Unverified Commit e2fb30fa authored by Weijia Wang's avatar Weijia Wang Committed by GitHub
Browse files

Merge pull request #239785 from milibopp/neo4j-5.9.0 

neo4j: 4.4.11 -> 5.9.0
parents 20890bc1 5f6b7a35

nixos/doc/manual/release-notes/rl-2405.section.md

+4 −0
Original line number Diff line number Diff line
@@ -93,6 +93,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m 


- `idris2` was updated to v0.7.0. This version introduces breaking changes. Check out the [changelog](https://github.com/idris-lang/Idris2/blob/v0.7.0/CHANGELOG.md#v070) for details.



- `neo4j` has been updated to 5, you may want to read the [release notes for Neo4j 5](https://neo4j.com/release-notes/database/neo4j-5/)



- `services.neo4j.allowUpgrade` was removed and no longer has any effect. Neo4j 5 supports automatic rolling upgrades.



- `nitter` requires a `guest_accounts.jsonl` to be provided as a path or loaded into the default location at `/var/lib/nitter/guest_accounts.jsonl`. See [Guest Account Branch Deployment](https://github.com/zedeus/nitter/wiki/Guest-Account-Branch-Deployment) for details.



- `services.aria2.rpcSecret` has been replaced with `services.aria2.rpcSecretFile`.

nixos/modules/services/databases/neo4j.nix

+34 −43
Original line number Diff line number Diff line
@@ -35,65 +35,64 @@ let 


  serverConfig = pkgs.writeText "neo4j.conf" ''

    # General

    dbms.allow_upgrade=${boolToString cfg.allowUpgrade}

    dbms.default_listen_address=${cfg.defaultListenAddress}

    dbms.databases.default_to_read_only=${boolToString cfg.readOnly}

    server.default_listen_address=${cfg.defaultListenAddress}

    server.databases.default_to_read_only=${boolToString cfg.readOnly}

    ${optionalString (cfg.workerCount > 0) ''

      dbms.threads.worker_count=${toString cfg.workerCount}

    ''}



    # Directories (readonly)

    dbms.directories.certificates=${cfg.directories.certificates}

    dbms.directories.plugins=${cfg.directories.plugins}

    dbms.directories.lib=${cfg.package}/share/neo4j/lib

    # dbms.directories.certificates=${cfg.directories.certificates}

    server.directories.plugins=${cfg.directories.plugins}

    server.directories.lib=${cfg.package}/share/neo4j/lib

    ${optionalString (cfg.constrainLoadCsv) ''

      dbms.directories.import=${cfg.directories.imports}

      server.directories.import=${cfg.directories.imports}

   ''}



    # Directories (read and write)

    dbms.directories.data=${cfg.directories.data}

    dbms.directories.logs=${cfg.directories.home}/logs

    dbms.directories.run=${cfg.directories.home}/run

    server.directories.data=${cfg.directories.data}

    server.directories.logs=${cfg.directories.home}/logs

    server.directories.run=${cfg.directories.home}/run



    # HTTP Connector

    ${optionalString (cfg.http.enable) ''

      dbms.connector.http.enabled=${boolToString cfg.http.enable}

      dbms.connector.http.listen_address=${cfg.http.listenAddress}

      dbms.connector.http.advertised_address=${cfg.http.listenAddress}

      server.http.enabled=${boolToString cfg.http.enable}

      server.http.listen_address=${cfg.http.listenAddress}

      server.http.advertised_address=${cfg.http.listenAddress}

    ''}



    # HTTPS Connector

    dbms.connector.https.enabled=${boolToString cfg.https.enable}

    dbms.connector.https.listen_address=${cfg.https.listenAddress}

    dbms.connector.https.advertised_address=${cfg.https.listenAddress}

    server.https.enabled=${boolToString cfg.https.enable}

    server.https.listen_address=${cfg.https.listenAddress}

    server.https.advertised_address=${cfg.https.listenAddress}



    # BOLT Connector

    dbms.connector.bolt.enabled=${boolToString cfg.bolt.enable}

    dbms.connector.bolt.listen_address=${cfg.bolt.listenAddress}

    dbms.connector.bolt.advertised_address=${cfg.bolt.listenAddress}

    dbms.connector.bolt.tls_level=${cfg.bolt.tlsLevel}

    server.bolt.enabled=${boolToString cfg.bolt.enable}

    server.bolt.listen_address=${cfg.bolt.listenAddress}

    server.bolt.advertised_address=${cfg.bolt.listenAddress}

    server.bolt.tls_level=${cfg.bolt.tlsLevel}



    # SSL Policies

    ${concatStringsSep "\n" sslPolicies}



    # Default retention policy from neo4j.conf

    dbms.tx_log.rotation.retention_policy=1 days

    db.tx_log.rotation.retention_policy=1 days



    # Default JVM parameters from neo4j.conf

    dbms.jvm.additional=-XX:+UseG1GC

    dbms.jvm.additional=-XX:-OmitStackTraceInFastThrow

    dbms.jvm.additional=-XX:+AlwaysPreTouch

    dbms.jvm.additional=-XX:+UnlockExperimentalVMOptions

    dbms.jvm.additional=-XX:+TrustFinalNonStaticFields

    dbms.jvm.additional=-XX:+DisableExplicitGC

    dbms.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048

    dbms.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true

    dbms.jvm.additional=-Dunsupported.dbms.udc.source=tarball



    #dbms.memory.heap.initial_size=12000m

    #dbms.memory.heap.max_size=12000m

    #dbms.memory.pagecache.size=4g

    #dbms.tx_state.max_off_heap_memory=8000m

    server.jvm.additional=-XX:+UseG1GC

    server.jvm.additional=-XX:-OmitStackTraceInFastThrow

    server.jvm.additional=-XX:+AlwaysPreTouch

    server.jvm.additional=-XX:+UnlockExperimentalVMOptions

    server.jvm.additional=-XX:+TrustFinalNonStaticFields

    server.jvm.additional=-XX:+DisableExplicitGC

    server.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048

    server.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true

    server.jvm.additional=-Dunsupported.dbms.udc.source=tarball



    #server.memory.off_heap.transaction_max_size=12000m

    #server.memory.heap.max_size=12000m

    #server.memory.pagecache.size=4g

    #server.tx_state.max_off_heap_memory=8000m



    # Extra Configuration

    ${cfg.extraServerConfig}
@@ -127,14 +126,6 @@ in { 
      '';

    };



    allowUpgrade = mkOption {

      type = types.bool;

      default = false;

      description = lib.mdDoc ''

        Allow upgrade of Neo4j database files from an older version.

      '';

    };



    constrainLoadCsv = mkOption {

      type = types.bool;

      default = true;

pkgs/servers/nosql/neo4j/default.nix

+8 −6
Original line number Diff line number Diff line 
{ stdenv, lib, fetchurl, nixosTests, makeWrapper, openjdk11, which, gawk }:

{ stdenv, lib, fetchurl, nixosTests, makeWrapper, openjdk17, which, gawk }:



stdenv.mkDerivation rec {

  pname = "neo4j";

  version = "4.4.11";

  version = "5.9.0";



  src = fetchurl {

    url = "https://neo4j.com/artifact.php?name=neo4j-community-${version}-unix.tar.gz";

    sha256 = "sha256-KIENqsXeSl1bd84tp9fD2kxczxMoi62IW4M8NblhAMg=";

    sha256 = "sha256-XId0r6wk6KQ9HelNeyAO1q0n9Rtqt4ArwyX10nmSkwo=";

  };



  nativeBuildInputs = [ makeWrapper ];
@@ -21,13 +21,15 @@ stdenv.mkDerivation rec { 
        chmod +x "$out/share/neo4j/bin/$NEO4J_SCRIPT"

        makeWrapper "$out/share/neo4j/bin/$NEO4J_SCRIPT" \

            "$out/bin/$NEO4J_SCRIPT" \

            --prefix PATH : "${lib.makeBinPath [ openjdk11 which gawk ]}" \

            --set JAVA_HOME "${openjdk11}"

            --prefix PATH : "${lib.makeBinPath [ openjdk17 which gawk ]}" \

            --set JAVA_HOME "${openjdk17}"

    done



    patchShebangs $out/share/neo4j/bin/neo4j-admin



    # user will be asked to change password on first login

    $out/bin/neo4j-admin set-initial-password neo4j

    # password must be at least 8 characters long

    $out/bin/neo4j-admin dbms set-initial-password neo4jadmin

  '';



  passthru.tests.nixos = nixosTests.neo4j;