Commit 4ec4146f authored by Emily's avatar Emily
Browse files

unifi-video: drop 

EOL since January 2021.
parent 02147205

nixos/doc/manual/release-notes/rl-2305.section.md

+1 −1
Original line number Diff line number Diff line
@@ -252,7 +252,7 @@ In addition to numerous new and updated packages, this release has the following 
  }

  ```



- The default module options for [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall), [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) and [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) have been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.

- The default module options for [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall), [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) and `services.unifi-video.openFirewall` have been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall.



- The option `i18n.inputMethod.fcitx5.enableRimeData` has been removed. Default RIME data is now included in `fcitx5-rime` by default, and can be customized using

nixos/modules/module-list.nix

+0 −1
Original line number Diff line number Diff line
@@ -1373,7 +1373,6 @@ 
  ./services/video/mirakurun.nix

  ./services/video/photonvision.nix

  ./services/video/mediamtx.nix

  ./services/video/unifi-video.nix

  ./services/video/v4l2-relayd.nix

  ./services/wayland/cage.nix

  ./services/wayland/hypridle.nix

nixos/modules/rename.nix

+1 −0
Original line number Diff line number Diff line
@@ -108,6 +108,7 @@ in 
      used instead.

    '')

    (mkRemovedOptionModule [ "services" "tvheadend" ] "The tvheadend package and the corresponding module have been removed as nobody was willing to maintain them and they were stuck on an unmaintained version that required FFmpeg 4; please see https://github.com/NixOS/nixpkgs/pull/332259 if you are interested in maintaining a newer version.")

    (mkRemovedOptionModule [ "services" "unifi-video" ] "The unifi-video package and the corresponding module have been removed as the software has been unsupported since 2021 and requires a MongoDB version that has reached end of life.")

    (mkRemovedOptionModule [ "services" "venus" ] "The corresponding package was removed from nixpkgs.")

    (mkRemovedOptionModule [ "services" "wakeonlan"] "This module was removed in favor of enabling it with networking.interfaces.<name>.wakeOnLan")

    (mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")

nixos/modules/services/video/unifi-video.nix

deleted100644 → 0
+0 −252
Original line number Diff line number Diff line 
{ config, lib, options, pkgs, utils, ... }:

with lib;

let

  cfg = config.services.unifi-video;

  opt = options.services.unifi-video;

  mainClass = "com.ubnt.airvision.Main";

  cmd = ''

    ${pkgs.jsvc}/bin/jsvc \

    -cwd ${stateDir} \

    -debug \

    -verbose:class \

    -nodetach \

    -user unifi-video \

    -home ${cfg.jrePackage}/lib/openjdk \

    -cp ${pkgs.commonsDaemon}/share/java/commons-daemon-1.2.4.jar:${stateDir}/lib/airvision.jar \

    -pidfile ${cfg.pidFile} \

    -procname unifi-video \

    -Djava.security.egd=file:/dev/./urandom \

    -Xmx${toString cfg.maximumJavaHeapSize}M \

    -Xss512K \

    -XX:+UseG1GC \

    -XX:+UseStringDeduplication \

    -XX:MaxMetaspaceSize=768M \

    -Djava.library.path=${stateDir}/lib \

    -Djava.awt.headless=true \

    -Djavax.net.ssl.trustStore=${stateDir}/etc/ufv-truststore \

    -Dfile.encoding=UTF-8 \

    -Dav.tempdir=/var/cache/unifi-video

  '';



  mongoConf = pkgs.writeTextFile {

    name = "mongo.conf";

    executable = false;

    text = ''

      # for documentation of all options, see https://www.mongodb.com/docs/manual/reference/configuration-options/



      storage:

         dbPath: ${cfg.dataDir}/db

         journal:

            enabled: true

         syncPeriodSecs: 60



      systemLog:

         destination: file

         logAppend: true

         path: ${stateDir}/logs/mongod.log



      net:

         port: 7441

         bindIp: 127.0.0.1

         http:

            enabled: false



      operationProfiling:

         slowOpThresholdMs: 500

         mode: off

    '';

  };





  mongoWtConf = pkgs.writeTextFile {

    name = "mongowt.conf";

    executable = false;

    text = ''

      # for documentation of all options, see:

      #   https://www.mongodb.com/docs/manual/reference/configuration-options/



      storage:

         dbPath: ${cfg.dataDir}/db-wt

         journal:

            enabled: true

         wiredTiger:

            engineConfig:

               cacheSizeGB: 1



      systemLog:

         destination: file

         logAppend: true

         path: logs/mongod.log



      net:

         port: 7441

         bindIp: 127.0.0.1



      operationProfiling:

         slowOpThresholdMs: 500

         mode: off

    '';

  };



  stateDir = "/var/lib/unifi-video";



in

{



  options.services.unifi-video = {



    enable = mkOption {

      type = types.bool;

      default = false;

      description = ''

        Whether or not to enable the unifi-video service.

      '';

    };



    jrePackage = mkPackageOption pkgs "jre8" { };



    unifiVideoPackage = mkPackageOption pkgs "unifi-video" { };



    mongodbPackage = mkPackageOption pkgs "mongodb" {

      default = "mongodb-5_0";

    };



    logDir = mkOption {

      type = types.str;

      default = "${stateDir}/logs";

      description = ''

        Where to store the logs.

      '';

    };



    dataDir = mkOption {

      type = types.str;

      default = "${stateDir}/data";

      description = ''

        Where to store the database and other data.

      '';

    };



    openFirewall = mkOption {

      type = types.bool;

      default = false;

      description = ''

        Whether or not to open the required ports on the firewall.

      '';

    };



    maximumJavaHeapSize = mkOption {

      type = types.nullOr types.int;

      default = 1024;

      example = 4096;

      description = ''

        Set the maximum heap size for the JVM in MB.

      '';

    };



    pidFile = mkOption {

      type = types.path;

      default = "${cfg.dataDir}/unifi-video.pid";

      defaultText = literalExpression ''"''${config.${opt.dataDir}}/unifi-video.pid"'';

      description = "Location of unifi-video pid file.";

    };



  };



  config = mkIf cfg.enable {



    warnings = optional

      (options.services.unifi-video.openFirewall.highestPrio >= (mkOptionDefault null).priority)

      "The current services.unifi-video.openFirewall = true default is deprecated and will change to false in 22.11. Set it explicitly to silence this warning.";



    users.users.unifi-video = {

      description = "UniFi Video controller daemon user";

      home = stateDir;

      group = "unifi-video";

      isSystemUser = true;

    };

    users.groups.unifi-video = {};



    networking.firewall = mkIf cfg.openFirewall {

      # https://help.ui.com/hc/en-us/articles/217875218-UniFi-Video-Ports-Used

      allowedTCPPorts = [

        7080 # HTTP portal

        7443 # HTTPS portal

        7445 # Video over HTTP (mobile app)

        7446 # Video over HTTPS (mobile app)

        7447 # RTSP via the controller

        7442 # Camera management from cameras to NVR over WAN

      ];

      allowedUDPPorts = [

        6666 # Inbound camera streams sent over WAN

      ];

    };



    systemd.tmpfiles.rules = [

      "d '${stateDir}' 0700 unifi-video unifi-video - -"

      "d '/var/cache/unifi-video' 0700 unifi-video unifi-video - -"



      "d '${stateDir}/logs' 0700 unifi-video unifi-video - -"

      "C '${stateDir}/etc' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/etc"

      "C '${stateDir}/webapps' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/webapps"

      "C '${stateDir}/email' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/email"

      "C '${stateDir}/fw' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/fw"

      "C '${stateDir}/lib' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/lib"



      "d '${stateDir}/data' 0700 unifi-video unifi-video - -"

      "d '${stateDir}/data/db' 0700 unifi-video unifi-video - -"

      "C '${stateDir}/data/system.properties' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/etc/system.properties"



      "d '${stateDir}/bin' 0700 unifi-video unifi-video - -"

      "f '${stateDir}/bin/evostreamms' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/evostreamms"

      "f '${stateDir}/bin/libavcodec.so.54' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/libavcodec.so.54"

      "f '${stateDir}/bin/libavformat.so.54' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/libavformat.so.54"

      "f '${stateDir}/bin/libavutil.so.52' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/libavutil.so.52"

      "f '${stateDir}/bin/ubnt.avtool' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/ubnt.avtool"

      "f '${stateDir}/bin/ubnt.updater' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/bin/ubnt.updater"

      "C '${stateDir}/bin/mongo' 0700 unifi-video unifi-video - ${cfg.mongodbPackage}/bin/mongo"

      "C '${stateDir}/bin/mongod' 0700 unifi-video unifi-video - ${cfg.mongodbPackage}/bin/mongod"

      "C '${stateDir}/bin/mongoperf' 0700 unifi-video unifi-video - ${cfg.mongodbPackage}/bin/mongoperf"

      "C '${stateDir}/bin/mongos' 0700 unifi-video unifi-video - ${cfg.mongodbPackage}/bin/mongos"



      "d '${stateDir}/conf' 0700 unifi-video unifi-video - -"

      "C '${stateDir}/conf/evostream' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/evostream"

      "Z '${stateDir}/conf/evostream' 0700 unifi-video unifi-video - -"

      "L+ '${stateDir}/conf/mongodv3.0+.conf' 0700 unifi-video unifi-video - ${mongoConf}"

      "L+ '${stateDir}/conf/mongodv3.6+.conf' 0700 unifi-video unifi-video - ${mongoConf}"

      "L+ '${stateDir}/conf/mongod-wt.conf' 0700 unifi-video unifi-video - ${mongoWtConf}"

      "L+ '${stateDir}/conf/catalina.policy' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/catalina.policy"

      "L+ '${stateDir}/conf/catalina.properties' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/catalina.properties"

      "L+ '${stateDir}/conf/context.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/context.xml"

      "L+ '${stateDir}/conf/logging.properties' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/logging.properties"

      "L+ '${stateDir}/conf/server.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/server.xml"

      "L+ '${stateDir}/conf/tomcat-users.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/tomcat-users.xml"

      "L+ '${stateDir}/conf/web.xml' 0700 unifi-video unifi-video - ${pkgs.unifi-video}/lib/unifi-video/conf/web.xml"

    ];



    systemd.services.unifi-video = {

      description = "UniFi Video NVR daemon";

      wantedBy = [ "multi-user.target" ];

      after = [ "network.target" ] ;

      unitConfig.RequiresMountsFor = stateDir;

      # Make sure package upgrades trigger a service restart

      restartTriggers = [ cfg.unifiVideoPackage cfg.mongodbPackage ];

      path = with pkgs; [ gawk coreutils busybox which jre8 lsb-release libcap util-linux ];

      serviceConfig = {

        Type = "simple";

        ExecStart = "${(removeSuffix "\n" cmd)} ${mainClass} start";

        ExecStop = "${(removeSuffix "\n" cmd)} stop ${mainClass} stop";

        Restart = "on-failure";

        UMask = "0077";

        User = "unifi-video";

        WorkingDirectory = "${stateDir}";

      };

    };

  };



  imports = [

    (mkRenamedOptionModule [ "services" "unifi-video" "openPorts" ] [ "services" "unifi-video" "openFirewall" ])

  ];



  meta.maintainers = with lib.maintainers; [ rsynnest ];

}

pkgs/servers/unifi-video/default.nix

deleted100644 → 0
+0 −65
Original line number Diff line number Diff line 
{ dpkg

, stdenv

, lib

, fetchurl

, jre8

, jsvc

, lsb-release

, libcap

, util-linux

, makeWrapper

, autoPatchelfHook

, glibc

, gcc-unwrapped

}:



stdenv.mkDerivation rec {

  pname = "unifi-video";

  version = "3.10.13";

  src = fetchurl {

    urls = [ "https://dl.ui.com/firmwares/ufv/v${version}/unifi-video.Debian9_amd64.v${version}.deb" "https://archive.org/download/unifi-video.Debian9_amd64.v${version}/unifi-video.Debian9_amd64.v${version}.deb" ];

    sha256 = "06mxjdizs4mhm1by8kj4pg5hhdi8ns6x75ggwyp1k6zb26jvvdny";

  };



  buildInputs = [ jre8 jsvc lsb-release libcap util-linux ];

  nativeBuildInputs = [ dpkg makeWrapper autoPatchelfHook glibc gcc-unwrapped ];



  unpackCmd = ''

    runHook preUnpack



    dpkg-deb -x $src .

    rm -r etc



    runHook postUnpack

  '';



  installPhase = ''

    runHook preInstall



    mkdir -p $out

    cp -ar sbin $out/bin

    cp -ar lib share $out

    chmod +x $out/bin/*

    wrapProgram $out/bin/unifi-video --set JAVA_HOME "${jre8}" --prefix PATH : ${lib.makeBinPath [ jre8 lsb-release libcap util-linux]}



    runHook postInstall

  '';



  meta = with lib; {

    description = "Unifi Video NVR (aka Airvision) is a software package for controlling Unifi cameras";

    longDescription = ''

      Unifi Video is the NVR server software which can monitor and

      record footage from supported Unifi video cameras

    '';

    homepage = "https://www.ui.com";

    downloadPage = "https://www.ui.com/download/unifi-video/";

    sourceProvenance = with sourceTypes; [

      binaryBytecode

      binaryNativeCode

    ];

    license = licenses.unfree;

    maintainers = [ maintainers.rsynnest ];

    platforms = [ "x86_64-linux" ];

    knownVulnerabilities = [ "Upstream support for Unifi Video ended January 1st, 2021." ];

  };

}