Make etherpad derivation pure

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / ether / default.nix

diff --git a/nixops/modules/websites/tools/ether/default.nix b/nixops/modules/websites/tools/ether/default.nix
index 0d04c36dc26f2a42014aa1a9f2127b0752d5434e..c4685a443b7db8102388ffc74ce989164e072220 100644 (file)
--- a/nixops/modules/websites/tools/ether/default.nix
+++ b/nixops/modules/websites/tools/ether/default.nix
@@ -1,10 +1,11 @@
 { lib, pkgs, config, myconfig, mylibs, ... }:
 let
   etherpad = pkgs.callPackage ./etherpad_lite.nix {
-    inherit (mylibs) fetchedGithub;
+    inherit (pkgs.webapps) etherpad-lite etherpad-lite-modules;
     env = myconfig.env.tools.etherpad-lite;
   };
 
+  varDir = etherpad.webappDir.varDir;
   cfg = config.services.myWebsites.tools.etherpad-lite;
 in {
   options.services.myWebsites.tools.etherpad-lite = {
@@ -26,6 +27,8 @@ in {
 
       script = ''
         exec ${pkgs.nodejs}/bin/node ${etherpad.webappDir}/src/node/server.js \
+          --sessionkey /var/secrets/webapps/tools-etherpad-sessionkey \
+          --apikey /var/secrets/webapps/tools-etherpad-apikey \
           --settings /var/secrets/webapps/tools-etherpad
       '';
 
@@ -44,7 +47,12 @@ in {
         Restart = "always";
         Type = "simple";
         TimeoutSec = 60;
-        ExecStartPre = "+${pkgs.coreutils}/bin/chown etherpad-lite:etherpad-lite /var/secrets/webapps/tools-etherpad /var/secrets/webapps/tools-etherpad-sessionkey /var/secrets/webapps/tools-etherpad-apikey";
+        # Use ReadWritePaths= instead if varDir is outside of /var/lib
+        StateDirectory="etherpad-lite";
+        ExecStartPre = [
+          "+${pkgs.coreutils}/bin/install -d -m 0755 -o etherpad-lite -g etherpad-lite ${varDir}/ep_initialized"
+          "+${pkgs.coreutils}/bin/chown -R etherpad-lite:etherpad-lite ${varDir} /var/secrets/webapps/tools-etherpad /var/secrets/webapps/tools-etherpad-sessionkey /var/secrets/webapps/tools-etherpad-apikey"
+        ];
       };
     };