From c8a2e6324289db50b412b05e2f6235892ddce8ef Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 13:47:06 -0500
Subject: [PATCH 1/7] ipfs: copy systemd support files to output

---
 pkgs/applications/networking/ipfs/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/applications/networking/ipfs/default.nix b/pkgs/applications/networking/ipfs/default.nix
index 5aa270aa8f0f..8f141b0eade3 100644
--- a/pkgs/applications/networking/ipfs/default.nix
+++ b/pkgs/applications/networking/ipfs/default.nix
@@ -26,6 +26,14 @@ buildGoModule rec {
 
   vendorSha256 = null;
 
+  postInstall = ''
+    install -D misc/systemd/ipfs.service $out/etc/systemd/system/ipfs.service
+    install -D misc/systemd/ipfs-api.socket $out/etc/systemd/system/ipfs-api.socket
+    install -D misc/systemd/ipfs-gateway.socket $out/etc/systemd/system/ipfs-gateway.socket
+    substituteInPlace $out/etc/systemd/system/ipfs.service \
+      --replace /usr/bin/ipfs $out/bin/ipfs
+  '';
+
   meta = with stdenv.lib; {
     description = "A global, versioned, peer-to-peer filesystem";
     homepage = "https://ipfs.io/";

From 74ff433320a6363a3a7e1fff5ac38a13fc737d94 Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 14:32:06 -0500
Subject: [PATCH 2/7] nixos/ipfs: remove unused auto migrate feature

---
 .../modules/services/network-filesystems/ipfs.nix  | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index 1f5c14d777d7..1e97dcd1731f 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -7,7 +7,6 @@ let
 
   ipfsFlags = toString ([
     (optionalString  cfg.autoMount                   "--mount")
-    #(optionalString  cfg.autoMigrate                 "--migrate")
     (optionalString  cfg.enableGC                    "--enable-gc")
     (optionalString (cfg.serviceFdlimit != null)     "--manage-fdlimit=false")
     (optionalString (cfg.defaultMode == "offline")   "--offline")
@@ -36,7 +35,6 @@ let
 
   baseService = recursiveUpdate commonEnv {
     wants = [ "ipfs-init.service" ];
-    # NB: migration must be performed prior to pre-start, else we get the failure message!
     preStart = optionalString cfg.autoMount ''
       ipfs --local config Mounts.FuseAllowOther --json true
       ipfs --local config Mounts.IPFS ${cfg.ipfsMountDir}
@@ -98,18 +96,6 @@ in {
         description = "systemd service that is enabled by default";
       };
 
-      /*
-      autoMigrate = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Whether IPFS should try to migrate the file system automatically.
-
-          The daemon will need to be able to download a binary from https://ipfs.io to perform the migration.
-        '';
-      };
-      */
-
       autoMount = mkOption {
         type = types.bool;
         default = false;

From c5f40198f384697bc96faf3e29a1e69c29e2ca6c Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 15:27:22 -0500
Subject: [PATCH 3/7] nixos/ipfs: consolidate services into one ipfs.service

Previously we had three services for different config flavors. This is
confusing because only one instance of IPFS can run on a host / port
combination at once. So move all into ipfs.service, which contains the
configuration specified in services.ipfs.

Also remove the env wrapper and just use systemd env configuration.
---
 .../services/network-filesystems/ipfs.nix     | 118 +++++++-----------
 1 file changed, 44 insertions(+), 74 deletions(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index 1e97dcd1731f..9b8fe6d5f10b 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -1,8 +1,6 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
-  inherit (pkgs) ipfs runCommand makeWrapper;
-
   cfg = config.services.ipfs;
 
   ipfsFlags = toString ([
@@ -13,55 +11,6 @@ let
     (optionalString (cfg.defaultMode == "norouting") "--routing=none")
   ] ++ cfg.extraFlags);
 
-  defaultDataDir = if versionAtLeast config.system.stateVersion "17.09" then
-    "/var/lib/ipfs" else
-    "/var/lib/ipfs/.ipfs";
-
-  # Wrapping the ipfs binary with the environment variable IPFS_PATH set to dataDir because we can't set it in the user environment
-  wrapped = runCommand "ipfs" { buildInputs = [ makeWrapper ]; preferLocalBuild = true; } ''
-    mkdir -p "$out/bin"
-    makeWrapper "${ipfs}/bin/ipfs" "$out/bin/ipfs" \
-      --set IPFS_PATH ${cfg.dataDir} \
-      --prefix PATH : /run/wrappers/bin
-  '';
-
-
-  commonEnv = {
-    environment.IPFS_PATH = cfg.dataDir;
-    path = [ wrapped ];
-    serviceConfig.User = cfg.user;
-    serviceConfig.Group = cfg.group;
-  };
-
-  baseService = recursiveUpdate commonEnv {
-    wants = [ "ipfs-init.service" ];
-    preStart = optionalString cfg.autoMount ''
-      ipfs --local config Mounts.FuseAllowOther --json true
-      ipfs --local config Mounts.IPFS ${cfg.ipfsMountDir}
-      ipfs --local config Mounts.IPNS ${cfg.ipnsMountDir}
-    '' + concatStringsSep "\n" (collect
-          isString
-          (mapAttrsRecursive
-            (path: value:
-            # Using heredoc below so that the value is never improperly quoted
-            ''
-              read value <<EOF
-              ${builtins.toJSON value}
-              EOF
-              ipfs --local config --json "${concatStringsSep "." path}" "$value"
-            '')
-            ({ Addresses.API = cfg.apiAddress;
-               Addresses.Gateway = cfg.gatewayAddress;
-               Addresses.Swarm = cfg.swarmAddress;
-            } //
-            cfg.extraConfig))
-        );
-    serviceConfig = {
-      ExecStart = "${wrapped}/bin/ipfs daemon ${ipfsFlags}";
-      Restart = "on-failure";
-      RestartSec = 1;
-    } // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; };
-  };
 in {
 
   ###### interface
@@ -86,7 +35,9 @@ in {
 
       dataDir = mkOption {
         type = types.str;
-        default = defaultDataDir;
+        default = if versionAtLeast config.system.stateVersion "17.09"
+                  then "/var/lib/ipfs"
+                  else "/var/lib/ipfs/.ipfs";
         description = "The data dir for IPFS";
       };
 
@@ -191,7 +142,9 @@ in {
   ###### implementation
 
   config = mkIf cfg.enable {
-    environment.systemPackages = [ wrapped ];
+    environment.systemPackages = [ pkgs.ipfs ];
+    environment.variables.IPFS_PATH = cfg.dataDir;
+
     programs.fuse = mkIf cfg.autoMount {
       userAllowOther = true;
     };
@@ -220,10 +173,12 @@ in {
       "d '${cfg.ipnsMountDir}' - ${cfg.user} ${cfg.group} - -"
     ];
 
-    systemd.services.ipfs-init = recursiveUpdate commonEnv {
+    systemd.services.ipfs-init = {
       description = "IPFS Initializer";
 
-      before = [ "ipfs.service" "ipfs-offline.service" "ipfs-norouting.service" ];
+      environment.IPFS_PATH = cfg.dataDir;
+
+      path = [ pkgs.ipfs ];
 
       script = ''
         if [[ ! -f ${cfg.dataDir}/config ]]; then
@@ -240,31 +195,46 @@ in {
       serviceConfig = {
         Type = "oneshot";
         RemainAfterExit = true;
+        User = cfg.user;
+        Group = cfg.group;
       };
     };
 
-    # TODO These 3 definitions possibly be further abstracted through use of a function
-    # like: mutexServices "ipfs" [ "", "offline", "norouting" ] { ... shared conf here ... }
+    systemd.services.ipfs = {
+      path = [ "/run/wrappers" pkgs.ipfs ];
+      environment.IPFS_PATH = cfg.dataDir;
 
-    systemd.services.ipfs = recursiveUpdate baseService {
-      description = "IPFS Daemon";
-      wantedBy = mkIf (cfg.defaultMode == "online") [ "multi-user.target" ];
-      after = [ "network.target" "ipfs-init.service" ];
-      conflicts = [ "ipfs-offline.service" "ipfs-norouting.service"];
-    };
-
-    systemd.services.ipfs-offline = recursiveUpdate baseService {
-      description = "IPFS Daemon (offline mode)";
-      wantedBy = mkIf (cfg.defaultMode == "offline") [ "multi-user.target" ];
+      wants = [ "ipfs-init.service" ];
       after = [ "ipfs-init.service" ];
-      conflicts = [ "ipfs.service" "ipfs-norouting.service"];
-    };
 
-    systemd.services.ipfs-norouting = recursiveUpdate baseService {
-      description = "IPFS Daemon (no routing mode)";
-      wantedBy = mkIf (cfg.defaultMode == "norouting") [ "multi-user.target" ];
-      after = [ "ipfs-init.service" ];
-      conflicts = [ "ipfs.service" "ipfs-offline.service"];
+      wantedBy = [ "default.target" ];
+
+      preStart = optionalString cfg.autoMount ''
+        ipfs --local config Mounts.FuseAllowOther --json true
+        ipfs --local config Mounts.IPFS ${cfg.ipfsMountDir}
+        ipfs --local config Mounts.IPNS ${cfg.ipnsMountDir}
+      '' + concatStringsSep "\n" (collect
+            isString
+            (mapAttrsRecursive
+              (path: value:
+              # Using heredoc below so that the value is never improperly quoted
+              ''
+                read value <<EOF
+                ${builtins.toJSON value}
+                EOF
+                ipfs --local config --json "${concatStringsSep "." path}" "$value"
+              '')
+              ({ Addresses.API = cfg.apiAddress;
+                 Addresses.Gateway = cfg.gatewayAddress;
+                 Addresses.Swarm = cfg.swarmAddress;
+              } //
+              cfg.extraConfig))
+          );
+      serviceConfig = {
+        ExecStart = "${pkgs.ipfs}/bin/ipfs daemon ${ipfsFlags}";
+        User = cfg.user;
+        Group = cfg.group;
+      } // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; };
     };
 
   };

From b36ef706fb8d10d3602179c1975eb62b1c3a9ac3 Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 15:45:39 -0500
Subject: [PATCH 4/7] nixos/ipfs: add startWhenNeeded option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This makes it possible to only start IPFS when needed. So a user’s
IPFS daemon only starts when they actually use it.

A few important warnings though:

  - This probably shouldn’t be mixed with services.ipfs.autoMount
    since you want /ipfs and /ipns aren’t activated like this
  - ipfs.socket assumes that you are using ports 5001 and 8080 for the
    API and gateway respectively. We could do some parsing to figure
    out what is in apiAddress and gatewayAddress, but that’s kind of
    difficult given the nonstandard address format.
  - Apparently? this doesn’t work with the --api commands used in the tests.

Of course you can always start automatically with startWhenNeeded =
false, or just running ‘systemctl start ipfs.service’.

Tested with the following test (modified from tests/ipfs.nix):

  import ./make-test-python.nix ({ pkgs, ...} : {
    name = "ipfs";

    nodes.machine = { ... }: {
      services.ipfs = {
        enable = true;
        startWhenNeeded = true;
      };
    };

    testScript = ''
      start_all()

      machine.wait_until_succeeds("ipfs id")
      ipfs_hash = machine.succeed("echo fnord | ipfs add | awk '{ print $2 }'")

      machine.succeed(f"ipfs cat /ipfs/{ipfs_hash.strip()} | grep fnord")
    '';
  })

Fixes #90145

Update nixos/modules/services/network-filesystems/ipfs.nix

Co-authored-by: Florian Klink <flokli@flokli.de>
---
 .../services/network-filesystems/ipfs.nix     | 22 +++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index 9b8fe6d5f10b..f7a611399923 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -136,6 +136,12 @@ in {
         example = 64*1024;
       };
 
+      startWhenNeeded = mkOption {
+        type = types.bool;
+        default = false;
+        description = "Whether to use socket activation to start IPFS when needed.";
+      };
+
     };
   };
 
@@ -192,6 +198,8 @@ in {
         fi
       '';
 
+      wantedBy = [ "default.target" ];
+
       serviceConfig = {
         Type = "oneshot";
         RemainAfterExit = true;
@@ -207,8 +215,6 @@ in {
       wants = [ "ipfs-init.service" ];
       after = [ "ipfs-init.service" ];
 
-      wantedBy = [ "default.target" ];
-
       preStart = optionalString cfg.autoMount ''
         ipfs --local config Mounts.FuseAllowOther --json true
         ipfs --local config Mounts.IPFS ${cfg.ipfsMountDir}
@@ -235,6 +241,18 @@ in {
         User = cfg.user;
         Group = cfg.group;
       } // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; };
+    } // optionalAttrs (!cfg.startWhenNeeded) {
+      wantedBy = [ "default.target" ];
+    };
+
+    # Note the upstream service assumes default host / port
+    # we should override it when a custom is provided above.
+    systemd.sockets.ipfs-gateway = mkIf cfg.startWhenNeeded {
+      wantedBy = [ "sockets.target" ];
+    };
+
+    systemd.sockets.ipfs-api = mkIf cfg.startWhenNeeded {
+      wantedBy = [ "sockets.target" ];
     };
 
   };

From fa06d8f96121daa8863b57dfd9f99e8237c07afe Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 16:59:11 -0500
Subject: [PATCH 5/7] nixos/ipfs: actually use upstream systemd units

---
 nixos/modules/services/network-filesystems/ipfs.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index f7a611399923..7c376207db4e 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -179,6 +179,8 @@ in {
       "d '${cfg.ipnsMountDir}' - ${cfg.user} ${cfg.group} - -"
     ];
 
+    systemd.packages = [ pkgs.ipfs ];
+
     systemd.services.ipfs-init = {
       description = "IPFS Initializer";
 
@@ -237,7 +239,7 @@ in {
               cfg.extraConfig))
           );
       serviceConfig = {
-        ExecStart = "${pkgs.ipfs}/bin/ipfs daemon ${ipfsFlags}";
+        ExecStart = ["" "${pkgs.ipfs}/bin/ipfs daemon ${ipfsFlags}"];
         User = cfg.user;
         Group = cfg.group;
       } // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; };

From 982a17a48e454df80c5ab84de0e17948462f8970 Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 16:59:38 -0500
Subject: [PATCH 6/7] nixos/ipfs: always expose sockets

---
 nixos/modules/services/network-filesystems/ipfs.nix | 5 +++--
 nixos/tests/ipfs.nix                                | 7 +++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index 7c376207db4e..a5f514974f26 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -249,12 +249,13 @@ in {
 
     # Note the upstream service assumes default host / port
     # we should override it when a custom is provided above.
-    systemd.sockets.ipfs-gateway = mkIf cfg.startWhenNeeded {
+    systemd.sockets.ipfs-gateway = {
       wantedBy = [ "sockets.target" ];
     };
 
-    systemd.sockets.ipfs-api = mkIf cfg.startWhenNeeded {
+    systemd.sockets.ipfs-api = {
       wantedBy = [ "sockets.target" ];
+      socketConfig.ListenStream = [ "%t/ipfs.sock" ];
     };
 
   };
diff --git a/nixos/tests/ipfs.nix b/nixos/tests/ipfs.nix
index 4d721aec0c73..82234f969226 100644
--- a/nixos/tests/ipfs.nix
+++ b/nixos/tests/ipfs.nix
@@ -21,5 +21,12 @@ import ./make-test-python.nix ({ pkgs, ...} : {
     )
 
     machine.succeed(f"ipfs cat /ipfs/{ipfs_hash.strip()} | grep fnord")
+
+    ipfs_hash = machine.succeed(
+        "echo fnord2 | ipfs --api /unix/run/ipfs.sock add | awk '{ print $2 }'"
+    )
+    machine.succeed(
+        f"ipfs --api /unix/run/ipfs.sock cat /ipfs/{ipfs_hash.strip()} | grep fnord2"
+    )
   '';
 })

From 2c2f6c0b381ab89c44098d22c1f643c5f90d3415 Mon Sep 17 00:00:00 2001
From: Matthew Bauer <mjbauer95@gmail.com>
Date: Thu, 11 Jun 2020 17:53:59 -0500
Subject: [PATCH 7/7] nixos/ipfs: only set listenstream when gateway/api is
 default

---
 nixos/modules/services/network-filesystems/ipfs.nix | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix
index a5f514974f26..a3bd40135d19 100644
--- a/nixos/modules/services/network-filesystems/ipfs.nix
+++ b/nixos/modules/services/network-filesystems/ipfs.nix
@@ -1,7 +1,8 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, options, ... }:
 with lib;
 let
   cfg = config.services.ipfs;
+  opt = options.services.ipfs;
 
   ipfsFlags = toString ([
     (optionalString  cfg.autoMount                   "--mount")
@@ -247,15 +248,16 @@ in {
       wantedBy = [ "default.target" ];
     };
 
-    # Note the upstream service assumes default host / port
-    # we should override it when a custom is provided above.
     systemd.sockets.ipfs-gateway = {
       wantedBy = [ "sockets.target" ];
+      socketConfig.ListenStream = [ "" ]
+        ++ lib.optional (cfg.gatewayAddress == opt.gatewayAddress.default) [ "127.0.0.1:8080" "[::1]:8080" ];
     };
 
     systemd.sockets.ipfs-api = {
       wantedBy = [ "sockets.target" ];
-      socketConfig.ListenStream = [ "%t/ipfs.sock" ];
+      socketConfig.ListenStream = [ "" "%t/ipfs.sock" ]
+        ++ lib.optional (cfg.apiAddress == opt.apiAddress.default) [ "127.0.0.1:5001" "[::1]:5001" ];
     };
 
   };