From 503ac8c78253b8339fd99719a3c02658ddf6e70e Mon Sep 17 00:00:00 2001 From: Griffin Smith Date: Sun, 26 Dec 2021 16:06:07 -0500 Subject: feat(grfn/bbbg): Add NixOS module, deploy to mugwump Change-Id: I0299242982c183fa9fc1f26b1bacb14f8fc14b28 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4684 Reviewed-by: grfn Reviewed-by: zseri Autosubmit: grfn Tested-by: BuildkiteCI --- users/grfn/bbbg/module.nix | 135 ++++++++++++++++++++++++++++++++++++++++ users/grfn/bbbg/src/bbbg/db.clj | 2 +- 2 files changed, 136 insertions(+), 1 deletion(-) create mode 100644 users/grfn/bbbg/module.nix (limited to 'users/grfn/bbbg') diff --git a/users/grfn/bbbg/module.nix b/users/grfn/bbbg/module.nix new file mode 100644 index 000000000000..cff971396277 --- /dev/null +++ b/users/grfn/bbbg/module.nix @@ -0,0 +1,135 @@ +{ config, lib, pkgs, depot, ... }: + +let + bbbg = depot.users.grfn.bbbg; + cfg = config.services.bbbg; +in { + options = with lib; { + services.bbbg = { + enable = mkEnableOption "BBBG Server"; + + port = mkOption { + type = types.int; + default = 7222; + description = "Port to listen to for the HTTP server"; + }; + + domain = mkOption { + type = types.str; + default = "bbbg.gws.fyi"; + description = "Domain to host under"; + }; + + proxy = { + enable = mkEnableOption "NGINX reverse proxy"; + }; + + database = { + enable = mkEnableOption "BBBG Database Server"; + + user = mkOption { + type = types.str; + default = "bbbg"; + description = "Database username"; + }; + + host = mkOption { + type = types.str; + default = "localhost"; + description = "Database host"; + }; + + name = mkOption { + type = types.str; + default = "bbbg"; + description = "Database name"; + }; + + port = mkOption { + type = types.int; + default = 5432; + description = "Database host"; + }; + }; + }; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.enable { + systemd.services.bbbg-server = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + DynamicUser = true; + Restart = "always"; + EnvironmentFile = "/run/agenix/bbbg"; + }; + + environment = { + PGHOST = cfg.database.host; + PGUSER = cfg.database.user; + PGDATABASE = cfg.database.name; + PORT = toString cfg.port; + }; + + script = "${bbbg.server}/bin/bbbg-server"; + }; + + systemd.services.migrate-bbbg = { + description = "Run database migrations for BBBG"; + wantedBy = [ "bbbg-server.service" ]; + after = ([ "network.target" ] + ++ (if cfg.database.enable + then ["postgresql.service"] + else [])); + + serviceConfig = { + Type = "oneshot"; + EnvironmentFile = "/run/agenix/bbbg"; + }; + + environment = { + PGHOST = cfg.database.host; + PGUSER = cfg.database.user; + PGDATABASE = cfg.database.name; + }; + + script = "${bbbg.db-util}/bin/bbbg-db-util migrate"; + }; + }) + (lib.mkIf cfg.database.enable { + services.postgresql = { + enable = true; + authentication = lib.mkForce '' + local all all trust + host all all 127.0.0.1/32 password + host all all ::1/128 password + hostnossl all all 127.0.0.1/32 password + hostnossl all all ::1/128 password + ''; + + ensureDatabases = [ + cfg.database.name + ]; + + ensureUsers = [{ + name = cfg.database.user; + ensurePermissions = { + "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; + }; + }]; + }; + }) + (lib.mkIf cfg.proxy.enable { + services.nginx = { + enable = true; + virtualHosts."${cfg.domain}" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://localhost:${toString cfg.port}"; + }; + }; + }) + ]; +} diff --git a/users/grfn/bbbg/src/bbbg/db.clj b/users/grfn/bbbg/src/bbbg/db.clj index a775574b7a0c..5bbf88925aa1 100644 --- a/users/grfn/bbbg/src/bbbg/db.clj +++ b/users/grfn/bbbg/src/bbbg/db.clj @@ -353,7 +353,7 @@ ~@body))) (defn -main [& args] - (let [db (component/start (make-database {::config (env->config)}))] + (let [db (component/start (make-database (env->config)))] (case (first args) "migrate" (migrate! db) "rollback" (rollback! db)))) -- cgit 1.4.1