nixpkgs/nixos/modules/services/web-servers/jboss/default.nix
Renaud 72619a86c9 JBoss AS: list known vulnerability
CVE-2015-7501

Warning in JBoss module
2017-03-13 18:45:19 +01:00

80 lines
1.8 KiB
Nix

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.jboss;
jbossService = pkgs.stdenv.mkDerivation {
name = "jboss-server";
builder = ./builder.sh;
inherit (pkgs) jboss su;
inherit (cfg) tempDir logDir libUrl deployDir serverDir user useJK;
};
in
{
###### interface
options = {
services.jboss = {
enable = mkOption {
default = false;
description = "Whether to enable JBoss. WARNING : this package is outdated and is known to have vulnerabilities.";
};
tempDir = mkOption {
default = "/tmp";
description = "Location where JBoss stores its temp files";
};
logDir = mkOption {
default = "/var/log/jboss";
description = "Location of the logfile directory of JBoss";
};
serverDir = mkOption {
description = "Location of the server instance files";
default = "/var/jboss/server";
};
deployDir = mkOption {
description = "Location of the deployment files";
default = "/nix/var/nix/profiles/default/server/default/deploy/";
};
libUrl = mkOption {
default = "file:///nix/var/nix/profiles/default/server/default/lib";
description = "Location where the shared library JARs are stored";
};
user = mkOption {
default = "nobody";
description = "User account under which jboss runs.";
};
useJK = mkOption {
default = false;
description = "Whether to use to connector to the Apache HTTP server";
};
};
};
###### implementation
config = mkIf config.services.jboss.enable {
systemd.services.jboss = {
description = "JBoss server";
script = "${jbossService}/bin/control start";
wantedBy = [ "multi-user.target" ];
};
};
}