summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--maintainers/team-list.nix1
-rw-r--r--nixos/modules/services/databases/redis.nix5
-rw-r--r--nixos/tests/redis.nix117
-rw-r--r--pkgs/by-name/ke/keydb/package.nix106
-rw-r--r--pkgs/servers/nosql/redis/default.nix1
5 files changed, 191 insertions, 39 deletions
diff --git a/maintainers/team-list.nix b/maintainers/team-list.nix
index 5a627d45c4ab..7fcfef5546e2 100644
--- a/maintainers/team-list.nix
+++ b/maintainers/team-list.nix
@@ -451,6 +451,7 @@ with lib.maintainers; {
# Verify additions to this team with at least one already existing member of the team.
members = [
das_j
+ conni2461
];
scope = "Group registration for packages maintained by Helsinki Systems";
shortName = "Helsinki Systems employees";
diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix
index 2e644895a260..fe2d75fc53a9 100644
--- a/nixos/modules/services/databases/redis.nix
+++ b/nixos/modules/services/databases/redis.nix
@@ -338,7 +338,7 @@ in {
after = [ "network.target" ];
serviceConfig = {
- ExecStart = "${cfg.package}/bin/redis-server /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}";
+ ExecStart = "${cfg.package}/bin/${cfg.package.serverBin or "redis-server"} /var/lib/${redisName name}/redis.conf ${escapeShellArgs conf.extraParams}";
ExecStartPre = "+"+pkgs.writeShellScript "${redisName name}-prep-conf" (let
redisConfVar = "/var/lib/${redisName name}/redis.conf";
redisConfRun = "/run/${redisName name}/nixos.conf";
@@ -391,7 +391,8 @@ in {
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
RestrictNamespaces = true;
LockPersonality = true;
- MemoryDenyWriteExecute = true;
+ # we need to disable MemoryDenyWriteExecute for keydb
+ MemoryDenyWriteExecute = cfg.package.pname != "keydb";
RestrictRealtime = true;
RestrictSUIDSGID = true;
PrivateMounts = true;
diff --git a/nixos/tests/redis.nix b/nixos/tests/redis.nix
index 94b50d07be6d..6c84701c9c0a 100644
--- a/nixos/tests/redis.nix
+++ b/nixos/tests/redis.nix
@@ -1,44 +1,87 @@
-import ./make-test-python.nix ({ pkgs, lib, ... }:
{
- name = "redis";
- meta.maintainers = with lib.maintainers; [ flokli ];
-
- nodes = {
- machine =
- { pkgs, lib, ... }:
-
- {
- services.redis.servers."".enable = true;
- services.redis.servers."test".enable = true;
-
- users.users = lib.listToAttrs (map (suffix: lib.nameValuePair "member${suffix}" {
- createHome = false;
- description = "A member of the redis${suffix} group";
- isNormalUser = true;
- extraGroups = [ "redis${suffix}" ];
- }) ["" "-test"]);
- };
+ system ? builtins.currentSystem,
+ config ? { },
+ pkgs ? import ../../.. { inherit system config; },
+
+ lib ? pkgs.lib,
+}:
+let
+ makeTest = import ./make-test-python.nix;
+ mkTestName =
+ pkg: "${pkg.pname}_${builtins.replaceStrings [ "." ] [ "" ] (lib.versions.majorMinor pkg.version)}";
+ redisPackages = {
+ inherit (pkgs) redis keydb;
};
+ makeRedisTest =
+ {
+ package,
+ name ? mkTestName package,
+ }:
+ makeTest {
+ inherit name;
+ meta.maintainers = [
+ lib.maintainers.flokli
+ lib.teams.helsinki-systems.members
+ ];
+
+ nodes = {
+ machine =
+ { lib, ... }:
+
+ {
+ services = {
+ redis = {
+ inherit package;
+ servers."".enable = true;
+ servers."test".enable = true;
+ };
+ };
+
+ users.users = lib.listToAttrs (
+ map
+ (
+ suffix:
+ lib.nameValuePair "member${suffix}" {
+ createHome = false;
+ description = "A member of the redis${suffix} group";
+ isNormalUser = true;
+ extraGroups = [ "redis${suffix}" ];
+ }
+ )
+ [
+ ""
+ "-test"
+ ]
+ );
+ };
+ };
- testScript = { nodes, ... }: let
- inherit (nodes.machine.config.services) redis;
- in ''
- start_all()
- machine.wait_for_unit("redis")
- machine.wait_for_unit("redis-test")
+ testScript =
+ { nodes, ... }:
+ let
+ inherit (nodes.machine.services) redis;
+ in
+ ''
+ start_all()
+ machine.wait_for_unit("redis")
+ machine.wait_for_unit("redis-test")
- # The unnamed Redis server still opens a port for backward-compatibility
- machine.wait_for_open_port(6379)
+ # The unnamed Redis server still opens a port for backward-compatibility
+ machine.wait_for_open_port(6379)
- machine.wait_for_file("${redis.servers."".unixSocket}")
- machine.wait_for_file("${redis.servers."test".unixSocket}")
+ machine.wait_for_file("${redis.servers."".unixSocket}")
+ machine.wait_for_file("${redis.servers."test".unixSocket}")
- # The unix socket is accessible to the redis group
- machine.succeed('su member -c "redis-cli ping | grep PONG"')
- machine.succeed('su member-test -c "redis-cli ping | grep PONG"')
+ # The unix socket is accessible to the redis group
+ machine.succeed('su member -c "${pkgs.redis}/bin/redis-cli ping | grep PONG"')
+ machine.succeed('su member-test -c "${pkgs.redis}/bin/redis-cli ping | grep PONG"')
- machine.succeed("redis-cli ping | grep PONG")
- machine.succeed("redis-cli -s ${redis.servers."".unixSocket} ping | grep PONG")
- machine.succeed("redis-cli -s ${redis.servers."test".unixSocket} ping | grep PONG")
- '';
-})
+ machine.succeed("${pkgs.redis}/bin/redis-cli ping | grep PONG")
+ machine.succeed("${pkgs.redis}/bin/redis-cli -s ${redis.servers."".unixSocket} ping | grep PONG")
+ machine.succeed("${pkgs.redis}/bin/redis-cli -s ${
+ redis.servers."test".unixSocket
+ } ping | grep PONG")
+ '';
+ };
+in
+lib.mapAttrs (_: package: makeRedisTest { inherit package; }) redisPackages
diff --git a/pkgs/by-name/ke/keydb/package.nix b/pkgs/by-name/ke/keydb/package.nix
new file mode 100644
index 000000000000..3fc085b40ad9
--- /dev/null
+++ b/pkgs/by-name/ke/keydb/package.nix
@@ -0,0 +1,106 @@
+{
+ stdenv,
+ lib,
+ fetchFromGitHub,
+ libuuid,
+ curl,
+ pkg-config,
+ withSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd,
+ systemd,
+ tlsSupport ? !stdenv.hostPlatform.isStatic,
+ openssl,
+ jemalloc,
+ which,
+ tcl,
+ tcltls,
+ ps,
+ getconf,
+ nixosTests,
+}:
+
+stdenv.mkDerivation rec {
+ pname = "keydb";
+ version = "6.3.4";
+
+ src = fetchFromGitHub {
+ owner = "snapchat";
+ repo = "keydb";
+ rev = "v${version}";
+ hash = "sha256-j6qgK6P3Fv+b6k9jwKQ5zW7XLkKbXXcmHKBCQYvwEIU=";
+ };
+
+ postPatch = ''
+ substituteInPlace deps/lua/src/Makefile \
+ --replace-fail "ar rcu" "${stdenv.cc.targetPrefix}ar rcu"
+ substituteInPlace src/Makefile \
+ --replace-fail "as --64 -g" "${stdenv.cc.targetPrefix}as --64 -g"
+ '';
+
+ nativeBuildInputs = [ pkg-config ];
+ buildInputs = [
+ jemalloc
+ curl
+ libuuid
+ ] ++ lib.optionals tlsSupport [ openssl ] ++ lib.optionals withSystemd [ systemd ];
+
+ makeFlags =
+ [
+ "PREFIX=${placeholder "out"}"
+ "AR=${stdenv.cc.targetPrefix}ar"
+ "RANLIB=${stdenv.cc.targetPrefix}ranlib"
+ "USEASM=${if stdenv.isx86_64 then "true" else "false"}"
+ ]
+ ++ lib.optionals (!tlsSupport) [ "BUILD_TLS=no" ]
+ ++ lib.optionals withSystemd [ "USE_SYSTEMD=yes" ]
+ ++ lib.optionals (!stdenv.isx86_64) [ "MALLOC=libc" ];
+
+ enableParallelBuilding = true;
+
+ hardeningEnable = lib.optionals (!stdenv.isDarwin) [ "pie" ];
+
+ # darwin currently lacks a pure `pgrep` which is extensively used here
+ doCheck = !stdenv.isDarwin;
+ nativeCheckInputs = [
+ which
+ tcl
+ ps
+ ] ++ lib.optionals stdenv.hostPlatform.isStatic [ getconf ] ++ lib.optionals tlsSupport [ tcltls ];
+ checkPhase = ''
+ runHook preCheck
+
+ # disable test "Connect multiple replicas at the same time": even
+ # upstream find this test too timing-sensitive
+ substituteInPlace tests/integration/replication.tcl \
+ --replace-fail 'foreach mdl {no yes}' 'foreach mdl {}'
+
+ substituteInPlace tests/support/server.tcl \
+ --replace-fail 'exec /usr/bin/env' 'exec env'
+
+ sed -i '/^proc wait_load_handlers_disconnected/{n ; s/wait_for_condition 50 100/wait_for_condition 50 500/; }' \
+ tests/support/util.tcl
+
+ patchShebangs ./utils/gen-test-certs.sh
+ ${if tlsSupport then "./utils/gen-test-certs.sh" else ""}
+
+ ./runtest \
+ --no-latency \
+ --timeout 2000 \
+ --clients $NIX_BUILD_CORES \
+ --tags -leaks ${if tlsSupport then "--tls" else ""}
+
+ runHook postCheck
+ '';
+
+ passthru.tests.redis = nixosTests.redis;
+ passthru.serverBin = "keydb-server";
+
+ meta = with lib; {
+ homepage = "https://keydb.dev";
+ description = "A Multithreaded Fork of Redis";
+ license = licenses.bsd3;
+ platforms = platforms.all;
+ changelog = "https://github.com/Snapchat/KeyDB/raw/v${version}/00-RELEASENOTES";
+ maintainers = teams.helsinki-systems.members;
+ mainProgram = "keydb-cli";
+ };
+}
diff --git a/pkgs/servers/nosql/redis/default.nix b/pkgs/servers/nosql/redis/default.nix
index 923de9126b5f..750b943eff0b 100644
--- a/pkgs/servers/nosql/redis/default.nix
+++ b/pkgs/servers/nosql/redis/default.nix
@@ -85,6 +85,7 @@ stdenv.mkDerivation (finalAttrs: {
'';
passthru.tests.redis = nixosTests.redis;
+ passthru.serverBin = "redis-server";
meta = with lib; {
homepage = "https://redis.io";
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-04 00:32:55 +0000