgadmin/check-system-config-dir.patch
Normal file
|
@ -0,0 +1,17 @@
|
|||
diff --git a/web/config.py b/web/config.py
|
||||
index 4774043..5b73fd3 100644
|
||||
--- a/web/config.py
|
||||
+++ b/web/config.py
|
||||
@@ -884,6 +884,12 @@ if os.path.exists(system_config_dir + '/config_system.py'):
|
||||
user_config_settings.update(config_system_settings)
|
||||
except ImportError:
|
||||
pass
|
||||
+ except PermissionError:
|
||||
+ print(f"Permission denied to open {str(system_config_dir + '/config_system.py')}. \n \
|
||||
+ If you are running pgadmin4-desktopmode please make sure you disable \n \
|
||||
+ the pgadmin NixOS module first. If you rely on settings in \n \
|
||||
+ {str(system_config_dir + '/config_system.py')}, please check the correct permissions.")
|
||||
+ pass
|
||||
|
||||
# Update settings for 'LOG_FILE', 'SQLITE_PATH', 'SESSION_DB_PATH',
|
||||
# 'AZURE_CREDENTIAL_CACHE_DIR', 'KERBEROS_CCACHE_DIR', 'STORAGE_DIR'
|
|
@ -9,6 +9,7 @@
|
|||
, fetchPypi
|
||||
, postgresqlTestHook
|
||||
, postgresql
|
||||
, server-mode ? true
|
||||
}:
|
||||
|
||||
let
|
||||
|
@ -88,6 +89,8 @@ pythonPackages.buildPythonApplication rec {
|
|||
patches = [
|
||||
# Expose setup.py for later use
|
||||
./expose-setup.py.patch
|
||||
# check for permission of /etc/pgadmin/config_system and don't fail
|
||||
./check-system-config-dir.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
|
@ -105,6 +108,10 @@ pythonPackages.buildPythonApplication rec {
|
|||
sed 's|==|>=|g' -i requirements.txt
|
||||
substituteInPlace pkg/pip/setup_pip.py \
|
||||
--replace "req = req.replace('psycopg2', 'psycopg2-binary')" "req = req"
|
||||
${lib.optionalString (!server-mode) ''
|
||||
substituteInPlace web/config.py \
|
||||
--replace "SERVER_MODE = True" "SERVER_MODE = False"
|
||||
''}
|
||||
'';
|
||||
|
||||
preBuild = ''
|
||||
|
@ -242,7 +249,20 @@ pythonPackages.buildPythonApplication rec {
|
|||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Administration and development platform for PostgreSQL";
|
||||
description = "Administration and development platform for PostgreSQL${optionalString (!server-mode) ". Desktop Mode"}";
|
||||
longDescription = ''
|
||||
pgAdmin 4 is designed to meet the needs of both novice and experienced Postgres users alike,
|
||||
providing a powerful graphical interface that simplifies the creation, maintenance and use of database objects.
|
||||
${if server-mode then ''
|
||||
This version is build with SERVER_MODE set to True (the default). It will require access to `/var/lib/pgadmin`
|
||||
and `/var/log/pgadmin`. This is the default version for the NixOS module `services.pgadmin`.
|
||||
This should NOT be used in combination with the `pgadmin4-desktopmode` package as they will interfere.
|
||||
'' else ''
|
||||
This version is build with SERVER_MODE set to False. It will require access to `~/.pgadmin/`. This version is suitable
|
||||
for single-user deployment or where access to `/var/lib/pgadmin` cannot be granted or the NixOS module cannot be used.
|
||||
This should NOT be used in combination with the NixOS module `pgadmin` as they will interfere.
|
||||
''}
|
||||
'';
|
||||
homepage = "https://www.pgadmin.org/";
|
||||
license = licenses.mit;
|
||||
changelog = "https://www.pgadmin.org/docs/pgadmin4/latest/release_notes_${lib.versions.major version}_${lib.versions.minor version}.html";
|
||||
|
|
|
@ -37950,6 +37950,8 @@ with pkgs;
|
|||
|
||||
pgadmin4 = callPackage ../tools/admin/pgadmin { };
|
||||
|
||||
pgadmin4-desktopmode = callPackage ../tools/admin/pgadmin { server-mode = false; };
|
||||
|
||||
pgmodeler = qt6Packages.callPackage ../applications/misc/pgmodeler { };
|
||||
|
||||
physlock = callPackage ../misc/screensavers/physlock { };
|
||||
|
|
Loading…
Reference in a new issue