From a565d58b53473c40fcb8b6e1e16b83906a76fbdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sun, 6 Jun 2021 23:35:46 +0200 Subject: Add umami --- modules/private/default.nix | 1 + modules/private/environment.nix | 10 ++++ modules/private/websites/default.nix | 1 + modules/private/websites/tools/stats/default.nix | 52 +++++++++++++++++ nixops/secrets | 2 +- pkgs/default.nix | 1 + pkgs/umami/build-geo.patch | 15 +++++ pkgs/umami/default.nix | 72 ++++++++++++++++++++++++ 8 files changed, 153 insertions(+), 1 deletion(-) create mode 100644 modules/private/websites/tools/stats/default.nix create mode 100644 pkgs/umami/build-geo.patch create mode 100644 pkgs/umami/default.nix diff --git a/modules/private/default.nix b/modules/private/default.nix index 9f99ed9..0ff5214 100644 --- a/modules/private/default.nix +++ b/modules/private/default.nix @@ -101,6 +101,7 @@ set = { performanceTool = ./websites/tools/performance; toolsTool = ./websites/tools/tools; mailTool = ./websites/tools/mail; + statsTool = ./websites/tools/stats; # Games codenamesGame = ./websites/tools/games/codenames; diff --git a/modules/private/environment.nix b/modules/private/environment.nix index 980b878..719bf8f 100644 --- a/modules/private/environment.nix +++ b/modules/private/environment.nix @@ -1193,6 +1193,16 @@ in }; }; }; + umami = mkOption { + description = "Umami configuration"; + type = submodule { + options = { + listenPort = mkOption { type = port; description = "Port to listen to"; }; + postgresql = mkPsqlOptions "Umami"; + hashSalt = mkOption { type = str; description = "Hash salt"; }; + }; + }; + }; yourls = mkOption { description = "Yourls configuration"; type = submodule { diff --git a/modules/private/websites/default.nix b/modules/private/websites/default.nix index 07ffc3e..fa9ee8d 100644 --- a/modules/private/websites/default.nix +++ b/modules/private/websites/default.nix @@ -317,6 +317,7 @@ in tools.performance.enable = true; tools.tools.enable = true; tools.email.enable = true; + tools.stats.enable = false; games.codenames.enable = true; games.terraforming-mars.enable = true; diff --git a/modules/private/websites/tools/stats/default.nix b/modules/private/websites/tools/stats/default.nix new file mode 100644 index 0000000..5f184bc --- /dev/null +++ b/modules/private/websites/tools/stats/default.nix @@ -0,0 +1,52 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.myServices.websites.tools.stats; + myCfg = config.myEnv.tools.umami; +in +{ + options.myServices.websites.tools.stats.enable = lib.mkEnableOption "Enable stats site"; + config = lib.mkIf cfg.enable { + secrets.keys = [ + { + dest = "umami/env"; + permission = "0400"; + text = '' + PORT=${toString myCfg.listenPort} + HOSTNAME=127.0.0.1 + DATABASE_URL=postgresql://${myCfg.postgresql.user}:${myCfg.postgresql.password}@localhost:${myCfg.postgresql.port}/${myCfg.postgresql.database}?sslmode=disable&host=${myCfg.postgresql.socket} + HASH_SALT=${myCfg.hashSalt} + ''; + } + ]; + + services.websites.env.tools.vhostConfs.stats = { + certName = "eldiron"; + addToCerts = true; + hosts = [ "stats.immae.eu" ]; + root = null; + extraConfig = [ + '' + ProxyPass / http://localhost:${toString myCfg.listenPort}/ + ProxyPassReverse / http://localhost:${toString myCfg.listenPort}/ + ProxyPreserveHost On + '' + ]; + }; + systemd.services.umami = { + description = "Umami service"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + wants = [ "postgresql.service" ]; + path = [ pkgs.nodejs pkgs.bashInteractive ]; + serviceConfig = { + Type = "simple"; + User = "umami"; + Group = "umami"; + DynamicUser = true; + SupplementaryGroups = [ "keys" ]; + ExecStart = "${pkgs.umami}/bin/umami"; + EnvironmentFile = config.secrets.fullPaths."umami/env"; + }; + }; + }; +} diff --git a/nixops/secrets b/nixops/secrets index 781c6c3..9ac6c14 160000 --- a/nixops/secrets +++ b/nixops/secrets @@ -1 +1 @@ -Subproject commit 781c6c35b98d91aedcfd70347a7aa82f93631f75 +Subproject commit 9ac6c1459d2eeb24be0a991f745b567f0fcb0cca diff --git a/pkgs/default.nix b/pkgs/default.nix index f567104..603d12e 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -37,6 +37,7 @@ rec { terminal-velocity = callPackage ./terminal-velocity {}; tiv = callPackage ./tiv {}; twins = callPackage ./twins {}; + umami = callPackage ./umami {}; unicodeDoc = callPackage ./unicode {}; cardano = callPackage ./crypto/cardano { inherit mylibs; }; diff --git a/pkgs/umami/build-geo.patch b/pkgs/umami/build-geo.patch new file mode 100644 index 0000000..7a4f075 --- /dev/null +++ b/pkgs/umami/build-geo.patch @@ -0,0 +1,15 @@ +diff --git a/scripts/build-geo.js b/scripts/build-geo.js +index cc66f94..5464b54 100644 +--- a/scripts/build-geo.js ++++ b/scripts/build-geo.js +@@ -22,9 +22,7 @@ if (!fs.existsSync(dest)) { + + const download = url => + new Promise(resolve => { +- https.get(url, res => { +- resolve(res.pipe(zlib.createGunzip({})).pipe(tar.t())); +- }); ++ resolve(fs.createReadStream(url).pipe(zlib.createGunzip({})).pipe(tar.t())); + }); + + download(url).then( diff --git a/pkgs/umami/default.nix b/pkgs/umami/default.nix new file mode 100644 index 0000000..5620f90 --- /dev/null +++ b/pkgs/umami/default.nix @@ -0,0 +1,72 @@ +{ nodejs, writeScriptBin, stdenv, yarn2nix-moretea, lib, fetchzip, fetchurl, zlib, openssl, fetchFromGitHub }: +let + version = "1.17.0"; + geolite2-country-url = "https://raw.githubusercontent.com/GitSquared/node-geolite2-redist/master/redist/GeoLite2-Country.tar.gz"; + geolite2-country = fetchurl { + url = geolite2-country-url; + sha256 = "0mdjvx1dfpkhg5kbp7jnrspzybaavhlxmna44l7rw05nrw5nv9zw"; + }; + toBin = sha256: name: fetchurl { + inherit name sha256; + url = "https://binaries.prisma.sh/all_commits/e421996c87d5f3c8f7eeadd502d4ad402c89464d/debian-openssl-1.1.x/${name}.gz"; + downloadToTemp = true; + executable = true; + postFetch = '' + cat "$downloadedFile" | gunzip > $out + patchelf --set-interpreter "${stdenv.cc.bintools.dynamicLinker}" \ + --set-rpath "${lib.makeLibraryPath [ openssl zlib ]}:$(patchelf --print-rpath $out)" \ + $out + chmod +x $out + ''; + }; + binaries = { + DATABASE_TYPE = "postgresql"; + PRISMA_QUERY_ENGINE_BINARY = toBin "1sy67xqvbmgzksw7bl31k74k41jr44n514idqbi70j2i6jxbrl4j" "query-engine"; + PRISMA_INTROSPECTION_ENGINE_BINARY = toBin "1kcszg11f71sg2y0ki7kg4prwlyb67bdjpjcky9kyjd8n9ilc8hj" "introspection-engine"; + PRISMA_MIGRATION_ENGINE_BINARY = toBin "1lmz0wwjaavap9k6z5ysqrhlgs3r3kc9jpri2lv0lq95qmwr5hzq" "migration-engine"; + PRISMA_FMT_BINARY = toBin "0241aszja3j1pp7pxs40irmfj06ilfjbzyqjzrzrb5azk7izwm73" "prisma-fmt"; + }; + src = fetchFromGitHub { + owner = "mikecao"; + repo = "umami"; + rev = "v${version}"; + sha256 = "15jfgf057lsl20vdw45v5cim5d2ilalzaaxn6h82pz4d2fj1w0nh"; + }; + node-modules = yarn2nix-moretea.mkYarnModules rec { + pname = "umami"; + inherit version; + name = "${pname}-${version}"; + yarnLock = "${src}/yarn.lock"; + packageJSON = "${src}/package.json"; + pkgConfig.npm-run-all.postInstall = '' + patchShebangs . + ''; + pkgConfig.rollup.postInstall = '' + patchShebangs . + ''; + }; + package = stdenv.mkDerivation (binaries // { + pname = "umami"; + inherit version src; + buildInputs = [ nodejs ]; + patches = [ ./build-geo.patch ]; + configurePhase = '' + cp -r ${node-modules}/node_modules . + chmod u+w -R node_modules + ''; + buildPhase = '' + sed -i -e "s@${geolite2-country-url}@${geolite2-country}@" scripts/build-geo.js + npm run build + ''; + installPhase = '' + cp -a . $out + ''; + }); + script = writeScriptBin "umami" ('' + #! ${stdenv.shell} + cd ${package} + '' + builtins.concatStringsSep "\n" (lib.mapAttrsToList (n: v: "export ${n}=${v}") binaries) + "\n" + '' + ${nodejs}/bin/npm run start-env + ''); +in + script // { nodeApp = package; } -- cgit v1.2.3