]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/modules/services/misc/sourcehut/lists.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
sourcehut: type-check and describe settings
[sourcephile-nix.git] / nixos / modules / services / misc / sourcehut / lists.nix
1 # Email setup is fairly involved, useful references:
2 # https://drewdevault.com/2018/08/05/Local-mail-server.html
3
4 { config, lib, pkgs, ... }:
5
6 with lib;
7 let
8 cfg = config.services.sourcehut;
9 cfgIni = cfg.settings;
10 scfg = cfg.lists;
11 iniKey = "lists.sr.ht";
12
13 rcfg = config.services.redis;
14 drv = pkgs.sourcehut.listssrht;
15 in
16 {
17 options.services.sourcehut.lists = {
18 user = mkOption {
19 type = types.str;
20 default = "listssrht";
21 description = ''
22 User for lists.sr.ht.
23 '';
24 };
25
26 port = mkOption {
27 type = types.port;
28 default = 5006;
29 description = ''
30 Port on which the "lists" module should listen.
31 '';
32 };
33
34 database = mkOption {
35 type = types.str;
36 default = "lists.sr.ht";
37 description = ''
38 PostgreSQL database name for lists.sr.ht.
39 '';
40 };
41
42 statePath = mkOption {
43 type = types.path;
44 default = "${cfg.statePath}/listssrht";
45 description = ''
46 State path for lists.sr.ht.
47 '';
48 };
49 };
50
51 config = with scfg; lib.mkIf (cfg.enable && elem "lists" cfg.services) {
52 users = {
53 users = {
54 "${user}" = {
55 isSystemUser = true;
56 group = user;
57 extraGroups = [ "postfix" ];
58 description = "lists.sr.ht user";
59 };
60 };
61 groups = {
62 "${user}" = { };
63 };
64 };
65
66 services.postgresql = {
67 authentication = ''
68 local ${database} ${user} trust
69 '';
70 ensureDatabases = [ database ];
71 ensureUsers = [
72 {
73 name = user;
74 ensurePermissions = { "DATABASE \"${database}\"" = "ALL PRIVILEGES"; };
75 }
76 ];
77 };
78
79 systemd = {
80 tmpfiles.rules = [
81 "d ${statePath} 0750 ${user} ${user} -"
82 ];
83
84 services = {
85 listssrht = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
86 after = [ "postgresql.service" "network.target" ];
87 requires = [ "postgresql.service" ];
88 wantedBy = [ "multi-user.target" ];
89
90 description = "lists.sr.ht website service";
91
92 serviceConfig.ExecStart = "${cfg.python}/bin/gunicorn ${drv.pname}.app:app -b ${cfg.address}:${toString port}";
93 };
94
95 listssrht-process = {
96 after = [ "postgresql.service" "network.target" ];
97 requires = [ "postgresql.service" ];
98 wantedBy = [ "multi-user.target" ];
99
100 description = "lists.sr.ht process service";
101 serviceConfig = {
102 Type = "simple";
103 User = user;
104 Restart = "always";
105 ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.process worker --loglevel INFO --pool eventlet";
106 };
107 };
108
109 listssrht-lmtp = {
110 after = [ "postgresql.service" "network.target" ];
111 requires = [ "postgresql.service" ];
112 wantedBy = [ "multi-user.target" ];
113
114 description = "lists.sr.ht process service";
115 serviceConfig = {
116 Type = "simple";
117 User = user;
118 Restart = "always";
119 ExecStart = "${cfg.python}/bin/listssrht-lmtp";
120 };
121 };
122
123
124 listssrht-webhooks = {
125 after = [ "postgresql.service" "network.target" ];
126 requires = [ "postgresql.service" ];
127 wantedBy = [ "multi-user.target" ];
128
129 description = "lists.sr.ht webhooks service";
130 serviceConfig = {
131 Type = "simple";
132 User = user;
133 Restart = "always";
134 ExecStart = "${cfg.python}/bin/celery -A ${drv.pname}.webhooks worker --loglevel INFO --pool eventlet";
135 };
136 };
137 };
138 };
139
140 services.nginx.virtualHosts."lists.${cfg.originBase}" = {
141 forceSSL = true;
142 locations."/".proxyPass = "http://${cfg.address}:${toString port}";
143 locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
144 locations."/static".root = "${pkgs.sourcehut.listssrht}/${pkgs.sourcehut.python.sitePackages}/listssrht";
145 };
146 };
147 }
NixOS configurations for Sourcephile's infrastructure