| blob | 1c5a9af5c92452903953bab68a9be11a1f2e6967 |
1 { config, lib, pkgs, ... }:
3 let
5 cfg = config.services.tomcat;
6 tomcat = cfg.package;
7 in
9 {
10 meta = {
11 maintainers = with lib.maintainers; [ danbst anthonyroussel ];
12 };
14 ###### interface
16 options = {
17 services.tomcat = {
18 enable = lib.mkEnableOption "Apache Tomcat";
20 package = lib.mkPackageOption pkgs "tomcat9" {
21 example = "tomcat10";
22 };
24 port = lib.mkOption {
25 type = lib.types.port;
26 default = 8080;
27 description = ''
28 The TCP port Tomcat should listen on.
29 '';
30 };
32 purifyOnStart = lib.mkOption {
33 type = lib.types.bool;
34 default = false;
35 description = ''
36 On startup, the `baseDir` directory is populated with various files,
37 subdirectories and symlinks. If this option is enabled, these items
38 (except for the `logs` and `work` subdirectories) are first removed.
39 This prevents interference from remainders of an old configuration
40 (libraries, webapps, etc.), so it's recommended to enable this option.
41 '';
42 };
44 baseDir = lib.mkOption {
45 type = lib.types.path;
46 default = "/var/tomcat";
47 description = ''
48 Location where Tomcat stores configuration files, web applications
49 and logfiles. Note that it is partially cleared on each service startup
50 if `purifyOnStart` is enabled.
51 '';
52 };
54 logDirs = lib.mkOption {
55 default = [ ];
56 type = lib.types.listOf lib.types.path;
57 description = "Directories to create in baseDir/logs/";
58 };
60 extraConfigFiles = lib.mkOption {
61 default = [ ];
62 type = lib.types.listOf lib.types.path;
63 description = "Extra configuration files to pull into the tomcat conf directory";
64 };
66 extraEnvironment = lib.mkOption {
67 type = lib.types.listOf lib.types.str;
68 default = [ ];
69 example = [ "ENVIRONMENT=production" ];
70 description = "Environment Variables to pass to the tomcat service";
71 };
73 extraGroups = lib.mkOption {
74 default = [ ];
75 type = lib.types.listOf lib.types.str;
76 example = [ "users" ];
77 description = "Defines extra groups to which the tomcat user belongs.";
78 };
80 user = lib.mkOption {
81 type = lib.types.str;
82 default = "tomcat";
83 description = "User account under which Apache Tomcat runs.";
84 };
86 group = lib.mkOption {
87 type = lib.types.str;
88 default = "tomcat";
89 description = "Group account under which Apache Tomcat runs.";
90 };
92 javaOpts = lib.mkOption {
93 type = lib.types.either (lib.types.listOf lib.types.str) lib.types.str;
94 default = "";
95 description = "Parameters to pass to the Java Virtual Machine which spawns Apache Tomcat";
96 };
98 catalinaOpts = lib.mkOption {
99 type = lib.types.either (lib.types.listOf lib.types.str) lib.types.str;
100 default = "";
101 description = "Parameters to pass to the Java Virtual Machine which spawns the Catalina servlet container";
102 };
104 sharedLibs = lib.mkOption {
105 type = lib.types.listOf lib.types.str;
106 default = [ ];
107 description = "List containing JAR files or directories with JAR files which are libraries shared by the web applications";
108 };
110 serverXml = lib.mkOption {
111 type = lib.types.lines;
112 default = "";
113 description = ''
114 Verbatim server.xml configuration.
115 This is mutually exclusive with the virtualHosts options.
116 '';
117 };
119 commonLibs = lib.mkOption {
120 type = lib.types.listOf lib.types.str;
121 default = [ ];
122 description = "List containing JAR files or directories with JAR files which are libraries shared by the web applications and the servlet container";
123 };
125 webapps = lib.mkOption {
126 type = lib.types.listOf lib.types.path;
127 default = [ tomcat.webapps ];
128 defaultText = lib.literalExpression "[ config.services.tomcat.package.webapps ]";
129 description = "List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat";
130 };
132 virtualHosts = lib.mkOption {
133 type = lib.types.listOf (lib.types.submodule {
134 options = {
135 name = lib.mkOption {
136 type = lib.types.str;
137 description = "name of the virtualhost";
138 };
139 aliases = lib.mkOption {
140 type = lib.types.listOf lib.types.str;
141 description = "aliases of the virtualhost";
142 default = [ ];
143 };
144 webapps = lib.mkOption {
145 type = lib.types.listOf lib.types.path;
146 description = ''
147 List containing web application WAR files and/or directories containing
148 web applications and configuration files for the virtual host.
149 '';
150 default = [ ];
151 };
152 };
153 });
154 default = [ ];
155 description = "List consisting of a virtual host name and a list of web applications to deploy on each virtual host";
156 };
158 logPerVirtualHost = lib.mkOption {
159 type = lib.types.bool;
160 default = false;
161 description = "Whether to enable logging per virtual host.";
162 };
164 jdk = lib.mkPackageOption pkgs "jdk" { };
166 axis2 = {
167 enable = lib.mkEnableOption "Apache Axis2 container";
169 services = lib.mkOption {
170 default = [ ];
171 type = lib.types.listOf lib.types.str;
172 description = "List containing AAR files or directories with AAR files which are web services to be deployed on Axis2";
173 };
174 };
175 };
176 };
178 ###### implementation
180 config = lib.mkIf config.services.tomcat.enable {
182 users.groups.tomcat.gid = config.ids.gids.tomcat;
184 users.users.tomcat =
185 {
186 uid = config.ids.uids.tomcat;
187 description = "Tomcat user";
188 home = "/homeless-shelter";
189 group = "tomcat";
190 extraGroups = cfg.extraGroups;
191 };
193 systemd.services.tomcat = {
194 description = "Apache Tomcat server";
195 wantedBy = [ "multi-user.target" ];
196 after = [ "network.target" ];
198 preStart = ''
199 ${lib.optionalString cfg.purifyOnStart ''
200 # Delete most directories/symlinks we create from the existing base directory,
201 # to get rid of remainders of an old configuration.
202 # The list of directories to delete is taken from the "mkdir" command below,
203 # excluding "logs" (because logs are valuable) and "work" (because normally
204 # session files are there), and additionally including "bin".
205 rm -rf ${cfg.baseDir}/{conf,virtualhosts,temp,lib,shared/lib,webapps,bin}
206 ''}
208 # Create the base directory
209 mkdir -p \
210 ${cfg.baseDir}/{conf,virtualhosts,logs,temp,lib,shared/lib,webapps,work}
211 chown ${cfg.user}:${cfg.group} \
212 ${cfg.baseDir}/{conf,virtualhosts,logs,temp,lib,shared/lib,webapps,work}
214 # Create a symlink to the bin directory of the tomcat component
215 ln -sfn ${tomcat}/bin ${cfg.baseDir}/bin
217 # Symlink the config files in the conf/ directory (except for catalina.properties and server.xml)
218 for i in $(ls ${tomcat}/conf | grep -v catalina.properties | grep -v server.xml); do
219 ln -sfn ${tomcat}/conf/$i ${cfg.baseDir}/conf/`basename $i`
220 done
222 ${lib.optionalString (cfg.extraConfigFiles != []) ''
223 for i in ${toString cfg.extraConfigFiles}; do
224 ln -sfn $i ${cfg.baseDir}/conf/`basename $i`
225 done
226 ''}
228 # Create a modified catalina.properties file
229 # Change all references from CATALINA_HOME to CATALINA_BASE and add support for shared libraries
230 sed -e 's|''${catalina.home}|''${catalina.base}|g' \
231 -e 's|shared.loader=|shared.loader=''${catalina.base}/shared/lib/*.jar|' \
232 ${tomcat}/conf/catalina.properties > ${cfg.baseDir}/conf/catalina.properties
234 ${if cfg.serverXml != "" then ''
235 cp -f ${pkgs.writeTextDir "server.xml" cfg.serverXml}/* ${cfg.baseDir}/conf/
236 '' else
237 let
238 hostElementForVirtualHost = virtualHost: ''
239 <Host name="${virtualHost.name}" appBase="virtualhosts/${virtualHost.name}/webapps"
240 unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
241 '' + lib.concatStrings (innerElementsForVirtualHost virtualHost) + ''
242 </Host>
243 '';
244 innerElementsForVirtualHost = virtualHost:
245 (map (alias: ''
246 <Alias>${alias}</Alias>
247 '') virtualHost.aliases)
248 ++ (lib.optional cfg.logPerVirtualHost ''
249 <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs/${virtualHost.name}"
250 prefix="${virtualHost.name}_access_log." pattern="combined" resolveHosts="false"/>
251 '');
252 hostElementsString = lib.concatMapStringsSep "\n" hostElementForVirtualHost cfg.virtualHosts;
253 hostElementsSedString = lib.replaceStrings ["\n"] ["\\\n"] hostElementsString;
254 in ''
255 # Create a modified server.xml which listens on the given port,
256 # and also includes all virtual hosts.
257 # The host modification must be last here,
258 # else if hostElementsSedString is empty sed gets confused as to what to append
259 sed -e 's/<Connector port="8080"/<Connector port="${toString cfg.port}"/' \
260 -e "/<Engine name=\"Catalina\" defaultHost=\"localhost\">/a\\"${lib.escapeShellArg hostElementsSedString} \
261 ${tomcat}/conf/server.xml > ${cfg.baseDir}/conf/server.xml
262 ''
263 }
264 ${lib.optionalString (cfg.logDirs != []) ''
265 for i in ${toString cfg.logDirs}; do
266 mkdir -p ${cfg.baseDir}/logs/$i
267 chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/$i
268 done
269 ''}
270 ${lib.optionalString cfg.logPerVirtualHost (toString (map (h: ''
271 mkdir -p ${cfg.baseDir}/logs/${h.name}
272 chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/logs/${h.name}
273 '') cfg.virtualHosts))}
275 # Symlink all the given common libs files or paths into the lib/ directory
276 for i in ${tomcat} ${toString cfg.commonLibs}; do
277 if [ -f $i ]; then
278 # If the given web application is a file, symlink it into the common/lib/ directory
279 ln -sfn $i ${cfg.baseDir}/lib/`basename $i`
280 elif [ -d $i ]; then
281 # If the given web application is a directory, then iterate over the files
282 # in the special purpose directories and symlink them into the tomcat tree
284 for j in $i/lib/*; do
285 ln -sfn $j ${cfg.baseDir}/lib/`basename $j`
286 done
287 fi
288 done
290 # Symlink all the given shared libs files or paths into the shared/lib/ directory
291 for i in ${toString cfg.sharedLibs}; do
292 if [ -f $i ]; then
293 # If the given web application is a file, symlink it into the common/lib/ directory
294 ln -sfn $i ${cfg.baseDir}/shared/lib/`basename $i`
295 elif [ -d $i ]; then
296 # If the given web application is a directory, then iterate over the files
297 # in the special purpose directories and symlink them into the tomcat tree
299 for j in $i/shared/lib/*; do
300 ln -sfn $j ${cfg.baseDir}/shared/lib/`basename $j`
301 done
302 fi
303 done
305 # Symlink all the given web applications files or paths into the webapps/ directory
306 for i in ${toString cfg.webapps}; do
307 if [ -f $i ]; then
308 # If the given web application is a file, symlink it into the webapps/ directory
309 ln -sfn $i ${cfg.baseDir}/webapps/`basename $i`
310 elif [ -d $i ]; then
311 # If the given web application is a directory, then iterate over the files
312 # in the special purpose directories and symlink them into the tomcat tree
314 for j in $i/webapps/*; do
315 ln -sfn $j ${cfg.baseDir}/webapps/`basename $j`
316 done
318 # Also symlink the configuration files if they are included
319 if [ -d $i/conf/Catalina ]; then
320 for j in $i/conf/Catalina/*; do
321 mkdir -p ${cfg.baseDir}/conf/Catalina/localhost
322 ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
323 done
324 fi
325 fi
326 done
328 ${toString (map (virtualHost: ''
329 # Create webapps directory for the virtual host
330 mkdir -p ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
332 # Modify ownership
333 chown ${cfg.user}:${cfg.group} ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps
335 # Symlink all the given web applications files or paths into the webapps/ directory
336 # of this virtual host
337 for i in "${lib.optionalString (virtualHost ? webapps) (toString virtualHost.webapps)}"; do
338 if [ -f $i ]; then
339 # If the given web application is a file, symlink it into the webapps/ directory
340 ln -sfn $i ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $i`
341 elif [ -d $i ]; then
342 # If the given web application is a directory, then iterate over the files
343 # in the special purpose directories and symlink them into the tomcat tree
345 for j in $i/webapps/*; do
346 ln -sfn $j ${cfg.baseDir}/virtualhosts/${virtualHost.name}/webapps/`basename $j`
347 done
349 # Also symlink the configuration files if they are included
350 if [ -d $i/conf/Catalina ]; then
351 for j in $i/conf/Catalina/*; do
352 mkdir -p ${cfg.baseDir}/conf/Catalina/${virtualHost.name}
353 ln -sfn $j ${cfg.baseDir}/conf/Catalina/${virtualHost.name}/`basename $j`
354 done
355 fi
356 fi
357 done
358 '') cfg.virtualHosts)}
360 ${lib.optionalString cfg.axis2.enable ''
361 # Copy the Axis2 web application
362 cp -av ${pkgs.axis2}/webapps/axis2 ${cfg.baseDir}/webapps
364 # Turn off addressing, which causes many errors
365 sed -i -e 's%<module ref="addressing"/>%<!-- <module ref="addressing"/> -->%' ${cfg.baseDir}/webapps/axis2/WEB-INF/conf/axis2.xml
367 # Modify permissions on the Axis2 application
368 chown -R ${cfg.user}:${cfg.group} ${cfg.baseDir}/webapps/axis2
370 # Symlink all the given web service files or paths into the webapps/axis2/WEB-INF/services directory
371 for i in ${toString cfg.axis2.services}; do
372 if [ -f $i ]; then
373 # If the given web service is a file, symlink it into the webapps/axis2/WEB-INF/services
374 ln -sfn $i ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $i`
375 elif [ -d $i ]; then
376 # If the given web application is a directory, then iterate over the files
377 # in the special purpose directories and symlink them into the tomcat tree
379 for j in $i/webapps/axis2/WEB-INF/services/*; do
380 ln -sfn $j ${cfg.baseDir}/webapps/axis2/WEB-INF/services/`basename $j`
381 done
383 # Also symlink the configuration files if they are included
384 if [ -d $i/conf/Catalina ]; then
385 for j in $i/conf/Catalina/*; do
386 ln -sfn $j ${cfg.baseDir}/conf/Catalina/localhost/`basename $j`
387 done
388 fi
389 fi
390 done
391 ''}
392 '';
394 serviceConfig = {
395 Type = "forking";
396 PermissionsStartOnly = true;
397 PIDFile = "/run/tomcat/tomcat.pid";
398 RuntimeDirectory = "tomcat";
399 User = cfg.user;
400 Environment = [
401 "CATALINA_BASE=${cfg.baseDir}"
402 "CATALINA_PID=/run/tomcat/tomcat.pid"
403 "JAVA_HOME='${cfg.jdk}'"
404 "JAVA_OPTS='${builtins.toString cfg.javaOpts}'"
405 "CATALINA_OPTS='${builtins.toString cfg.catalinaOpts}'"
406 ] ++ cfg.extraEnvironment;
407 ExecStart = "${tomcat}/bin/startup.sh";
408 ExecStop = "${tomcat}/bin/shutdown.sh";
409 };
410 };
411 };
412 }