Loading nixos/modules/services/networking/unifi.nix +46 −36 Original line number Diff line number Diff line { config, options, lib, pkgs, utils, ... }: with lib; let cfg = config.services.unifi; stateDir = "/var/lib/unifi"; cmd = '' @${cfg.jrePackage}/bin/java java \ ${optionalString (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16") ("--add-opens java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED " + "--add-opens java.base/sun.security.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED " + "--add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED")} \ ${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \ ${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \ -jar ${stateDir}/lib/ace.jar ''; cmd = lib.escapeShellArgs ([ "@${cfg.jrePackage}/bin/java" "java" ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16") [ "--add-opens=java.base/java.lang=ALL-UNNAMED" "--add-opens=java.base/java.time=ALL-UNNAMED" "--add-opens=java.base/sun.security.util=ALL-UNNAMED" "--add-opens=java.base/java.io=ALL-UNNAMED" "--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED" ] ++ (lib.optional (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m") ++ (lib.optional (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m") ++ cfg.extraJvmOptions ++ [ "-jar" "${stateDir}/lib/ace.jar" ]); in { options = { services.unifi.enable = mkOption { type = types.bool; services.unifi.enable = lib.mkOption { type = lib.types.bool; default = false; description = lib.mdDoc '' Whether or not to enable the unifi controller service. ''; }; services.unifi.jrePackage = mkOption { type = types.package; services.unifi.jrePackage = lib.mkOption { type = lib.types.package; default = if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3") then pkgs.jdk11 else pkgs.jre8; defaultText = literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8''; defaultText = lib.literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8''; description = lib.mdDoc '' The JRE package to use. Check the release notes to ensure it is supported. ''; }; services.unifi.unifiPackage = mkOption { type = types.package; services.unifi.unifiPackage = lib.mkOption { type = lib.types.package; default = pkgs.unifi5; defaultText = literalExpression "pkgs.unifi5"; defaultText = lib.literalExpression "pkgs.unifi5"; description = lib.mdDoc '' The unifi package to use. ''; }; services.unifi.mongodbPackage = mkOption { type = types.package; services.unifi.mongodbPackage = lib.mkOption { type = lib.types.package; default = pkgs.mongodb-4_4; defaultText = literalExpression "pkgs.mongodb"; defaultText = lib.literalExpression "pkgs.mongodb"; description = lib.mdDoc '' The mongodb package to use. Please note: unifi7 officially only supports mongodb up until 3.6 but works with 4.4. ''; }; services.unifi.openFirewall = mkOption { type = types.bool; services.unifi.openFirewall = lib.mkOption { type = lib.types.bool; default = false; description = lib.mdDoc '' Whether or not to open the minimum required ports on the firewall. Loading @@ -65,8 +66,8 @@ in ''; }; services.unifi.initialJavaHeapSize = mkOption { type = types.nullOr types.int; services.unifi.initialJavaHeapSize = lib.mkOption { type = with lib.types; nullOr int; default = null; example = 1024; description = lib.mdDoc '' Loading @@ -75,8 +76,8 @@ in ''; }; services.unifi.maximumJavaHeapSize = mkOption { type = types.nullOr types.int; services.unifi.maximumJavaHeapSize = lib.mkOption { type = with lib.types; nullOr int; default = null; example = 4096; description = lib.mdDoc '' Loading @@ -85,9 +86,18 @@ in ''; }; services.unifi.extraJvmOptions = lib.mkOption { type = with lib.types; listOf str; default = [ ]; example = lib.literalExpression ''["-Xlog:gc"]''; description = lib.mdDoc '' Set extra options to pass to the JVM. ''; }; }; config = mkIf cfg.enable { config = lib.mkIf cfg.enable { users.users.unifi = { isSystemUser = true; Loading @@ -97,7 +107,7 @@ in }; users.groups.unifi = {}; networking.firewall = mkIf cfg.openFirewall { networking.firewall = lib.mkIf cfg.openFirewall { # https://help.ubnt.com/hc/en-us/articles/218506997 allowedTCPPorts = [ 8080 # Port for UAP to inform controller. Loading @@ -123,8 +133,8 @@ in serviceConfig = { Type = "simple"; ExecStart = "${(removeSuffix "\n" cmd)} start"; ExecStop = "${(removeSuffix "\n" cmd)} stop"; ExecStart = "${cmd} start"; ExecStop = "${cmd} stop"; Restart = "on-failure"; TimeoutSec = "5min"; User = "unifi"; Loading Loading @@ -194,7 +204,7 @@ in }; imports = [ (mkRemovedOptionModule [ "services" "unifi" "dataDir" ] "You should move contents of dataDir to /var/lib/unifi/data" ) (mkRenamedOptionModule [ "services" "unifi" "openPorts" ] [ "services" "unifi" "openFirewall" ]) (lib.mkRemovedOptionModule [ "services" "unifi" "dataDir" ] "You should move contents of dataDir to /var/lib/unifi/data") (lib.mkRenamedOptionModule [ "services" "unifi" "openPorts" ] [ "services" "unifi" "openFirewall" ]) ]; } Loading
nixos/modules/services/networking/unifi.nix +46 −36 Original line number Diff line number Diff line { config, options, lib, pkgs, utils, ... }: with lib; let cfg = config.services.unifi; stateDir = "/var/lib/unifi"; cmd = '' @${cfg.jrePackage}/bin/java java \ ${optionalString (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16") ("--add-opens java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED " + "--add-opens java.base/sun.security.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED " + "--add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED")} \ ${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \ ${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \ -jar ${stateDir}/lib/ace.jar ''; cmd = lib.escapeShellArgs ([ "@${cfg.jrePackage}/bin/java" "java" ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16") [ "--add-opens=java.base/java.lang=ALL-UNNAMED" "--add-opens=java.base/java.time=ALL-UNNAMED" "--add-opens=java.base/sun.security.util=ALL-UNNAMED" "--add-opens=java.base/java.io=ALL-UNNAMED" "--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED" ] ++ (lib.optional (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m") ++ (lib.optional (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m") ++ cfg.extraJvmOptions ++ [ "-jar" "${stateDir}/lib/ace.jar" ]); in { options = { services.unifi.enable = mkOption { type = types.bool; services.unifi.enable = lib.mkOption { type = lib.types.bool; default = false; description = lib.mdDoc '' Whether or not to enable the unifi controller service. ''; }; services.unifi.jrePackage = mkOption { type = types.package; services.unifi.jrePackage = lib.mkOption { type = lib.types.package; default = if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3") then pkgs.jdk11 else pkgs.jre8; defaultText = literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8''; defaultText = lib.literalExpression ''if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.5") then pkgs.jdk17_headless else if (lib.versionAtLeast (lib.getVersion cfg.unifiPackage) "7.3" then pkgs.jdk11 else pkgs.jre8''; description = lib.mdDoc '' The JRE package to use. Check the release notes to ensure it is supported. ''; }; services.unifi.unifiPackage = mkOption { type = types.package; services.unifi.unifiPackage = lib.mkOption { type = lib.types.package; default = pkgs.unifi5; defaultText = literalExpression "pkgs.unifi5"; defaultText = lib.literalExpression "pkgs.unifi5"; description = lib.mdDoc '' The unifi package to use. ''; }; services.unifi.mongodbPackage = mkOption { type = types.package; services.unifi.mongodbPackage = lib.mkOption { type = lib.types.package; default = pkgs.mongodb-4_4; defaultText = literalExpression "pkgs.mongodb"; defaultText = lib.literalExpression "pkgs.mongodb"; description = lib.mdDoc '' The mongodb package to use. Please note: unifi7 officially only supports mongodb up until 3.6 but works with 4.4. ''; }; services.unifi.openFirewall = mkOption { type = types.bool; services.unifi.openFirewall = lib.mkOption { type = lib.types.bool; default = false; description = lib.mdDoc '' Whether or not to open the minimum required ports on the firewall. Loading @@ -65,8 +66,8 @@ in ''; }; services.unifi.initialJavaHeapSize = mkOption { type = types.nullOr types.int; services.unifi.initialJavaHeapSize = lib.mkOption { type = with lib.types; nullOr int; default = null; example = 1024; description = lib.mdDoc '' Loading @@ -75,8 +76,8 @@ in ''; }; services.unifi.maximumJavaHeapSize = mkOption { type = types.nullOr types.int; services.unifi.maximumJavaHeapSize = lib.mkOption { type = with lib.types; nullOr int; default = null; example = 4096; description = lib.mdDoc '' Loading @@ -85,9 +86,18 @@ in ''; }; services.unifi.extraJvmOptions = lib.mkOption { type = with lib.types; listOf str; default = [ ]; example = lib.literalExpression ''["-Xlog:gc"]''; description = lib.mdDoc '' Set extra options to pass to the JVM. ''; }; }; config = mkIf cfg.enable { config = lib.mkIf cfg.enable { users.users.unifi = { isSystemUser = true; Loading @@ -97,7 +107,7 @@ in }; users.groups.unifi = {}; networking.firewall = mkIf cfg.openFirewall { networking.firewall = lib.mkIf cfg.openFirewall { # https://help.ubnt.com/hc/en-us/articles/218506997 allowedTCPPorts = [ 8080 # Port for UAP to inform controller. Loading @@ -123,8 +133,8 @@ in serviceConfig = { Type = "simple"; ExecStart = "${(removeSuffix "\n" cmd)} start"; ExecStop = "${(removeSuffix "\n" cmd)} stop"; ExecStart = "${cmd} start"; ExecStop = "${cmd} stop"; Restart = "on-failure"; TimeoutSec = "5min"; User = "unifi"; Loading Loading @@ -194,7 +204,7 @@ in }; imports = [ (mkRemovedOptionModule [ "services" "unifi" "dataDir" ] "You should move contents of dataDir to /var/lib/unifi/data" ) (mkRenamedOptionModule [ "services" "unifi" "openPorts" ] [ "services" "unifi" "openFirewall" ]) (lib.mkRemovedOptionModule [ "services" "unifi" "dataDir" ] "You should move contents of dataDir to /var/lib/unifi/data") (lib.mkRenamedOptionModule [ "services" "unifi" "openPorts" ] [ "services" "unifi" "openFirewall" ]) ]; }
