From 9e2e00683dbb8b1243420e25719408e4bfe1c14f Mon Sep 17 00:00:00 2001 From: Minijackson Date: Tue, 13 Feb 2024 08:36:38 +0100 Subject: [PATCH 1/9] flake: upgrade NixOS 23.05 -> 23.11 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit in flake, in template, and in documentation also add poetry2nix overlay, since it was removed from nixpkgs in 23.11 Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12) → 'github:NixOS/nixpkgs/809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6' (2024-02-11) • Added input 'poetry2nix': 'github:nix-community/poetry2nix/4eb2ac54029af42a001c9901194e9ce19cbd8a40' (2024-02-06) • Added input 'poetry2nix/flake-utils': 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Added input 'poetry2nix/flake-utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09) • Added input 'poetry2nix/nix-github-actions': 'github:nix-community/nix-github-actions/4bb5e752616262457bc7ca5882192a564c0472d2' (2023-11-03) • Added input 'poetry2nix/nix-github-actions/nixpkgs': follows 'poetry2nix/nixpkgs' • Added input 'poetry2nix/nixpkgs': follows 'nixpkgs' • Added input 'poetry2nix/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e' (2023-04-09) • Added input 'poetry2nix/treefmt-nix': 'github:numtide/treefmt-nix/e82f32aa7f06bbbd56d7b12186d555223dc399d1' (2023-11-12) • Added input 'poetry2nix/treefmt-nix/nixpkgs': follows 'poetry2nix/nixpkgs' --- doc/nixos/guides/_pre-requisites.md | 2 +- doc/nixos/tutorials/archiver-appliance.md | 8 +- flake.lock | 124 +++++++++++++++++++++- flake.nix | 22 ++-- ioc/modules/common.nix | 6 +- pkgs/epnix/tools/phoebus/deps/default.nix | 2 +- pkgs/epnix/tools/phoebus/olog/default.nix | 2 +- 7 files changed, 145 insertions(+), 21 deletions(-) diff --git a/doc/nixos/guides/_pre-requisites.md b/doc/nixos/guides/_pre-requisites.md index 67a77503..82b49c70 100644 --- a/doc/nixos/guides/_pre-requisites.md +++ b/doc/nixos/guides/_pre-requisites.md @@ -18,7 +18,7 @@ For example: ``` {.diff filename="flake.nix"} { # ... -+ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; ++ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + inputs.epnix.url = "github:epics-extensions/EPNix"; # ... diff --git a/doc/nixos/tutorials/archiver-appliance.md b/doc/nixos/tutorials/archiver-appliance.md index a1cdbbee..41681332 100644 --- a/doc/nixos/tutorials/archiver-appliance.md +++ b/doc/nixos/tutorials/archiver-appliance.md @@ -57,7 +57,7 @@ Fill the file with these lines: { description = "Configuration for running Archiver Appliance in a VM"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; inputs.epnix.url = "github:epics-extensions/EPNix"; outputs = { self, nixpkgs, epnix }: { @@ -72,11 +72,7 @@ Fill the file with these lines: } ``` -```{=html} - - -``` -Save and quit by typing ``{=html}Ctrl-x``{=html}, ``{=html}y``{=html}, and ``{=html}Enter``{=html}, +Save and quit by typing {{< kbd Ctrl-x >}}, {{< kbd y >}}, and {{< kbd Enter >}}, and run `nixos-rebuild test` to test your changes. Some explanations: diff --git a/flake.lock b/flake.lock index b3c2619a..acc7ae62 100644 --- a/flake.lock +++ b/flake.lock @@ -51,27 +51,141 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1698974481, + "narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "4bb5e752616262457bc7ca5882192a564c0472d2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1694499547, - "narHash": "sha256-R7xMz1Iia6JthWRHDn36s/E248WB1/je62ovC/dUVKI=", + "lastModified": 1707650010, + "narHash": "sha256-dOhphIA4MGrH4ElNCy/OlwmN24MsnEqFjRR6+RY7jZw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e5f018cf150e29aac26c61dac0790ea023c46b24", + "rev": "809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } }, + "poetry2nix": { + "inputs": { + "flake-utils": "flake-utils_3", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1707195113, + "narHash": "sha256-xPFxTMe4rKE/ZWLlOWv22qpGwpozpR+U1zhyf1040Zk=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "4eb2ac54029af42a001c9901194e9ce19cbd8a40", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, "root": { "inputs": { "bash-lib": "bash-lib", "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "poetry2nix": "poetry2nix" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1699786194, + "narHash": "sha256-3h3EH1FXQkIeAuzaWB+nK0XK54uSD46pp+dMD3gAcB4=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "e82f32aa7f06bbbd56d7b12186d555223dc399d1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index a8980512..f9291101 100644 --- a/flake.nix +++ b/flake.nix @@ -1,12 +1,18 @@ { description = "A Nix flake containing EPICS-related modules and packages"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; - inputs.bash-lib = { - url = "github:minijackson/bash-lib"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + bash-lib = { + url = "github:minijackson/bash-lib"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + flake-utils.url = "github:numtide/flake-utils"; + poetry2nix = { + url = "github:nix-community/poetry2nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - inputs.flake-utils.url = "github:numtide/flake-utils"; outputs = { self, @@ -19,7 +25,11 @@ systemDependentOutputs = system: let pkgs = import nixpkgs { inherit system; - overlays = [overlay inputs.bash-lib.overlay]; + overlays = [ + overlay + inputs.bash-lib.overlay + inputs.poetry2nix.overlays.default + ]; }; in { packages = flake-utils.lib.flattenTree pkgs.epnix; diff --git a/ioc/modules/common.nix b/ioc/modules/common.nix index d98303da..11838b6b 100644 --- a/ioc/modules/common.nix +++ b/ioc/modules/common.nix @@ -51,6 +51,10 @@ with lib; { }; config = { - nixpkgs.overlays = [epnix.inputs.bash-lib.overlay epnix.overlays.default]; + nixpkgs.overlays = [ + epnix.inputs.poetry2nix.overlays.default + epnix.inputs.bash-lib.overlay + epnix.overlays.default + ]; }; } diff --git a/pkgs/epnix/tools/phoebus/deps/default.nix b/pkgs/epnix/tools/phoebus/deps/default.nix index cafe6038..ed7a43da 100644 --- a/pkgs/epnix/tools/phoebus/deps/default.nix +++ b/pkgs/epnix/tools/phoebus/deps/default.nix @@ -58,7 +58,7 @@ stdenv.mkDerivation { outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-9MJdmIVAqjPW5ihZYWCh+zsWlxrtoHBH7NFwPh01pRc="; + outputHash = "sha256-6pUHn6tU54e4r5tJwoailVX3YEqO9BouWM3fweAdyt8="; doCheck = false; diff --git a/pkgs/epnix/tools/phoebus/olog/default.nix b/pkgs/epnix/tools/phoebus/olog/default.nix index 9bf50d96..213667ea 100644 --- a/pkgs/epnix/tools/phoebus/olog/default.nix +++ b/pkgs/epnix/tools/phoebus/olog/default.nix @@ -56,7 +56,7 @@ in outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-feT4qSN7B+KSUIoCmBkjDjsib39QfUW/4PxsU3Jx2Gs="; + outputHash = "sha256-40n06R2KBuuzqvVq1bWsd1jjQtcNQfK/4RbgtFmxTf8="; doCheck = false; }; From c1de3d7252ac1772be651a4a09186e88e0a6f59f Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 13:33:43 +0100 Subject: [PATCH 2/9] pkgs/epics-base: fix "buffer overflow detected" runtime issue it seems that _FORTIFY_SOURCE=3 caused a miscompilation, fall back to _FORTIFY_SOURCE=2 --- pkgs/epnix/epics-base/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/epnix/epics-base/default.nix b/pkgs/epnix/epics-base/default.nix index 58524070..988ee2af 100644 --- a/pkgs/epnix/epics-base/default.nix +++ b/pkgs/epnix/epics-base/default.nix @@ -136,6 +136,12 @@ in # TODO: Some tests fail doCheck = false; + # _FORTIFY_SOURCE=3 causes a buffer overflow in some cases: + # *** buffer overflow detected ***: terminated + # + # Fall back to _FORTIFY_SOURCE=2 + hardeningDisable = ["fortify3"]; + meta = { description = "The Experimental Physics and Industrial Control System"; homepage = "https://epics-controls.org/"; From 90a984b913cc96908082de6ff01f361f58b9d474 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 13:36:29 +0100 Subject: [PATCH 3/9] pkgs/book: switch quarto -> quartoMinimal has a lot less dependencies, we didn't use any of them --- flake.nix | 2 +- pkgs/book/default.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index f9291101..63c68160 100644 --- a/flake.nix +++ b/flake.nix @@ -56,7 +56,7 @@ category = "development tools"; } { - package = pkgs.quarto; + package = pkgs.quartoMinimal; category = "development tools"; } { diff --git a/pkgs/book/default.nix b/pkgs/book/default.nix index bd519688..23fcc96d 100644 --- a/pkgs/book/default.nix +++ b/pkgs/book/default.nix @@ -3,7 +3,7 @@ lib, epnixLib, epnix, - quarto, + quartoMinimal, writeText, documentedEpnixPkgs ? epnix, iocConfig ? {}, @@ -70,7 +70,7 @@ in name = "epnix-book"; src = ../../doc; - nativeBuildInputs = [quarto]; + nativeBuildInputs = [quartoMinimal]; dontConfigure = true; From 56f1caaac4d748caf1153076b45daa180707c360 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 13:44:10 +0100 Subject: [PATCH 4/9] gitignore: add some history files --- .gitignore | 6 ++++++ templates/top/.gitignore | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/.gitignore b/.gitignore index 5e40e6e5..faaae889 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,9 @@ outputs # Some files generated by CI, to ensure the working tree is clean on CI /manpage /public + +# Created by running IOCs +.iocsh_history + +# Created by running NixOS tests in interactive mode +.nixos-test-history diff --git a/templates/top/.gitignore b/templates/top/.gitignore index 4030d251..abf0cd0f 100644 --- a/templates/top/.gitignore +++ b/templates/top/.gitignore @@ -27,3 +27,9 @@ envPaths # Compilation database generated by bear or other compile_commands.json + +# Created by running IOCs +.iocsh_history + +# Created by running NixOS tests in interactive mode +.nixos-test-history From 64e8185130ed2a632d27501c51cc1c3a5da724f7 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 13:47:03 +0100 Subject: [PATCH 5/9] templates/top: fix wrong commented overlay option --- templates/top/flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/top/flake.nix b/templates/top/flake.nix index 3be88393..b0aaa1d8 100644 --- a/templates/top/flake.nix +++ b/templates/top/flake.nix @@ -33,7 +33,7 @@ # If you have a support module as a separate EPNix repository, # uncomment this line to make the package available: # --- - #overlays = [inputs.mySupportModule.overlays.default]; + #nixpkgs.overlays = [inputs.mySupportModule.overlays.default]; epnix = { inherit inputs; From 81121cad704539193d1f00b04c96eed220260780 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 14:03:00 +0100 Subject: [PATCH 6/9] nixos/phoebus/alarm: don't set kafka address by default --- nixos/modules/phoebus/alarm-logger.nix | 2 -- nixos/modules/phoebus/alarm-server.nix | 2 -- 2 files changed, 4 deletions(-) diff --git a/nixos/modules/phoebus/alarm-logger.nix b/nixos/modules/phoebus/alarm-logger.nix index 4e81d31d..47af9914 100644 --- a/nixos/modules/phoebus/alarm-logger.nix +++ b/nixos/modules/phoebus/alarm-logger.nix @@ -87,8 +87,6 @@ in { "bootstrap.servers" = lib.mkOption { description = "Location of the Kafka server"; type = lib.types.str; - default = "localhost:${toString config.services.apache-kafka.port}"; - defaultText = lib.literalExpression ''"localhost:''${toString config.services.apache-kafka.port}"''; }; date_span_units = lib.mkOption { diff --git a/nixos/modules/phoebus/alarm-server.nix b/nixos/modules/phoebus/alarm-server.nix index 2345f1a0..d7ed08f4 100644 --- a/nixos/modules/phoebus/alarm-server.nix +++ b/nixos/modules/phoebus/alarm-server.nix @@ -69,8 +69,6 @@ in { "org.phoebus.applications.alarm/server" = lib.mkOption { description = "Kafka server host:port"; type = lib.types.str; - default = "localhost:${toString config.services.apache-kafka.port}"; - defaultText = lib.literalExpression ''"localhost:''${toString config.services.apache-kafka.port}"''; }; # Waiting for: https://github.com/ControlSystemStudio/phoebus/issues/2843 From e97802d3bf6677a691af40925aa4c81d3247ede5 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 8 Mar 2024 14:04:25 +0100 Subject: [PATCH 7/9] nixos/tests/phoebus/alarm: use Kraft-mode Kafka --- nixos/tests/phoebus/alarm.nix | 74 +++++++++++++++++------------------ 1 file changed, 35 insertions(+), 39 deletions(-) diff --git a/nixos/tests/phoebus/alarm.nix b/nixos/tests/phoebus/alarm.nix index 4a5840b1..5db6467b 100644 --- a/nixos/tests/phoebus/alarm.nix +++ b/nixos/tests/phoebus/alarm.nix @@ -1,22 +1,17 @@ # This tests both the phoebus-alarm-server, and phoebus-alarm-logger services -{ - epnixLib, - lib, - pkgs, - ... -}: { +{epnixLib, ...}: { name = "phoebus-alarm-server-simple-check"; meta.maintainers = with epnixLib.maintainers; [minijackson]; nodes = { - client = { + client = {pkgs, ...}: { environment = { sessionVariables.EPICS_CA_ADDR_LIST = ["ioc"]; systemPackages = [pkgs.kcat pkgs.epnix.epics-base]; }; }; - ioc = { + ioc = {pkgs, ...}: { systemd.services.ioc = { description = "Test IOC to be monitored with the Phoebus Alarm server"; serviceConfig.ExecStart = "${pkgs.epnix.epics-base}/bin/softIoc -S -d ${./ioc.db}"; @@ -32,12 +27,13 @@ server = { config, + lib, pkgs, ... }: let - kafkaPort = toString config.services.apache-kafka.port; serverAddr = "192.168.1.3"; - kafkaListenSockAddr = "${serverAddr}:${kafkaPort}"; + kafkaListenSockAddr = "${serverAddr}:9092"; + kafkaControllerListenSockAddr = "${serverAddr}:9093"; in { services.phoebus-alarm-server = { enable = true; @@ -51,43 +47,43 @@ services.phoebus-alarm-logger.settings."bootstrap.servers" = kafkaListenSockAddr; - services.elasticsearch = { - enable = true; - package = pkgs.elasticsearch7; - }; - - # Single-server Kafka setup services.apache-kafka = { enable = true; - logDirs = ["/var/lib/apache-kafka"]; - # Tell Apache Kafka to listen on this IP address - # If you don't have a DNS domain name, it's best to set a specific, non-local IP address. - extraProperties = '' - listeners=PLAINTEXT://${kafkaListenSockAddr} - offsets.topic.replication.factor=1 - transaction.state.log.replication.factor=1 - transaction.state.log.min.isr=1 - ''; - }; + clusterId = "Wwbk0wwKTueL2hJD0IGGdQ"; + formatLogDirs = true; + settings = { + listeners = [ + "PLAINTEXT://${kafkaListenSockAddr}" + "CONTROLLER://${kafkaControllerListenSockAddr}" + ]; + "listener.security.protocol.map" = [ + "PLAINTEXT:PLAINTEXT" + "CONTROLLER:PLAINTEXT" + ]; + "controller.quorum.voters" = [ + "1@${kafkaControllerListenSockAddr}" + ]; + "controller.listener.names" = ["CONTROLLER"]; - systemd.services.apache-kafka = { - after = ["zookeeper.service"]; - unitConfig.StateDirectory = "apache-kafka"; + "node.id" = 1; + "process.roles" = ["broker" "controller"]; + + "log.dirs" = ["/var/lib/apache-kafka"]; + "offsets.topic.replication.factor" = 1; + "transaction.state.log.replication.factor" = 1; + "transaction.state.log.min.isr" = 1; + }; }; - services.zookeeper = { + systemd.services.apache-kafka.unitConfig.StateDirectory = ["apache-kafka"]; + + networking.firewall.allowedTCPPorts = [9092]; + + services.elasticsearch = { enable = true; - extraConf = '' - # Port conflicts by default with phoebus-alarm-logger's port - admin.enableServer=false - ''; + package = pkgs.elasticsearch7; }; - # Open kafka to the outside world - networking.firewall.allowedTCPPorts = [ - config.services.apache-kafka.port - ]; - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ # Elasticsearch can be used as an SSPL-licensed software, which is From 0eba5e148abe01be3c4ea1233fbe86e0fc088d03 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 5 Apr 2024 09:48:06 +0200 Subject: [PATCH 8/9] doc/nixos/phoebus-alarm: use kraft mode Kafka --- doc/nixos/guides/phoebus-alarm.md | 74 +++++++++++++++++-------------- 1 file changed, 40 insertions(+), 34 deletions(-) diff --git a/doc/nixos/guides/phoebus-alarm.md b/doc/nixos/guides/phoebus-alarm.md index 47c2ef9d..6c941b50 100644 --- a/doc/nixos/guides/phoebus-alarm.md +++ b/doc/nixos/guides/phoebus-alarm.md @@ -29,15 +29,17 @@ The Phoebus Alarm Logging Service can also be called the Phoebus Alarm Logger. # Single server Phoebus Alarm setup To configure Phoebus Alarm, Phoebus Alarm Logger, Apache Kafka, and ElasticSearch on a single server, -add this to your configuration: +add this to your configuration, +while taking care of replacing the IP address +and Kafka's `clusterId`: ``` nix -{config, lib, ...}: let - kafkaPort = toString config.services.apache-kafka.port; - # Replace this with your machine's IP address +{lib, pkgs, ...}: let + # Replace this with your machine's external IP address # or DNS domain name ip = "192.168.1.42"; - kafkaListenSockAddr = "${ip}:${kafkaPort}"; + kafkaListenSockAddr = "${ip}:9092"; + kafkaControllerListenSockAddr = "${ip}:9093"; in { # The Phoebus Alarm server also automatically enables the Phoebus Alarm Logger services.phoebus-alarm-server = { @@ -48,43 +50,48 @@ in { services.phoebus-alarm-logger.settings."bootstrap.servers" = kafkaListenSockAddr; - services.elasticsearch = { - enable = true; - package = pkgs.elasticsearch7; - }; - # Single-server Kafka setup services.apache-kafka = { enable = true; - logDirs = ["/var/lib/apache-kafka"]; - # Tell Apache Kafka to listen on this IP address - # If you don't have a DNS domain name, it's best to set a specific, non-local IP address. - extraProperties = '' - listeners=PLAINTEXT://${kafkaListenSockAddr} - offsets.topic.replication.factor=1 - transaction.state.log.replication.factor=1 - transaction.state.log.min.isr=1 - ''; + # Replace with a randomly generated uuid. You can get one by running: + # nix shell 'nixpkgs#apacheKafka' -c kafka-storage.sh random-uuid + clusterId = "xxxxxxxxxxxxxxxxxxxxxx"; + formatLogDirs = true; + settings = { + listeners = [ + "PLAINTEXT://${kafkaListenSockAddr}" + "CONTROLLER://${kafkaControllerListenSockAddr}" + ]; + # Adapt depending on your security constraints + "listener.security.protocol.map" = [ + "PLAINTEXT:PLAINTEXT" + "CONTROLLER:PLAINTEXT" + ]; + "controller.quorum.voters" = [ + "1@${kafkaControllerListenSockAddr}" + ]; + "controller.listener.names" = ["CONTROLLER"]; + + "node.id" = 1; + "process.roles" = ["broker" "controller"]; + + "log.dirs" = ["/var/lib/apache-kafka"]; + "offsets.topic.replication.factor" = 1; + "transaction.state.log.replication.factor" = 1; + "transaction.state.log.min.isr" = 1; + }; }; - systemd.services.apache-kafka = { - after = ["zookeeper.service"]; - unitConfig.StateDirectory = "apache-kafka"; - }; + systemd.services.apache-kafka.unitConfig.StateDirectory = "apache-kafka"; + + # Open kafka to the outside world + networking.firewall.allowedTCPPorts = [9092]; - services.zookeeper = { + services.elasticsearch = { enable = true; - extraConf = '' - # Port conflicts by default with phoebus-alarm-logger's port - admin.enableServer=false - ''; + package = pkgs.elasticsearch7; }; - # Open kafka to the outside world - networking.firewall.allowedTCPPorts = [ - config.services.apache-kafka.port - ]; - # Elasticsearch, needed by Phoebus Alarm Logger, is not free software (SSPL | Elastic License). # To accept the license, add the code below: nixpkgs.config.allowUnfreePredicate = pkg: @@ -205,4 +212,3 @@ Here is a list of options you might want to set: ::: callout-warning Currently, Phoebus Alarm Server only supports plain SMTP. ::: - From f6b9a09fae4fec9740f821b35ec79c89c433f7a8 Mon Sep 17 00:00:00 2001 From: Minijackson Date: Fri, 5 Apr 2024 10:31:14 +0200 Subject: [PATCH 9/9] pkgs/psu-simulator: keep meta.mainProgram This fixes a warning in the StreamDevice check: > Package psu_simulator does not have the meta.mainProgram attribute --- pkgs/doc-support/psu-simulator/default.nix | 9 ++++++--- pkgs/epnix/tools/lewis/lib.nix | 1 - 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/pkgs/doc-support/psu-simulator/default.nix b/pkgs/doc-support/psu-simulator/default.nix index 2a850e08..ec2776ec 100644 --- a/pkgs/doc-support/psu-simulator/default.nix +++ b/pkgs/doc-support/psu-simulator/default.nix @@ -3,12 +3,15 @@ epnix, epnixLib, }: +# Use recursiveUpdate so that it doesn't override meta.mainProgram +lib.recursiveUpdate (epnix.mkLewisSimulator { - name = "psu_simulator"; - package = "psu_simulator"; + name = "psu-simulator"; source = ./.; + package = "psu_simulator"; + device = "psu_simulator"; }) -// { +{ pname = "psu_simulator"; version = "0.2.0"; diff --git a/pkgs/epnix/tools/lewis/lib.nix b/pkgs/epnix/tools/lewis/lib.nix index f6a61586..e90fd59e 100644 --- a/pkgs/epnix/tools/lewis/lib.nix +++ b/pkgs/epnix/tools/lewis/lib.nix @@ -1,5 +1,4 @@ { - lib, epnix, writeShellApplication, }: {