[jackhill/guix/guix.git] / gnu / services / databases.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu services databases)
  #:use-module (gnu services)
  #:use-module (gnu services shepherd)
  #:use-module (gnu system shadow)
  #:use-module (gnu packages admin)
  #:use-module (gnu packages databases)
  #:use-module (guix records)
  #:use-module (guix gexp)
  #:use-module (ice-9 match)
  #:export (postgresql-service))

;;; Commentary:
;;;
;;; Database services.
;;;
;;; Code:

(define-record-type* <postgresql-configuration>
  postgresql-configuration make-postgresql-configuration
  postgresql-configuration?
  (postgresql     postgresql-configuration-postgresql ;<package>
                  (default postgresql))
  (config-file    postgresql-configuration-file)
  (data-directory postgresql-configuration-data-directory))

(define %default-postgres-hba
  (plain-file "pg_hba.conf"
              "
local	all	all			trust
host	all	all	127.0.0.1/32 	trust
host	all	all	::1/128 	trust"))

(define %default-postgres-ident
  (plain-file "pg_ident.conf"
             "# MAPNAME       SYSTEM-USERNAME         PG-USERNAME"))

(define %default-postgres-config
  (mixed-text-file "postgresql.conf"
                   "hba_file = '" %default-postgres-hba "'\n"
                   "ident_file = '" %default-postgres-ident "'\n"))

(define %postgresql-accounts
  (list (user-group (name "postgres") (system? #t))
        (user-account
         (name "postgres")
         (group "postgres")
         (system? #t)
         (comment "PostgreSQL server user")
         (home-directory "/var/empty")
         (shell #~(string-append #$shadow "/sbin/nologin")))))

(define postgresql-activation
  (match-lambda
    (($ <postgresql-configuration> postgresql config-file data-directory)
     #~(begin
         (use-modules (guix build utils)
                      (ice-9 match))

         (let ((user (getpwnam "postgres"))
               (initdb (string-append #$postgresql "/bin/initdb")))
           ;; Create db state directory.
           (mkdir-p #$data-directory)
           (chown #$data-directory (passwd:uid user) (passwd:gid user))

           ;; Drop privileges and init state directory in a new
           ;; process.  Wait for it to finish before proceeding.
           (match (primitive-fork)
             (0
              ;; Exit with a non-zero status code if an exception is thrown.
              (dynamic-wind
                (const #t)
                (lambda ()
                  (setgid (passwd:gid user))
                  (setuid (passwd:uid user))
                  (primitive-exit (system* initdb "-D" #$data-directory)))
                (lambda ()
                  (primitive-exit 1))))
             (pid (waitpid pid))))))))

(define postgresql-shepherd-service
  (match-lambda
    (($ <postgresql-configuration> postgresql config-file data-directory)
     (let ((start-script
            ;; Wrapper script that switches to the 'postgres' user before
            ;; launching daemon.
            (program-file "start-postgres"
                          #~(let ((user (getpwnam "postgres"))
                                  (postgres (string-append #$postgresql
                                                           "/bin/postgres")))
                              (setgid (passwd:gid user))
                              (setuid (passwd:uid user))
                              (system* postgres
                                       (string-append "--config-file="
                                                      #$config-file)
                                       "-D" #$data-directory)))))
       (list (shepherd-service
              (provision '(postgres))
              (documentation "Run the PostgreSQL daemon.")
              (requirement '(user-processes loopback))
              (start #~(make-forkexec-constructor #$start-script))
              (stop #~(make-kill-destructor))))))))

(define postgresql-service-type
  (service-type (name 'postgresql)
                (extensions
                 (list (service-extension shepherd-root-service-type
                                          postgresql-shepherd-service)
                       (service-extension activation-service-type
                                          postgresql-activation)
                       (service-extension account-service-type
                                          (const %postgresql-accounts))))))

(define* (postgresql-service #:key (postgresql postgresql)
                             (config-file %default-postgres-config)
                             (data-directory "/var/lib/postgresql/data"))
  "Return a service that runs @var{postgresql}, the PostgreSQL database server.

The PostgreSQL daemon loads its runtime configuration from @var{config-file}
and stores the database cluster in @var{data-directory}."
  (service postgresql-service-type
           (postgresql-configuration
            (postgresql postgresql)
            (config-file config-file)
            (data-directory data-directory))))
Commit	Line	Data
105369a4 DT	1	;;; GNU Guix --- Functional package management for GNU
105369a4 DT	2	;;; Copyright © 2015 David Thompson <davet@gnu.org>
be1c2c54	3	;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
8823ed4e	4	;;; Copyright © 2016 Leo Famulari <leo@famulari.name>
105369a4 DT	5	;;;
	6	;;; This file is part of GNU Guix.
	7	;;;
	8	;;; GNU Guix is free software; you can redistribute it and/or modify it
	9	;;; under the terms of the GNU General Public License as published by
	10	;;; the Free Software Foundation; either version 3 of the License, or (at
	11	;;; your option) any later version.
	12	;;;
	13	;;; GNU Guix is distributed in the hope that it will be useful, but
	14	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	15	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	;;; GNU General Public License for more details.
	17	;;;
	18	;;; You should have received a copy of the GNU General Public License
	19	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	20
	21	(define-module (gnu services databases)
	22	#:use-module (gnu services)
0190c1c0	23	#:use-module (gnu services shepherd)
105369a4 DT	24	#:use-module (gnu system shadow)
	25	#:use-module (gnu packages admin)
	26	#:use-module (gnu packages databases)
	27	#:use-module (guix records)
105369a4	28	#:use-module (guix gexp)
0adfe95a	29	#:use-module (ice-9 match)
105369a4 DT	30	#:export (postgresql-service))
	31
	32	;;; Commentary:
	33	;;;
	34	;;; Database services.
	35	;;;
	36	;;; Code:
	37
0adfe95a LC	38	(define-record-type* <postgresql-configuration>
	39	postgresql-configuration make-postgresql-configuration
	40	postgresql-configuration?
	41	(postgresql postgresql-configuration-postgresql ;<package>
	42	(default postgresql))
	43	(config-file postgresql-configuration-file)
	44	(data-directory postgresql-configuration-data-directory))
	45
105369a4	46	(define %default-postgres-hba
be1c2c54 LC	47	(plain-file "pg_hba.conf"
be1c2c54 LC	48	"
105369a4 DT	49	local all all trust
	50	host all all 127.0.0.1/32 trust
	51	host all all ::1/128 trust"))
	52
	53	(define %default-postgres-ident
be1c2c54	54	(plain-file "pg_ident.conf"
105369a4 DT	55	"# MAPNAME SYSTEM-USERNAME PG-USERNAME"))
	56
	57	(define %default-postgres-config
be1c2c54 LC	58	(mixed-text-file "postgresql.conf"
be1c2c54 LC	59	"hba_file = '" %default-postgres-hba "'\n"
8823ed4e	60	"ident_file = '" %default-postgres-ident "'\n"))
105369a4	61
0adfe95a LC	62	(define %postgresql-accounts
	63	(list (user-group (name "postgres") (system? #t))
	64	(user-account
	65	(name "postgres")
	66	(group "postgres")
	67	(system? #t)
	68	(comment "PostgreSQL server user")
	69	(home-directory "/var/empty")
	70	(shell #~(string-append #$shadow "/sbin/nologin")))))
	71
	72	(define postgresql-activation
	73	(match-lambda
	74	(($ <postgresql-configuration> postgresql config-file data-directory)
	75	#~(begin
	76	(use-modules (guix build utils)
	77	(ice-9 match))
	78
	79	(let ((user (getpwnam "postgres"))
	80	(initdb (string-append #$postgresql "/bin/initdb")))
	81	;; Create db state directory.
	82	(mkdir-p #$data-directory)
	83	(chown #$data-directory (passwd:uid user) (passwd:gid user))
	84
	85	;; Drop privileges and init state directory in a new
	86	;; process. Wait for it to finish before proceeding.
	87	(match (primitive-fork)
	88	(0
	89	;; Exit with a non-zero status code if an exception is thrown.
	90	(dynamic-wind
	91	(const #t)
	92	(lambda ()
	93	(setgid (passwd:gid user))
	94	(setuid (passwd:uid user))
	95	(primitive-exit (system* initdb "-D" #$data-directory)))
	96	(lambda ()
	97	(primitive-exit 1))))
	98	(pid (waitpid pid))))))))
	99
d4053c71	100	(define postgresql-shepherd-service
0adfe95a LC	101	(match-lambda
	102	(($ <postgresql-configuration> postgresql config-file data-directory)
	103	(let ((start-script
	104	;; Wrapper script that switches to the 'postgres' user before
	105	;; launching daemon.
	106	(program-file "start-postgres"
	107	#~(let ((user (getpwnam "postgres"))
	108	(postgres (string-append #$postgresql
	109	"/bin/postgres")))
	110	(setgid (passwd:gid user))
	111	(setuid (passwd:uid user))
	112	(system* postgres
	113	(string-append "--config-file="
	114	#$config-file)
	115	"-D" #$data-directory)))))
d4053c71	116	(list (shepherd-service
0adfe95a LC	117	(provision '(postgres))
	118	(documentation "Run the PostgreSQL daemon.")
	119	(requirement '(user-processes loopback))
	120	(start #~(make-forkexec-constructor #$start-script))
	121	(stop #~(make-kill-destructor))))))))
	122
	123	(define postgresql-service-type
	124	(service-type (name 'postgresql)
	125	(extensions
d4053c71 AK	126	(list (service-extension shepherd-root-service-type
d4053c71 AK	127	postgresql-shepherd-service)
0adfe95a LC	128	(service-extension activation-service-type
	129	postgresql-activation)
	130	(service-extension account-service-type
	131	(const %postgresql-accounts))))))
	132
105369a4 DT	133	(define* (postgresql-service #:key (postgresql postgresql)
	134	(config-file %default-postgres-config)
	135	(data-directory "/var/lib/postgresql/data"))
	136	"Return a service that runs @var{postgresql}, the PostgreSQL database server.
	137
	138	The PostgreSQL daemon loads its runtime configuration from @var{config-file}
	139	and stores the database cluster in @var{data-directory}."
0adfe95a LC	140	(service postgresql-service-type
	141	(postgresql-configuration
	142	(postgresql postgresql)
	143	(config-file config-file)
	144	(data-directory data-directory))))