zb/module.nix at main · 256lights/zb · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# Copyright 2025 The zb Authors
# SPDX-License-Identifier: MIT

{ pkgs, lib, config, ...  }:

let
  cfg = config.zb;
in
{
  options.zb = {
    package = lib.mkOption {
      type = lib.types.package;
      description = "The zb package to use";
    };
    installerPackage = lib.mkOption {
      type = lib.types.package;
      description = "The zb installer package to use";
    };

    buildGroup = lib.mkOption {
      type = lib.types.str;
      default = "zbld";
      description = "Group Name for the build users";
    };
    buildGid = lib.mkOption {
      type = lib.types.int;
      default = 256000;
      description = "Group ID for the build users";
    };
    firstBuildUid = lib.mkOption {
      type = lib.types.int;
      default = 256001;
      description = "First user ID for the build users, will increment for each";
    };
    userCount = lib.mkOption {
      type = lib.types.int;
      default = 32;
      description = "Number of build users to create";
    };
  };

  config = {
    environment.systemPackages = [ cfg.package ];

    users.users = builtins.listToAttrs (
      map (i: {
        name = "${cfg.buildGroup}${toString i}";
        value = {
          description = "zb build user ${toString i}";
          uid = cfg.firstBuildUid + (i - 1);
          group = cfg.buildGroup;
          isSystemUser = true;
        };
      }) (lib.range 1 cfg.userCount)
    );

    users.groups.${cfg.buildGroup} = {
      gid = cfg.buildGid;
      members = map (i: "${cfg.buildGroup}${toString i}") (lib.range 1 cfg.userCount);
    };

    systemd.services.zb-install = {
      description = "zb Install";
      unitConfig = {
        ConditionPathExists = "!/opt/zb/store";
      };
      path = [ pkgs.bash ];
      script = "bash ${cfg.installerPackage}/install --bin '' --build-users-group '' --no-systemd";
      serviceConfig = {
        Type = "oneshot";
      };
    };

    systemd.sockets.zb-serve = {
      description = "zb Store Server Socket";
      before = [ "multi-user.target" ];
      unitConfig = {
        RequiresMountsFor = [ "/opt/zb" ];
      };
      listenStreams = [ "/opt/zb/var/zb/server.sock" ];
      wantedBy = [ "sockets.target" ];
    };

    systemd.services.zb-serve = {
      description = "zb Store Server";
      requires = [
        "zb-serve.socket"
        "zb-install.service"
      ];
      after = [ "zb-install.service" ];
      unitConfig = {
        RequiresMountsFor = [
          "/opt/zb/store"
          "/opt/zb/var"
          "/opt/zb/var/zb"
        ];
        ConditionPathIsReadWrite = "/opt/zb/var/zb";
      };
      serviceConfig = {
        ExecStart = "${cfg.package}/bin/zb serve --systemd --sandbox-path=/bin/sh=/opt/zb/store/hpsxd175dzfmjrg27pvvin3nzv3yi61k-busybox-1.36.1/bin/sh --implicit-system-dep=/bin/sh --build-users-group=${cfg.buildGroup}";
        KillMode = "mixed";
      };
    };
  };
}