aboutsummaryrefslogtreecommitdiff
path: root/nixops/modules/websites
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2019-05-10 14:21:26 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2019-05-10 14:35:00 +0200
commitd42bbbe6f510fce233ecb66d44d205761390b56e (patch)
treeb90b82317b73898d1e0904646b82bd5f4e5b9816 /nixops/modules/websites
parent996a68c2ec15260dd0c6e8d3d60460e32571d3b7 (diff)
downloadNix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.gz
Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.tar.zst
Nix-d42bbbe6f510fce233ecb66d44d205761390b56e.zip
Move Peertube configuration to modules
Diffstat (limited to 'nixops/modules/websites')
-rw-r--r--nixops/modules/websites/tools/peertube.nix81
1 files changed, 16 insertions, 65 deletions
diff --git a/nixops/modules/websites/tools/peertube.nix b/nixops/modules/websites/tools/peertube.nix
index 813df25..9a56a85 100644
--- a/nixops/modules/websites/tools/peertube.nix
+++ b/nixops/modules/websites/tools/peertube.nix
@@ -1,60 +1,20 @@
1{ lib, pkgs, config, myconfig, mylibs, ... }: 1{ lib, pkgs, config, myconfig, mylibs, ... }:
2let 2let
3 peertube = pkgs.webapps.peertube.override { ldap = true; };
4 varDir = "/var/lib/peertube";
5 env = myconfig.env.tools.peertube; 3 env = myconfig.env.tools.peertube;
6 cfg = config.services.myWebsites.tools.peertube; 4 cfg = config.services.myWebsites.tools.peertube;
5 pcfg = config.services.peertube;
7in { 6in {
8 options.services.myWebsites.tools.peertube = { 7 options.services.myWebsites.tools.peertube = {
9 enable = lib.mkEnableOption "enable Peertube's website"; 8 enable = lib.mkEnableOption "enable Peertube's website";
10 }; 9 };
11 10
12 config = lib.mkIf cfg.enable { 11 config = lib.mkIf cfg.enable {
13 ids.uids.peertube = env.user.uid; 12 services.peertube = {
14 ids.gids.peertube = env.user.gid; 13 enable = true;
15 14 configFile = "/var/secrets/webapps/tools-peertube";
16 users.users.peertube = { 15 package = pkgs.webapps.peertube.override { ldap = true; };
17 name = "peertube";
18 uid = config.ids.uids.peertube;
19 group = "peertube";
20 description = "Peertube user";
21 home = varDir;
22 useDefaultShell = true;
23 extraGroups = [ "keys" ];
24 };
25
26 users.groups.peertube.gid = config.ids.gids.peertube;
27
28 systemd.services.peertube = {
29 description = "Peertube";
30 wantedBy = [ "multi-user.target" ];
31 after = [ "network.target" "postgresql.service" ];
32 wants = [ "postgresql.service" ];
33
34 environment.NODE_CONFIG_DIR = "${varDir}/config";
35 environment.NODE_ENV = "production";
36 environment.HOME = peertube;
37
38 path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ];
39
40 script = ''
41 exec npm run start
42 '';
43
44 serviceConfig = {
45 User = "peertube";
46 Group = "peertube";
47 WorkingDirectory = peertube;
48 PrivateTmp = true;
49 ProtectHome = true;
50 ProtectControlGroups = true;
51 Restart = "always";
52 Type = "simple";
53 TimeoutSec = 60;
54 };
55
56 unitConfig.RequiresMountsFor = varDir;
57 }; 16 };
17 users.users.peertube.extraGroups = [ "keys" ];
58 18
59 mySecrets.keys = [{ 19 mySecrets.keys = [{
60 dest = "webapps/tools-peertube"; 20 dest = "webapps/tools-peertube";
@@ -104,16 +64,16 @@ in {
104 ca_file: null # Used for self signed certificates 64 ca_file: null # Used for self signed certificates
105 from_address: 'peertube@tools.immae.eu' 65 from_address: 'peertube@tools.immae.eu'
106 storage: 66 storage:
107 tmp: '${varDir}/storage/tmp/' 67 tmp: '${pcfg.dataDir}/storage/tmp/'
108 avatars: '${varDir}/storage/avatars/' 68 avatars: '${pcfg.dataDir}/storage/avatars/'
109 videos: '${varDir}/storage/videos/' 69 videos: '${pcfg.dataDir}/storage/videos/'
110 redundancy: '${varDir}/storage/videos/' 70 redundancy: '${pcfg.dataDir}/storage/videos/'
111 logs: '${varDir}/storage/logs/' 71 logs: '${pcfg.dataDir}/storage/logs/'
112 previews: '${varDir}/storage/previews/' 72 previews: '${pcfg.dataDir}/storage/previews/'
113 thumbnails: '${varDir}/storage/thumbnails/' 73 thumbnails: '${pcfg.dataDir}/storage/thumbnails/'
114 torrents: '${varDir}/storage/torrents/' 74 torrents: '${pcfg.dataDir}/storage/torrents/'
115 captions: '${varDir}/storage/captions/' 75 captions: '${pcfg.dataDir}/storage/captions/'
116 cache: '${varDir}/storage/cache/' 76 cache: '${pcfg.dataDir}/storage/cache/'
117 log: 77 log:
118 level: 'info' 78 level: 'info'
119 search: 79 search:
@@ -190,15 +150,6 @@ in {
190 ''; 150 '';
191 }]; 151 }];
192 152
193 system.activationScripts.peertube = {
194 deps = [ "users" ];
195 text = ''
196 install -m 0750 -o peertube -g peertube -d ${varDir}
197 install -m 0750 -o peertube -g peertube -d ${varDir}/config
198 ln -sf /var/secrets/webapps/tools-peertube ${varDir}/config/production.yaml
199 '';
200 };
201
202 services.myWebsites.tools.modules = [ 153 services.myWebsites.tools.modules = [
203 "headers" "proxy" "proxy_http" "proxy_wstunnel" 154 "headers" "proxy" "proxy_http" "proxy_wstunnel"
204 ]; 155 ];