X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fwebapps%2Fpeertube.nix;fp=modules%2Fwebapps%2Fpeertube.nix;h=7c960764f98e8b674a24af34f3395609191dd5d4;hb=d42bbbe6f510fce233ecb66d44d205761390b56e;hp=0000000000000000000000000000000000000000;hpb=996a68c2ec15260dd0c6e8d3d60460e32571d3b7;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix
new file mode 100644
index 0000000..7c96076
--- /dev/null
+++ b/modules/webapps/peertube.nix
@@ -0,0 +1,100 @@
+{ lib, pkgs, config, ... }:
+let
+  name = "peertube";
+  cfg = config.services.peertube;
+
+  uid = config.ids.uids.peertube;
+  gid = config.ids.gids.peertube;
+in
+{
+  options.services.peertube = {
+    enable = lib.mkEnableOption "Enable Peertube’s service";
+    user = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "User account under which Peertube runs";
+    };
+    group = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "Group under which Peertube runs";
+    };
+    dataDir = lib.mkOption {
+      type = lib.types.path;
+      default = "/var/lib/${name}";
+      description = ''
+        The directory where Peertube stores its data.
+      '';
+    };
+    configFile = lib.mkOption {
+      type = lib.types.path;
+      description = ''
+        The configuration file path for Peertube.
+        '';
+    };
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.webapps.peertube;
+      description = ''
+        Peertube package to use.
+        '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
+      inherit name;
+      inherit uid;
+      group = cfg.group;
+      description = "Peertube user";
+      home = cfg.dataDir;
+      useDefaultShell = true;
+    });
+    users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
+      inherit name;
+      inherit gid;
+    });
+
+    systemd.services.peertube = {
+      description = "Peertube";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" "postgresql.service" ];
+      wants = [ "postgresql.service" ];
+
+      environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
+      environment.NODE_ENV = "production";
+      environment.HOME = cfg.package;
+
+      path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
+
+      script = ''
+        exec npm run start
+      '';
+
+      serviceConfig = {
+        User = cfg.user;
+        Group = cfg.group;
+        WorkingDirectory = cfg.package;
+        PrivateTmp = true;
+        ProtectHome = true;
+        ProtectControlGroups = true;
+        Restart = "always";
+        Type = "simple";
+        TimeoutSec = 60;
+      };
+
+      unitConfig.RequiresMountsFor = cfg.dataDir;
+    };
+
+    system.activationScripts.peertube = {
+      deps = [ "users" ];
+      text = ''
+      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
+      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
+      ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
+      '';
+    };
+
+  };
+}
+