diff options
author | Vincent Ambo <mail@tazj.in> | 2021-04-11T20·50+0200 |
---|---|---|
committer | tazjin <mail@tazj.in> | 2021-04-11T22·18+0000 |
commit | 90281c4eac4cd25045ed80c5f8f27c74898a02b3 (patch) | |
tree | 804425642af16b9e299d469ad6e21c6a23a400e9 /ops/modules/panettone.nix | |
parent | 7deabb8c8d6f4c7e58e2b16548b8a1895795963b (diff) |
refactor(ops): Split //ops/nixos into different locations r/2482
Splits //ops/nixos into: * //ops/nixos.nix - utility functions for building systems * //ops/machines - shared machine definitions (read by readTree) * //ops/modules - shared NixOS modules (skipped by readTree) This simplifies working with the configuration fixpoint in whitby, and is overall a bit more in line with how NixOS systems in user folders currently work. Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: glittershark <grfn@gws.fyi>
Diffstat (limited to 'ops/modules/panettone.nix')
-rw-r--r-- | ops/modules/panettone.nix | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/ops/modules/panettone.nix b/ops/modules/panettone.nix new file mode 100644 index 000000000000..51a7468578f4 --- /dev/null +++ b/ops/modules/panettone.nix @@ -0,0 +1,103 @@ +{ depot, config, lib, pkgs, ... }: + +let + cfg = config.services.depot.panettone; +in { + options.services.depot.panettone = with lib; { + enable = mkEnableOption "Panettone issue tracker"; + + port = mkOption { + description = "Port on which Panettone should listen"; + type = types.int; + default = 7268; + }; + + dbHost = mkOption { + description = "Postgresql host to connect to for Panettone"; + type = types.str; + default = "localhost"; + }; + + dbName = mkOption { + description = "Name of the database for Panettone"; + type = types.str; + default = "panettone"; + }; + + dbUser = mkOption { + description = "Name of the database user for Panettone"; + type = types.str; + default = "panettone"; + }; + + secretsFile = mkOption { + description = '' + Path to a file containing secrets, in the format accepted + by systemd's EnvironmentFile + ''; + type = types.str; + }; + + irccatHost = mkOption { + description = "Hostname for the irccat instance"; + type = types.str; + default = "localhost"; + }; + + irccatPort = mkOption { + description = "Port for the irccat instance"; + type = types.int; + default = 4722; + }; + + irccatChannel = mkOption { + description = "IRC channels to post to via irccat"; + type = types.str; + }; + }; + + config = lib.mkIf cfg.enable { + assertions = [{ + assertion = + cfg.dbHost != "localhost" || config.services.postgresql.enable; + message = "Panettone requires a postgresql database"; + } { + assertion = + cfg.dbHost != "localhost" || config.services.postgresql.enableTCPIP; + message = "Panettone can only connect to the postgresql database over TCP"; + } { + assertion = + cfg.dbHost != "localhost" || (lib.any + (user: user.name == cfg.dbUser) + config.services.postgresql.ensureUsers); + message = "Panettone requires a database user"; + } { + assertion = + cfg.dbHost != "localhost" || (lib.any + (db: db == cfg.dbName) + config.services.postgresql.ensureDatabases); + message = "Panettone requires a database"; + }]; + + systemd.services.panettone = { + wantedBy = [ "multi-user.target" ]; + script = "${depot.web.panettone}/bin/panettone"; + + serviceConfig = { + DynamicUser = true; + Restart = "always"; + EnvironmentFile = cfg.secretsFile; + }; + + environment = { + PANETTONE_PORT = toString cfg.port; + PGHOST = "localhost"; + PGUSER = cfg.dbUser; + PGDATABASE = cfg.dbName; + IRCCATHOST = cfg.irccatHost; + IRCCATPORT = toString cfg.irccatPort; + ISSUECHANNEL = cfg.irccatChannel; + }; + }; + }; +} |