From d42bbbe6f510fce233ecb66d44d205761390b56e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 10 May 2019 14:21:26 +0200 Subject: Move Peertube configuration to modules --- nixops/modules/websites/tools/peertube.nix | 81 ++++++------------------------ 1 file changed, 16 insertions(+), 65 deletions(-) (limited to 'nixops/modules/websites') diff --git a/nixops/modules/websites/tools/peertube.nix b/nixops/modules/websites/tools/peertube.nix index 813df25..9a56a85 100644 --- a/nixops/modules/websites/tools/peertube.nix +++ b/nixops/modules/websites/tools/peertube.nix @@ -1,60 +1,20 @@ { lib, pkgs, config, myconfig, mylibs, ... }: let - peertube = pkgs.webapps.peertube.override { ldap = true; }; - varDir = "/var/lib/peertube"; env = myconfig.env.tools.peertube; cfg = config.services.myWebsites.tools.peertube; + pcfg = config.services.peertube; in { options.services.myWebsites.tools.peertube = { enable = lib.mkEnableOption "enable Peertube's website"; }; config = lib.mkIf cfg.enable { - ids.uids.peertube = env.user.uid; - ids.gids.peertube = env.user.gid; - - users.users.peertube = { - name = "peertube"; - uid = config.ids.uids.peertube; - group = "peertube"; - description = "Peertube user"; - home = varDir; - useDefaultShell = true; - extraGroups = [ "keys" ]; - }; - - users.groups.peertube.gid = config.ids.gids.peertube; - - systemd.services.peertube = { - description = "Peertube"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "postgresql.service" ]; - wants = [ "postgresql.service" ]; - - environment.NODE_CONFIG_DIR = "${varDir}/config"; - environment.NODE_ENV = "production"; - environment.HOME = peertube; - - path = [ pkgs.nodejs pkgs.bashInteractive pkgs.ffmpeg pkgs.openssl ]; - - script = '' - exec npm run start - ''; - - serviceConfig = { - User = "peertube"; - Group = "peertube"; - WorkingDirectory = peertube; - PrivateTmp = true; - ProtectHome = true; - ProtectControlGroups = true; - Restart = "always"; - Type = "simple"; - TimeoutSec = 60; - }; - - unitConfig.RequiresMountsFor = varDir; + services.peertube = { + enable = true; + configFile = "/var/secrets/webapps/tools-peertube"; + package = pkgs.webapps.peertube.override { ldap = true; }; }; + users.users.peertube.extraGroups = [ "keys" ]; mySecrets.keys = [{ dest = "webapps/tools-peertube"; @@ -104,16 +64,16 @@ in { ca_file: null # Used for self signed certificates from_address: 'peertube@tools.immae.eu' storage: - tmp: '${varDir}/storage/tmp/' - avatars: '${varDir}/storage/avatars/' - videos: '${varDir}/storage/videos/' - redundancy: '${varDir}/storage/videos/' - logs: '${varDir}/storage/logs/' - previews: '${varDir}/storage/previews/' - thumbnails: '${varDir}/storage/thumbnails/' - torrents: '${varDir}/storage/torrents/' - captions: '${varDir}/storage/captions/' - cache: '${varDir}/storage/cache/' + tmp: '${pcfg.dataDir}/storage/tmp/' + avatars: '${pcfg.dataDir}/storage/avatars/' + videos: '${pcfg.dataDir}/storage/videos/' + redundancy: '${pcfg.dataDir}/storage/videos/' + logs: '${pcfg.dataDir}/storage/logs/' + previews: '${pcfg.dataDir}/storage/previews/' + thumbnails: '${pcfg.dataDir}/storage/thumbnails/' + torrents: '${pcfg.dataDir}/storage/torrents/' + captions: '${pcfg.dataDir}/storage/captions/' + cache: '${pcfg.dataDir}/storage/cache/' log: level: 'info' search: @@ -190,15 +150,6 @@ in { ''; }]; - system.activationScripts.peertube = { - deps = [ "users" ]; - text = '' - install -m 0750 -o peertube -g peertube -d ${varDir} - install -m 0750 -o peertube -g peertube -d ${varDir}/config - ln -sf /var/secrets/webapps/tools-peertube ${varDir}/config/production.yaml - ''; - }; - services.myWebsites.tools.modules = [ "headers" "proxy" "proxy_http" "proxy_wstunnel" ]; -- cgit v1.2.3