]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - modules/webapps/mediagoblin.nix
projects / perso / Immae / Config / Nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Move diaspora module outside of nixops
[perso/Immae/Config/Nix.git] / modules / webapps / mediagoblin.nix
1 { lib, pkgs, config, ... }:
2 let
3 name = "mediagoblin";
4 cfg = config.services.mediagoblin;
5
6 uid = config.ids.uids.mediagoblin;
7 gid = config.ids.gids.mediagoblin;
8
9 paste_local = pkgs.writeText "paste_local.ini" ''
10 [DEFAULT]
11 debug = false
12
13 [pipeline:main]
14 pipeline = mediagoblin
15
16 [app:mediagoblin]
17 use = egg:mediagoblin#app
18 config = ${cfg.configFile} ${cfg.workdir}/mediagoblin.ini
19 /mgoblin_static = ${cfg.workdir}/mediagoblin/static
20
21 [loggers]
22 keys = root
23
24 [handlers]
25 keys = console
26
27 [formatters]
28 keys = generic
29
30 [logger_root]
31 level = INFO
32 handlers = console
33
34 [handler_console]
35 class = StreamHandler
36 args = (sys.stderr,)
37 level = NOTSET
38 formatter = generic
39
40 [formatter_generic]
41 format = %(levelname)-7.7s [%(name)s] %(message)s
42
43 [filter:errors]
44 use = egg:mediagoblin#errors
45 debug = false
46
47 [server:main]
48 use = egg:waitress#main
49 unix_socket = ${cfg.sockets.paster}
50 unix_socket_perms = 777
51 url_scheme = https
52 '';
53 in
54 {
55 options.services.mediagoblin = {
56 enable = lib.mkEnableOption "Enable Mediagoblin’s service";
57 user = lib.mkOption {
58 type = lib.types.str;
59 default = name;
60 description = "User account under which Mediagoblin runs";
61 };
62 group = lib.mkOption {
63 type = lib.types.str;
64 default = name;
65 description = "Group under which Mediagoblin runs";
66 };
67 dataDir = lib.mkOption {
68 type = lib.types.path;
69 default = "/var/lib/${name}";
70 description = ''
71 The directory where Mediagoblin stores its data.
72 '';
73 };
74 socketsDir = lib.mkOption {
75 type = lib.types.path;
76 default = "/run/${name}";
77 description = ''
78 The directory where Mediagoblin puts runtime files and sockets.
79 '';
80 };
81 configFile = lib.mkOption {
82 type = lib.types.path;
83 description = ''
84 The configuration file path for Mediagoblin.
85 '';
86 };
87 package = lib.mkOption {
88 type = lib.types.package;
89 default = pkgs.webapps.mediagoblin;
90 description = ''
91 Mediagoblin package to use.
92 '';
93 };
94 plugins = lib.mkOption {
95 type = lib.types.listOf lib.types.package;
96 default = [];
97 description = ''
98 Mediagoblin plugins to use.
99 '';
100 };
101 # Output variables
102 workdir = lib.mkOption {
103 type = lib.types.package;
104 default = cfg.package.withPlugins cfg.plugins;
105 description = ''
106 Adjusted Mediagoblin package with plugins
107 '';
108 readOnly = true;
109 };
110 sockets = lib.mkOption {
111 type = lib.types.attrsOf lib.types.path;
112 default = {
113 paster = "${cfg.socketsDir}/mediagoblin.sock";
114 };
115 readOnly = true;
116 description = ''
117 Mediagoblin sockets
118 '';
119 };
120 pids = lib.mkOption {
121 type = lib.types.attrsOf lib.types.path;
122 default = {
123 paster = "${cfg.socketsDir}/mediagoblin.pid";
124 celery = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
125 };
126 readOnly = true;
127 description = ''
128 Mediagoblin pid files
129 '';
130 };
131 };
132
133 config = lib.mkIf cfg.enable {
134 users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
135 inherit name;
136 inherit uid;
137 group = cfg.group;
138 description = "Mediagoblin user";
139 home = cfg.dataDir;
140 useDefaultShell = true;
141 });
142 users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
143 inherit name;
144 inherit gid;
145 });
146
147 systemd.services.mediagoblin-web = {
148 description = "Mediagoblin service";
149 wantedBy = [ "multi-user.target" ];
150 after = [ "network.target" ];
151 wants = [ "postgresql.service" "redis.service" ];
152
153 environment.SCRIPT_NAME = "/mediagoblin/";
154
155 script = ''
156 exec ./bin/paster serve \
157 ${paste_local} \
158 --pid-file=${cfg.pids.paster}
159 '';
160 preStop = ''
161 exec ./bin/paster serve \
162 --pid-file=${cfg.pids.paster} \
163 ${paste_local} stop
164 '';
165 preStart = ''
166 ./bin/gmg -cf ${cfg.configFile} dbupdate
167 '';
168
169 serviceConfig = {
170 User = cfg.user;
171 PrivateTmp = true;
172 Restart = "always";
173 TimeoutSec = 15;
174 Type = "simple";
175 WorkingDirectory = cfg.workdir;
176 PIDFile = cfg.pids.paster;
177 };
178
179 unitConfig.RequiresMountsFor = cfg.dataDir;
180 };
181
182 systemd.services.mediagoblin-celeryd = {
183 description = "Mediagoblin service";
184 wantedBy = [ "multi-user.target" ];
185 after = [ "network.target" "mediagoblin-web.service" ];
186
187 environment.MEDIAGOBLIN_CONFIG = cfg.configFile;
188 environment.CELERY_CONFIG_MODULE = "mediagoblin.init.celery.from_celery";
189
190 script = ''
191 exec ./bin/celery worker \
192 --logfile=${cfg.dataDir}/celery.log \
193 --loglevel=INFO
194 '';
195
196 serviceConfig = {
197 User = cfg.user;
198 PrivateTmp = true;
199 Restart = "always";
200 TimeoutSec = 60;
201 Type = "simple";
202 WorkingDirectory = cfg.workdir;
203 PIDFile = cfg.pids.celery;
204 };
205
206 unitConfig.RequiresMountsFor = cfg.dataDir;
207 };
208
209 system.activationScripts.mediagoblin = {
210 deps = [ "users" ];
211 text = ''
212 install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.socketsDir}
213 install -m 0755 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
214 if [ -d ${cfg.dataDir}/plugin_static/ ]; then
215 rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
216 ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
217 fi
218 '';
219 };
220
221 };
222 }
My infrastructure configuration