1 files changed, 138 insertions, 0 deletions
diff --git a/flakes/paste/flake.nix b/flakes/paste/flake.nix
new file mode 100644
index 0000000..08d0681
--- /dev/null
+++ b/flakes/paste/flake.nix
@@ -0,0 +1,138 @@
+{
+  inputs.flake-utils.url = "github:numtide/flake-utils";
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs";
+  description = "Pastebin-like service";
+  outputs = { self, flake-utils, nixpkgs }: flake-utils.lib.eachDefaultSystem (system:
+    let
+      pkgs = import nixpkgs { inherit system; overlays = []; };
+    in rec {
+      hydraJobs = checks;
+      checks = pkgs.lib.optionalAttrs (builtins.elem system pkgs.lib.systems.doubles.linux) {
+        test =
+          let testing = import (nixpkgs + "/nixos/lib/testing-python.nix") { inherit system; };
+          in testing.makeTest {
+            nodes = {
+              server = { pkgs, ... }: {
+                imports = [ self.nixosModule ];
+                config = {
+                  environment.systemPackages = [ pkgs.curl ];
+                  services.httpd = {
+                    enable = true;
+                    adminAddr = "foo@example.org";
+                    extraConfig = ''
+                      ProxyPass        / unix:///run/paste/gunicorn.sock|http://localhost/
+                      ProxyPassReverse / unix:///run/paste/gunicorn.sock|http://localhost/
+                    '';
+                  };
+                  services.paste.enable = true;
+                };
+              };
+            };
+            testScript = ''
+              start_all()
+              server.wait_for_unit("httpd.service")
+              server.wait_for_unit("paste.service")
+              server.wait_until_succeeds("[ -S /run/paste/gunicorn.sock ]", 10)
+              server.succeed("curl -f http://localhost/")
+              server.succeed("curl -f http://localhost/ | grep -q 'Get the source'")
+            '';
+          };
+        };
+    }) // rec {
+      nixosModule = { config, lib, pkgs, ... }:
+        let
+          cfg = config.services.paste;
+        in {
+          options = {
+            services.paste = {
+              enable = lib.mkOption {
+                type = lib.types.bool;
+                default = false;
+                description = "Whether to enable the pastebin service";
+              };
+              dataDir = lib.mkOption {
+                type = lib.types.path;
+                default = "/var/lib/paste";
+                description = ''
+                  The directory where Paste stores its data.
+                '';
+              };
+              socketsDir = lib.mkOption {
+                type = lib.types.str;
+                default = "/run/paste";
+                description = "Socket which is used for communication with Paste.";
+              };
+              webDirectory = lib.mkOption {
+                type = lib.types.nullOr lib.types.str;
+                default = null;
+                description = "Subdirectory url to which the app will be served";
+              };
+              # Output variables
+              systemdStateDirectory = lib.mkOption {
+                type = lib.types.str;
+                # Use ReadWritePaths= instead if varDir is outside of /var/lib
+                default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
+                              lib.strings.removePrefix "/var/lib/" cfg.dataDir;
+                description = ''
+                  Adjusted paste data directory for systemd
+                '';
+                readOnly = true;
+              };
+              systemdRuntimeDirectory = lib.mkOption {
+                type = lib.types.str;
+                # Use ReadWritePaths= instead if socketsDir is outside of /run
+                default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
+                  lib.strings.removePrefix "/run/" cfg.socketsDir;
+                description = ''
+                Adjusted paste sockets directory for systemd
+                '';
+                readOnly = true;
+              };
+              sockets = lib.mkOption {
+                type = lib.types.attrsOf lib.types.path;
+                default = {
+                  pid      = "${cfg.socketsDir}/gunicorn.pid";
+                  gunicorn = "${cfg.socketsDir}/gunicorn.sock";
+                };
+                readOnly = true;
+                description = ''
+                  Paste sockets
+                  '';
+              };
+            };
+          };
+          config = lib.mkIf cfg.enable {
+            systemd.services.paste = {
+              description = "Pastebin like service";
+              after = [ "network.target" ];
+              wantedBy = [ "multi-user.target" ];
+              serviceConfig = {
+                Environment = pkgs.lib.optionals (cfg.webDirectory != null) [ "SCRIPT_NAME=${cfg.webDirectory}" ];
+                Type = "simple";
+                User = config.services.httpd.user;
+                ExecStart = let
+                  python = pkgs.python3.withPackages (p: [p.gunicorn p.flask p.pygments p.python_magic ]);
+                in
+                  "${python}/bin/gunicorn -w4 -p ${cfg.sockets.pid} -e PASTE_DIRECTORY=${cfg.dataDir} --bind unix:${cfg.sockets.gunicorn} --chdir ${./paste} paste:app";
+                Restart = "always";
+                RestartSec = "5s";
+                PIDFile = cfg.sockets.pid;
+                RuntimeDirectory = cfg.systemdRuntimeDirectory;
+                StateDirectory = cfg.systemdStateDirectory;
+                StandardOutput = "journal";
+                StandardError = "inherit";
+              };
+            };
+          };
+        };
+    };
+}

diff --git a/flakes/paste/flake.nix b/flakes/paste/flake.nix new file mode 100644 index 0000000..08d0681 --- /dev/null +++ b/flakes/paste/flake.nix
@@ -0,0 +1,138 @@
	1	{
	2	inputs.flake-utils.url = "github:numtide/flake-utils";
	3	inputs.nixpkgs.url = "github:NixOS/nixpkgs";
	4
	5	description = "Pastebin-like service";
	6
	7	outputs = { self, flake-utils, nixpkgs }: flake-utils.lib.eachDefaultSystem (system:
	8	let
	9	pkgs = import nixpkgs { inherit system; overlays = []; };
	10	in rec {
	11	hydraJobs = checks;
	12	checks = pkgs.lib.optionalAttrs (builtins.elem system pkgs.lib.systems.doubles.linux) {
	13	test =
	14	let testing = import (nixpkgs + "/nixos/lib/testing-python.nix") { inherit system; };
	15	in testing.makeTest {
	16	nodes = {
	17	server = { pkgs, ... }: {
	18	imports = [ self.nixosModule ];
	19	config = {
	20	environment.systemPackages = [ pkgs.curl ];
	21	services.httpd = {
	22	enable = true;
	23	adminAddr = "foo@example.org";
	24	extraConfig = ''
	25	ProxyPass / unix:///run/paste/gunicorn.sock\|http://localhost/
	26	ProxyPassReverse / unix:///run/paste/gunicorn.sock\|http://localhost/
	27	'';
	28	};
	29	services.paste.enable = true;
	30	};
	31	};
	32	};
	33	testScript = ''
	34	start_all()
	35	server.wait_for_unit("httpd.service")
	36	server.wait_for_unit("paste.service")
	37	server.wait_until_succeeds("[ -S /run/paste/gunicorn.sock ]", 10)
	38	server.succeed("curl -f http://localhost/")
	39	server.succeed("curl -f http://localhost/ \| grep -q 'Get the source'")
	40	'';
	41	};
	42	};
	43	}) // rec {
	44	nixosModule = { config, lib, pkgs, ... }:
	45	let
	46	cfg = config.services.paste;
	47	in {
	48	options = {
	49	services.paste = {
	50	enable = lib.mkOption {
	51	type = lib.types.bool;
	52	default = false;
	53	description = "Whether to enable the pastebin service";
	54	};
	55
	56	dataDir = lib.mkOption {
	57	type = lib.types.path;
	58	default = "/var/lib/paste";
	59	description = ''
	60	The directory where Paste stores its data.
	61	'';
	62	};
	63
	64	socketsDir = lib.mkOption {
	65	type = lib.types.str;
	66	default = "/run/paste";
	67	description = "Socket which is used for communication with Paste.";
	68	};
	69
	70	webDirectory = lib.mkOption {
	71	type = lib.types.nullOr lib.types.str;
	72	default = null;
	73	description = "Subdirectory url to which the app will be served";
	74	};
	75
	76	# Output variables
	77	systemdStateDirectory = lib.mkOption {
	78	type = lib.types.str;
	79	# Use ReadWritePaths= instead if varDir is outside of /var/lib
	80	default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
	81	lib.strings.removePrefix "/var/lib/" cfg.dataDir;
	82	description = ''
	83	Adjusted paste data directory for systemd
	84	'';
	85	readOnly = true;
	86	};
	87	systemdRuntimeDirectory = lib.mkOption {
	88	type = lib.types.str;
	89	# Use ReadWritePaths= instead if socketsDir is outside of /run
	90	default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
	91	lib.strings.removePrefix "/run/" cfg.socketsDir;
	92	description = ''
	93	Adjusted paste sockets directory for systemd
	94	'';
	95	readOnly = true;
	96	};
	97	sockets = lib.mkOption {
	98	type = lib.types.attrsOf lib.types.path;
	99	default = {
	100	pid = "${cfg.socketsDir}/gunicorn.pid";
	101	gunicorn = "${cfg.socketsDir}/gunicorn.sock";
	102	};
	103	readOnly = true;
	104	description = ''
	105	Paste sockets
	106	'';
	107	};
	108	};
	109	};
	110
	111	config = lib.mkIf cfg.enable {
	112	systemd.services.paste = {
	113	description = "Pastebin like service";
	114	after = [ "network.target" ];
	115	wantedBy = [ "multi-user.target" ];
	116
	117	serviceConfig = {
	118	Environment = pkgs.lib.optionals (cfg.webDirectory != null) [ "SCRIPT_NAME=${cfg.webDirectory}" ];
	119	Type = "simple";
	120	User = config.services.httpd.user;
	121	ExecStart = let
	122	python = pkgs.python3.withPackages (p: [p.gunicorn p.flask p.pygments p.python_magic ]);
	123	in
	124	"${python}/bin/gunicorn -w4 -p ${cfg.sockets.pid} -e PASTE_DIRECTORY=${cfg.dataDir} --bind unix:${cfg.sockets.gunicorn} --chdir ${./paste} paste:app";
	125	Restart = "always";
	126	RestartSec = "5s";
	127	PIDFile = cfg.sockets.pid;
	128	RuntimeDirectory = cfg.systemdRuntimeDirectory;
	129	StateDirectory = cfg.systemdStateDirectory;
	130	StandardOutput = "journal";
	131	StandardError = "inherit";
	132	};
	133
	134	};
	135	};
	136	};
	137	};
	138	}