]>
Commit | Line | Data |
---|---|---|
d42bbbe6 IB |
1 | { lib, pkgs, config, ... }: |
2 | let | |
3 | name = "peertube"; | |
4 | cfg = config.services.peertube; | |
5 | ||
6 | uid = config.ids.uids.peertube; | |
7 | gid = config.ids.gids.peertube; | |
8 | in | |
9 | { | |
10 | options.services.peertube = { | |
11 | enable = lib.mkEnableOption "Enable Peertube’s service"; | |
12 | user = lib.mkOption { | |
13 | type = lib.types.str; | |
14 | default = name; | |
15 | description = "User account under which Peertube runs"; | |
16 | }; | |
17 | group = lib.mkOption { | |
18 | type = lib.types.str; | |
19 | default = name; | |
20 | description = "Group under which Peertube runs"; | |
21 | }; | |
22 | dataDir = lib.mkOption { | |
23 | type = lib.types.path; | |
24 | default = "/var/lib/${name}"; | |
25 | description = '' | |
26 | The directory where Peertube stores its data. | |
27 | ''; | |
28 | }; | |
29 | configFile = lib.mkOption { | |
30 | type = lib.types.path; | |
31 | description = '' | |
32 | The configuration file path for Peertube. | |
33 | ''; | |
34 | }; | |
35 | package = lib.mkOption { | |
36 | type = lib.types.package; | |
37 | default = pkgs.webapps.peertube; | |
38 | description = '' | |
39 | Peertube package to use. | |
40 | ''; | |
41 | }; | |
2a5cde8d IB |
42 | # Output variables |
43 | systemdStateDirectory = lib.mkOption { | |
44 | type = lib.types.str; | |
45 | # Use ReadWritePaths= instead if varDir is outside of /var/lib | |
46 | default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir; | |
47 | lib.strings.removePrefix "/var/lib/" cfg.dataDir; | |
48 | description = '' | |
49 | Adjusted Peertube data directory for systemd | |
50 | ''; | |
51 | readOnly = true; | |
52 | }; | |
d42bbbe6 IB |
53 | }; |
54 | ||
55 | config = lib.mkIf cfg.enable { | |
56 | users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton { | |
57 | inherit name; | |
58 | inherit uid; | |
59 | group = cfg.group; | |
60 | description = "Peertube user"; | |
61 | home = cfg.dataDir; | |
62 | useDefaultShell = true; | |
63 | }); | |
64 | users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton { | |
65 | inherit name; | |
66 | inherit gid; | |
67 | }); | |
68 | ||
69 | systemd.services.peertube = { | |
70 | description = "Peertube"; | |
71 | wantedBy = [ "multi-user.target" ]; | |
72 | after = [ "network.target" "postgresql.service" ]; | |
73 | wants = [ "postgresql.service" ]; | |
74 | ||
75 | environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config"; | |
76 | environment.NODE_ENV = "production"; | |
77 | environment.HOME = cfg.package; | |
78 | ||
79 | path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; | |
80 | ||
81 | script = '' | |
2a5cde8d IB |
82 | install -m 0750 -d ${cfg.dataDir}/config |
83 | ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml | |
d42bbbe6 IB |
84 | exec npm run start |
85 | ''; | |
86 | ||
87 | serviceConfig = { | |
88 | User = cfg.user; | |
89 | Group = cfg.group; | |
90 | WorkingDirectory = cfg.package; | |
2a5cde8d IB |
91 | StateDirectory = cfg.systemdStateDirectory; |
92 | StateDirectoryMode = 0750; | |
d42bbbe6 IB |
93 | PrivateTmp = true; |
94 | ProtectHome = true; | |
95 | ProtectControlGroups = true; | |
96 | Restart = "always"; | |
97 | Type = "simple"; | |
98 | TimeoutSec = 60; | |
99 | }; | |
100 | ||
101 | unitConfig.RequiresMountsFor = cfg.dataDir; | |
102 | }; | |
d42bbbe6 IB |
103 | }; |
104 | } | |
105 |