nixpkgs-suyu/nixos/modules/services/databases/neo4j.nix

150 lines
4.3 KiB
Nix

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.neo4j;
serverConfig = pkgs.writeText "neo4j-server.properties" ''
org.neo4j.server.database.location=${cfg.dataDir}/data/graph.db
org.neo4j.server.webserver.address=${cfg.listenAddress}
org.neo4j.server.webserver.port=${toString cfg.port}
${optionalString cfg.enableHttps ''
org.neo4j.server.webserver.https.enabled=true
org.neo4j.server.webserver.https.port=${toString cfg.httpsPort}
org.neo4j.server.webserver.https.cert.location=${cfg.cert}
org.neo4j.server.webserver.https.key.location=${cfg.key}
org.neo4j.server.webserver.https.keystore.location=${cfg.dataDir}/data/keystore
''}
org.neo4j.server.webadmin.rrdb.location=${cfg.dataDir}/data/rrd
org.neo4j.server.webadmin.data.uri=/db/data/
org.neo4j.server.webadmin.management.uri=/db/manage/
org.neo4j.server.db.tuning.properties=${cfg.package}/share/neo4j/conf/neo4j.properties
org.neo4j.server.manage.console_engines=shell
${cfg.extraServerConfig}
'';
loggingConfig = pkgs.writeText "logging.properties" cfg.loggingConfig;
wrapperConfig = pkgs.writeText "neo4j-wrapper.conf" ''
wrapper.java.additional=-Dorg.neo4j.server.properties=${serverConfig}
wrapper.java.additional=-Djava.util.logging.config.file=${loggingConfig}
wrapper.java.additional=-XX:+UseConcMarkSweepGC
wrapper.java.additional=-XX:+CMSClassUnloadingEnabled
wrapper.pidfile=${cfg.dataDir}/neo4j-server.pid
wrapper.name=neo4j
'';
in {
###### interface
options.services.neo4j = {
enable = mkOption {
description = "Whether to enable neo4j.";
default = false;
type = types.bool;
};
package = mkOption {
description = "Neo4j package to use.";
default = pkgs.neo4j;
defaultText = "pkgs.neo4j";
type = types.package;
};
listenAddress = mkOption {
description = "Neo4j listen address.";
default = "127.0.0.1";
type = types.str;
};
port = mkOption {
description = "Neo4j port to listen for HTTP traffic.";
default = 7474;
type = types.int;
};
enableHttps = mkOption {
description = "Enable https for Neo4j.";
default = false;
type = types.bool;
};
httpsPort = mkOption {
description = "Neo4j port to listen for HTTPS traffic.";
default = 7473;
type = types.int;
};
cert = mkOption {
description = "Neo4j https certificate.";
default = "${cfg.dataDir}/conf/ssl/neo4j.cert";
type = types.path;
};
key = mkOption {
description = "Neo4j https certificate key.";
default = "${cfg.dataDir}/conf/ssl/neo4j.key";
type = types.path;
};
dataDir = mkOption {
description = "Neo4j data directory.";
default = "/var/lib/neo4j";
type = types.path;
};
loggingConfig = mkOption {
description = "Neo4j logging configuration.";
default = ''
handlers=java.util.logging.ConsoleHandler
.level=INFO
org.neo4j.server.level=INFO
java.util.logging.ConsoleHandler.level=INFO
java.util.logging.ConsoleHandler.formatter=org.neo4j.server.logging.SimpleConsoleFormatter
java.util.logging.ConsoleHandler.filter=org.neo4j.server.logging.NeoLogFilter
'';
type = types.lines;
};
extraServerConfig = mkOption {
description = "Extra configuration for neo4j server.";
default = "";
type = types.lines;
};
};
###### implementation
config = mkIf cfg.enable {
systemd.services.neo4j = {
description = "Neo4j Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = { NEO4J_INSTANCE = cfg.dataDir; };
serviceConfig = {
ExecStart = "${cfg.package}/bin/neo4j console";
User = "neo4j";
PermissionsStartOnly = true;
};
preStart = ''
mkdir -m 0700 -p ${cfg.dataDir}/{data/graph.db,conf}
ln -fs ${wrapperConfig} ${cfg.dataDir}/conf/neo4j-wrapper.conf
if [ "$(id -u)" = 0 ]; then chown -R neo4j ${cfg.dataDir}; fi
'';
};
environment.systemPackages = [ pkgs.neo4j ];
users.extraUsers = singleton {
name = "neo4j";
uid = config.ids.uids.neo4j;
description = "Neo4j daemon user";
home = cfg.dataDir;
};
};
}