diff --git a/nixos/module-list.nix b/nixos/module-list.nix
index 52cb3bae..5157496c 100644
--- a/nixos/module-list.nix
+++ b/nixos/module-list.nix
@@ -3,6 +3,7 @@
./modules/ca-gateway.nix
./modules/phoebus/alarm-logger.nix
./modules/phoebus/alarm-server.nix
+ ./modules/phoebus/scan-server.nix
./modules/phoebus/olog.nix
./modules/phoebus/save-and-restore.nix
]
diff --git a/nixos/modules/phoebus/scan-server.nix b/nixos/modules/phoebus/scan-server.nix
new file mode 100644
index 00000000..99572492
--- /dev/null
+++ b/nixos/modules/phoebus/scan-server.nix
@@ -0,0 +1,86 @@
+{
+ config,
+ epnixLib,
+ lib,
+ pkgs,
+ ...
+}: let
+ cfg = config.services.phoebus-scan-server;
+ buildConfig = settings: with lib; concatLines (mapAttrsToList (k: v: "<${k}>${builtins.toString v}") settings);
+ mainConfig = buildConfig cfg.settings;
+ pvConfig = with lib; concatLines (map (pv: "${buildConfig pv}") cfg.pvs);
+
+ rawConfigFile = pkgs.writeText "scan_config_raw.xml" ''
+
+
+
+
+
+ ${mainConfig}
+
+
+ ${pvConfig}
+
+ '';
+
+ schema = "${pkgs.epnix.phoebus-scan-server.src}/services/scan-server/src/main/resources/config/scan_config.xsd";
+ configFile = pkgs.runCommand "scan_config.xml" {nativeBuildInputs = [pkgs.libxml2];} ''
+ xmllint --schema ${schema} --format ${rawConfigFile} > $out
+ '';
+in {
+ options.services.phoebus-scan-server = {
+ enable = lib.mkEnableOption "the Phoebus scan server";
+
+ settings = lib.mkOption {
+ description = ''
+ Configuration for Phoebus scan server
+
+ Will be converted to an XML file
+
+ PVs are not specified here but in services.phoebus-scan-server.pvs
+ '';
+
+ default = {};
+ type = lib.types.submodule {
+ freeformType = with lib.types; attrsOf (oneOf [str int]);
+
+ options.port = lib.mkOption {
+ type = lib.types.port;
+
+ default = 4810;
+ };
+ };
+ };
+
+ pvs = lib.mkOption {
+ default = [];
+ type = lib.types.listOf (lib.types.submodule {
+ freeformType = with lib.types; attrsOf str;
+ });
+ };
+
+ openFirewall = lib.mkOption {
+ description = ''
+ Open the firewall for the Phoebus Scan Server.
+
+ Warning: this opens the firewall on all network interfaces.
+ '';
+ type = lib.types.bool;
+ default = false;
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ systemd.services.phoebus-scan-server = {
+ description = "Phoebus Scan Server";
+
+ wantedBy = ["multi-user.target"];
+
+ serviceConfig = {
+ ExecStart = "${lib.getExe pkgs.epnix.phoebus-scan-server} -config ${configFile} -noshell";
+ };
+ };
+
+ networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall [cfg.settings.port];
+ };
+}
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 01289bc3..020c22f8 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -20,4 +20,5 @@ in {
phoebus-alarm = handleTest ./phoebus/alarm.nix {};
phoebus-olog = handleTest ./phoebus/olog.nix {};
phoebus-save-and-restore = handleTest ./phoebus/save-and-restore.nix {};
+ phoebus-scan-server = handleTest ./phoebus/scan-server.nix {};
}
diff --git a/nixos/tests/phoebus/scan-server.nix b/nixos/tests/phoebus/scan-server.nix
new file mode 100644
index 00000000..abc6fe0c
--- /dev/null
+++ b/nixos/tests/phoebus/scan-server.nix
@@ -0,0 +1,29 @@
+{
+ lib,
+ epnixLib,
+ ...
+}: {
+ name = "phoebus-scan-server-simple-check";
+ meta.maintainers = with epnixLib.maintainers; [synthetica];
+
+ nodes = {
+ server = {
+ services.phoebus-scan-server = {
+ enable = true;
+ openFirewall = true;
+ };
+ };
+
+ client = {};
+ };
+
+ testScript = ''
+ start_all()
+ server.wait_for_unit('phoebus-scan-server.service')
+ print(server.succeed('systemctl status phoebus-scan-server'))
+ server.wait_for_open_port(4810)
+ info = client.succeed('curl http://server:4810/server/info')
+ print('Server claims following info:')
+ print(info)
+ '';
+}