networking: add patate to wg-intra

[sourcephile-nix.git] / nixos / modules / services / misc / sourcehut / meta.nix

diff --git a/nixos/modules/services/misc/sourcehut/meta.nix b/nixos/modules/services/misc/sourcehut/meta.nix
index 639820efc5e2c8e774b31a7552a928a988333e67..b065c3e5b362a9ce60a2018789aaaacc5536d4f0 100644 (file)
--- a/nixos/modules/services/misc/sourcehut/meta.nix
+++ b/nixos/modules/services/misc/sourcehut/meta.nix
@@ -12,6 +12,8 @@ let
 in
 {
   options.services.sourcehut.meta = {
+    enable = mkEnableOption "meta service";
+
     user = mkOption {
       type = types.str;
       default = "metasrht";
@@ -37,7 +39,7 @@ in
     };
   };
 
-  config = with scfg; lib.mkIf (cfg.enable && elem "meta" cfg.services) {
+  config = with scfg; lib.mkIf (cfg.enable && scfg.enable) {
     assertions =
       [
         {
@@ -60,7 +62,6 @@ in
       };
     };
 
-    services.cron.systemCronJobs = [ "0 0 * * * ${cfg.python}/bin/metasrht-daily" ];
     services.postgresql = {
       authentication = ''
         local ${database} ${user} trust
@@ -90,7 +91,7 @@ in
             '')
             (builtins.attrNames (filterAttrs (k: v:
               let srv = builtins.match "^([a-z]*)\\.sr\\.ht$" k; in
-              srv != null && elem (head srv) cfg.services &&
+              srv != null && cfg.${head srv}.enable &&
               ((v.oauth-client-id or null) != null)
               ) cfg.settings))}
         '';
@@ -110,7 +111,7 @@ in
         metasrht-api = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
           after = [ "postgresql.service" "network.target" ];
           requires = [ "postgresql.service" ];
-          wantedBy = [ "multi-user.target" ];
+          wantedBy = [ "metasrht.service" ];
 
           description = "meta.sr.ht api service";
 
@@ -119,10 +120,21 @@ in
           serviceConfig.ExecStart = "${pkgs.sourcehut.metasrht}/bin/metasrht-api -b :${toString (port + 100)}";
         };
 
+        metasrht-daily = import ./service.nix { inherit config pkgs lib; } scfg drv iniKey {
+          after = [ "metasrht.service" ];
+          requires = [ "metasrht.service" ];
+
+          description = "meta.sr.ht daily service";
+
+          serviceConfig.Type = mkForce "oneshot";
+          serviceConfig.Restart = mkForce "no";
+          serviceConfig.ExecStart = "${cfg.python}/bin/metasrht-daily";
+        };
+
         metasrht-webhooks = {
           after = [ "postgresql.service" "network.target" ];
           requires = [ "postgresql.service" ];
-          wantedBy = [ "multi-user.target" ];
+          wantedBy = [ "multi-user.service" ];
 
           description = "meta.sr.ht webhooks service";
           serviceConfig = {
@@ -136,11 +148,31 @@ in
       };
     };
 
+    systemd.timers = {
+      metasrht-daily = {
+        description = "metasrht daily timer";
+        wantedBy = [ "timers.target" ];
+        timerConfig = {
+          OnCalendar = "daily";
+          Persistent = true;
+          AccuracySec = "1h";
+        };
+      };
+    };
+
     services.nginx.virtualHosts."meta.${cfg.originBase}" = {
       forceSSL = true;
       locations."/".proxyPass = "http://${cfg.address}:${toString port}";
-      locations."/query".proxyPass = "http://${cfg.address}:${toString (port + 100)}";
+      locations."/query".proxyPass = cfgIni."meta.sr.ht".api-origin;
       locations."/static".root = "${pkgs.sourcehut.metasrht}/${pkgs.sourcehut.python.sitePackages}/metasrht";
     };
+
+    environment.systemPackages = [
+      (pkgs.linkFarm "metasrht" [
+        { name = "bin/metasrht-manageuser";
+          path = "${cfg.python}/bin/metasrht-manageuser";
+        }
+      ])
+    ];
   };
 }