feat(ops/nixos/camden): Configure honk service r/639

author: Vincent Ambo <tazjin@google.com> 2020-04-19T22·58+0000
committer: Vincent Ambo <tazjin@google.com> 2020-04-19T22·58+0000
commit: 0f0f1a547f761ffd3a71fd3fbfaffb4044f3b628 (patch)
tree: 0244902316c5e0c9e150c327fc11d56524208be8 /ops
parent: 1ab6a8f263bcf26d045138060a414ebc410b50e7 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix
index d360ecc63b25..3bf0559b86d1 100644
--- a/ops/nixos/camden/default.nix
+++ b/ops/nixos/camden/default.nix
@@ -138,6 +138,24 @@ in lib.fix(self: {
     };
   };
 
+  # Run honk as the ActivityPub server, using all the fancy systemd
+  # magic.
+  systemd.services.honk = {
+    wantedBy = [ "multi-user.target" ];
+    script = lib.concatStringsSep " " [
+      "${depot.third_party.honk}/bin/honk"
+      "-datadir /var/lib/honk"
+      "-viewdir ${depot.third_party.honk.src}"
+    ];
+
+    serviceConfig = {
+      Restart = "always";
+      DynamicUser = true;
+      StateDirectory = "honk";
+      WorkingDirectory = "/var/lib/honk";
+    };
+  };
+
   # Provision a TLS certificate outside of nginx to avoid
   # nixpkgs#38144
   security.acme = {
author	Vincent Ambo <tazjin@google.com>	2020-04-19T22·58+0000
committer	Vincent Ambo <tazjin@google.com>	2020-04-19T22·58+0000
commit	0f0f1a547f761ffd3a71fd3fbfaffb4044f3b628 (patch)
tree	0244902316c5e0c9e150c327fc11d56524208be8 /ops
parent	1ab6a8f263bcf26d045138060a414ebc410b50e7 (diff)