thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 02:41:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add path option for module

Browse Source
This commit is contained in:
thiloho
2024-08-13 18:27:43 +02:00
parent 96c00096b4
commit 6785bd0dfa
4 changed files with 39 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
flake.nix
View File

@@ -89,7 +89,10 @@
}; };
demo-server = nixpkgs.lib.nixosSystem { demo-server = nixpkgs.lib.nixosSystem {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ ./nix/demo-server ]; modules = [
./nix/demo-server
{ _module.args.localArchtikaPackage = self.packages."aarch64-linux".default; }
];
}; };
}; };

26
nix/demo-server/default.nix
View File

@@ -1,6 +1,9 @@
{ pkgs, ... }: { pkgs, localArchtikaPackage, ... }:
{ {
imports = [ ./hardware-configuration.nix ]; imports = [
./hardware-configuration.nix
../module.nix
];
boot = { boot = {
loader = { loader = {
@@ -19,9 +22,16 @@
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
networking.networkmanager.enable = true; networking = {
hostName = "archtika-demo-server";
networking.hostName = "archtika-demo-server"; networkmanager.enable = true;
firewall = {
allowedTCPPorts = [
10000
15000
];
};
};
security.pam = { security.pam = {
sshAgentAuth.enable = true; sshAgentAuth.enable = true;
@@ -52,5 +62,11 @@
settings.PasswordAuthentication = false; settings.PasswordAuthentication = false;
}; };
services.archtika = {
enable = true;
package = localArchtikaPackage;
jwtSecret = "a42kVyAhTImYxZeebZkApoAZLmf0VtDA";
};
system.stateVersion = "24.11"; system.stateVersion = "24.11";
} }

20
nix/module.nix
View File

@@ -35,8 +35,8 @@ in
}; };
jwtSecret = mkOption { jwtSecret = mkOption {
type = types.str; type = types.either types.str types.path;
description = "JWT secret for archtika."; description = "JWT secret for archtika. Can be a string or a path to a file containing the secret";
}; };
port = mkOption { port = mkOption {
@@ -82,13 +82,19 @@ in
Restart = "always"; Restart = "always";
}; };
script = '' script =
${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.jwt_secret\" TO '${cfg.jwtSecret}'" let
getSecret = if isPath cfg.jwtSecret then "cat ${cfg.jwtSecret}" else "echo -n '${cfg.jwtSecret}'";
in
''
JWT_SECRET=$(${getSecret})
${pkgs.dbmate}/bin/dbmate --url postgres://postgres@localhost:5432/archtika?sslmode=disable --migrations-dir ${cfg.package}/rest-api/db/migrations up ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.jwt_secret\" TO '$JWT_SECRET'"
PGRST_SERVER_PORT=${toString cfg.port} PGRST_DB_SCHEMAS="api" PGRST_DB_ANON_ROLE="anon" PGRST_OPENAPI_MODE="ignore-privileges" PGRST_DB_URI="postgres://authenticator@localhost:5432/${cfg.databaseName}" PGRST_JWT_SECRET="${cfg.jwtSecret}" ${pkgs.postgrest}/bin/postgrest ${pkgs.dbmate}/bin/dbmate --url postgres://postgres@localhost:5432/archtika?sslmode=disable --migrations-dir ${cfg.package}/rest-api/db/migrations up
'';
PGRST_SERVER_PORT=${toString cfg.port} PGRST_DB_SCHEMAS="api" PGRST_DB_ANON_ROLE="anon" PGRST_OPENAPI_MODE="ignore-privileges" PGRST_DB_URI="postgres://authenticator@localhost:5432/${cfg.databaseName}" PGRST_JWT_SECRET="$JWT_SECRET" ${pkgs.postgrest}/bin/postgrest
'';
}; };
systemd.services.archtika-web = { systemd.services.archtika-web = {

2
nix/package.nix
View File

@@ -13,7 +13,7 @@ let
inherit pname version; inherit pname version;
name = "archtika-web-app"; name = "archtika-web-app";
src = ../web-app; src = ../web-app;
npmDepsHash = "sha256-DmIII/x5ANlEpKtnZC/JlbVAvhbgnSiNn8hkj+qVCZY="; npmDepsHash = "sha256-FHmDvKyfQ33MWABmqL59PxIL47MMvevaiJhGTwXivFI=";
npmFlags = [ "--legacy-peer-deps" ]; npmFlags = [ "--legacy-peer-deps" ];
installPhase = '' installPhase = ''
mkdir -p $out/web-app mkdir -p $out/web-app