modules/webapps/peertube.nix

   1 { lib, pkgs, config, ... }:
   2 let
   3   name = "peertube";
   4   cfg = config.services.peertube;
   5
   6   uid = config.ids.uids.peertube;
   7   gid = config.ids.gids.peertube;
   8 in
   9 {
  10   options.services.peertube = {
  11     enable = lib.mkEnableOption "Enable Peertube’s service";
  12     user = lib.mkOption {
  13       type = lib.types.str;
  14       default = name;
  15       description = "User account under which Peertube runs";
  16     };
  17     group = lib.mkOption {
  18       type = lib.types.str;
  19       default = name;
  20       description = "Group under which Peertube runs";
  21     };
  22     dataDir = lib.mkOption {
  23       type = lib.types.path;
  24       default = "/var/lib/${name}";
  25       description = ''
  26         The directory where Peertube stores its data.
  27       '';
  28     };
  29     configFile = lib.mkOption {
  30       type = lib.types.path;
  31       description = ''
  32         The configuration file path for Peertube.
  33         '';
  34     };
  35     package = lib.mkOption {
  36       type = lib.types.package;
  37       default = pkgs.webapps.peertube;
  38       description = ''
  39         Peertube package to use.
  40         '';
  41     };
  42   };
  43
  44   config = lib.mkIf cfg.enable {
  45     users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
  46       inherit name;
  47       inherit uid;
  48       group = cfg.group;
  49       description = "Peertube user";
  50       home = cfg.dataDir;
  51       useDefaultShell = true;
  52     });
  53     users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
  54       inherit name;
  55       inherit gid;
  56     });
  57
  58     systemd.services.peertube = {
  59       description = "Peertube";
  60       wantedBy = [ "multi-user.target" ];
  61       after = [ "network.target" "postgresql.service" ];
  62       wants = [ "postgresql.service" ];
  63
  64       environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
  65       environment.NODE_ENV = "production";
  66       environment.HOME = cfg.package;
  67
  68       path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
  69
  70       script = ''
  71         exec npm run start
  72       '';
  73
  74       serviceConfig = {
  75         User = cfg.user;
  76         Group = cfg.group;
  77         WorkingDirectory = cfg.package;
  78         PrivateTmp = true;
  79         ProtectHome = true;
  80         ProtectControlGroups = true;
  81         Restart = "always";
  82         Type = "simple";
  83         TimeoutSec = 60;
  84       };
  85
  86       unitConfig.RequiresMountsFor = cfg.dataDir;
  87     };
  88
  89     system.activationScripts.peertube = {
  90       deps = [ "users" ];
  91       text = ''
  92       install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
  93       install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
  94       ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
  95       '';
  96     };
  97
  98   };
  99 }
 100