Move Peertube configuration to modules

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-10 14:21:26 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-10 14:35:00 +0200
commit: d42bbbe6f510fce233ecb66d44d205761390b56e (patch)
tree: b90b82317b73898d1e0904646b82bd5f4e5b9816 /modules
parent: 996a68c2ec15260dd0c6e8d3d60460e32571d3b7 (diff)
download: Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.gz
Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.zst
Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.zip
3 files changed, 103 insertions, 0 deletions
diff --git a/modules/default.nix b/modules/default.nix
index 3cc4149..fa67144 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -2,4 +2,5 @@
  myids = ./myids.nix;
  mediagoblin = ./webapps/mediagoblin.nix;
+  peertube = ./webapps/peertube.nix;
 }
diff --git a/modules/myids.nix b/modules/myids.nix
index a3e5879..bd6caf3 100644
--- a/modules/myids.nix
+++ b/modules/myids.nix
@@ -2,9 +2,11 @@
 {
  config = {
    ids.uids = {
+      peertube = 394;
      mediagoblin = 397;
    };
    ids.gids = {
+      peertube = 394;
      mediagoblin = 397;
    };
  };
diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix
new file mode 100644
index 0000000..7c96076
--- /dev/null
+++ b/modules/webapps/peertube.nix
@@ -0,0 +1,100 @@
+{ lib, pkgs, config, ... }:
+let
+  name = "peertube";
+  cfg = config.services.peertube;
+  uid = config.ids.uids.peertube;
+  gid = config.ids.gids.peertube;
+in
+{
+  options.services.peertube = {
+    enable = lib.mkEnableOption "Enable Peertube’s service";
+    user = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "User account under which Peertube runs";
+    };
+    group = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "Group under which Peertube runs";
+    };
+    dataDir = lib.mkOption {
+      type = lib.types.path;
+      default = "/var/lib/${name}";
+      description = ''
+        The directory where Peertube stores its data.
+      '';
+    };
+    configFile = lib.mkOption {
+      type = lib.types.path;
+      description = ''
+        The configuration file path for Peertube.
+        '';
+    };
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.webapps.peertube;
+      description = ''
+        Peertube package to use.
+        '';
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
+      inherit name;
+      inherit uid;
+      group = cfg.group;
+      description = "Peertube user";
+      home = cfg.dataDir;
+      useDefaultShell = true;
+    });
+    users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
+      inherit name;
+      inherit gid;
+    });
+    systemd.services.peertube = {
+      description = "Peertube";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" "postgresql.service" ];
+      wants = [ "postgresql.service" ];
+      environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
+      environment.NODE_ENV = "production";
+      environment.HOME = cfg.package;
+      path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
+      script = ''
+        exec npm run start
+      '';
+      serviceConfig = {
+        User = cfg.user;
+        Group = cfg.group;
+        WorkingDirectory = cfg.package;
+        PrivateTmp = true;
+        ProtectHome = true;
+        ProtectControlGroups = true;
+        Restart = "always";
+        Type = "simple";
+        TimeoutSec = 60;
+      };
+      unitConfig.RequiresMountsFor = cfg.dataDir;
+    };
+    system.activationScripts.peertube = {
+      deps = [ "users" ];
+      text = ''
+      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
+      install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
+      ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
+      '';
+    };
+  };
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-10 14:21:26 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-10 14:35:00 +0200
commit	d42bbbe6f510fce233ecb66d44d205761390b56e (patch)
tree	b90b82317b73898d1e0904646b82bd5f4e5b9816 /modules
parent	996a68c2ec15260dd0c6e8d3d60460e32571d3b7 (diff)
download	Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.gz Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.zst Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.zip

diff --git a/modules/default.nix b/modules/default.nix index 3cc4149..fa67144 100644 --- a/modules/default.nix +++ b/modules/default.nix
@@ -2,4 +2,5 @@
2	myids = ./myids.nix;	2	myids = ./myids.nix;
3		3
4	mediagoblin = ./webapps/mediagoblin.nix;	4	mediagoblin = ./webapps/mediagoblin.nix;
		5	peertube = ./webapps/peertube.nix;
5	}	6	}


diff --git a/modules/myids.nix b/modules/myids.nix index a3e5879..bd6caf3 100644 --- a/modules/myids.nix +++ b/modules/myids.nix
@@ -2,9 +2,11 @@
2	{	2	{
3	config = {	3	config = {
4	ids.uids = {	4	ids.uids = {
		5	peertube = 394;
5	mediagoblin = 397;	6	mediagoblin = 397;
6	};	7	};
7	ids.gids = {	8	ids.gids = {
		9	peertube = 394;
8	mediagoblin = 397;	10	mediagoblin = 397;
9	};	11	};
10	};	12	};


diff --git a/modules/webapps/peertube.nix b/modules/webapps/peertube.nix new file mode 100644 index 0000000..7c96076 --- /dev/null +++ b/modules/webapps/peertube.nix
@@ -0,0 +1,100 @@
		1	{ lib, pkgs, config, ... }:
		2	let
		3	name = "peertube";
		4	cfg = config.services.peertube;
		5
		6	uid = config.ids.uids.peertube;
		7	gid = config.ids.gids.peertube;
		8	in
		9	{
		10	options.services.peertube = {
		11	enable = lib.mkEnableOption "Enable Peertube’s service";
		12	user = lib.mkOption {
		13	type = lib.types.str;
		14	default = name;
		15	description = "User account under which Peertube runs";
		16	};
		17	group = lib.mkOption {
		18	type = lib.types.str;
		19	default = name;
		20	description = "Group under which Peertube runs";
		21	};
		22	dataDir = lib.mkOption {
		23	type = lib.types.path;
		24	default = "/var/lib/${name}";
		25	description = ''
		26	The directory where Peertube stores its data.
		27	'';
		28	};
		29	configFile = lib.mkOption {
		30	type = lib.types.path;
		31	description = ''
		32	The configuration file path for Peertube.
		33	'';
		34	};
		35	package = lib.mkOption {
		36	type = lib.types.package;
		37	default = pkgs.webapps.peertube;
		38	description = ''
		39	Peertube package to use.
		40	'';
		41	};
		42	};
		43
		44	config = lib.mkIf cfg.enable {
		45	users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
		46	inherit name;
		47	inherit uid;
		48	group = cfg.group;
		49	description = "Peertube user";
		50	home = cfg.dataDir;
		51	useDefaultShell = true;
		52	});
		53	users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
		54	inherit name;
		55	inherit gid;
		56	});
		57
		58	systemd.services.peertube = {
		59	description = "Peertube";
		60	wantedBy = [ "multi-user.target" ];
		61	after = [ "network.target" "postgresql.service" ];
		62	wants = [ "postgresql.service" ];
		63
		64	environment.NODE_CONFIG_DIR = "${cfg.dataDir}/config";
		65	environment.NODE_ENV = "production";
		66	environment.HOME = cfg.package;
		67
		68	path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
		69
		70	script = ''
		71	exec npm run start
		72	'';
		73
		74	serviceConfig = {
		75	User = cfg.user;
		76	Group = cfg.group;
		77	WorkingDirectory = cfg.package;
		78	PrivateTmp = true;
		79	ProtectHome = true;
		80	ProtectControlGroups = true;
		81	Restart = "always";
		82	Type = "simple";
		83	TimeoutSec = 60;
		84	};
		85
		86	unitConfig.RequiresMountsFor = cfg.dataDir;
		87	};
		88
		89	system.activationScripts.peertube = {
		90	deps = [ "users" ];
		91	text = ''
		92	install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}
		93	install -m 0750 -o ${cfg.user} -g ${cfg.group} -d ${cfg.dataDir}/config
		94	ln -sf ${cfg.configFile} ${cfg.dataDir}/config/production.yaml
		95	'';
		96	};
		97
		98	};
		99	}
		100