summaryrefslogtreecommitdiff
path: root/modules/webapps/mediagoblin.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/webapps/mediagoblin.nix')
-rw-r--r--modules/webapps/mediagoblin.nix237
1 files changed, 237 insertions, 0 deletions
diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix
new file mode 100644
index 00000000..78bbef6f
--- /dev/null
+++ b/modules/webapps/mediagoblin.nix
@@ -0,0 +1,237 @@
1{ lib, pkgs, config, ... }:
2let
3 name = "mediagoblin";
4 cfg = config.services.mediagoblin;
5
6 uid = config.ids.uids.mediagoblin;
7 gid = config.ids.gids.mediagoblin;
8
9 paste_local = pkgs.writeText "paste_local.ini" ''
10 [DEFAULT]
11 debug = false
12
13 [pipeline:main]
14 pipeline = mediagoblin
15
16 [app:mediagoblin]
17 use = egg:mediagoblin#app
18 config = ${cfg.configFile} ${cfg.workdir}/mediagoblin.ini
19 /mgoblin_static = ${cfg.workdir}/mediagoblin/static
20
21 [loggers]
22 keys = root
23
24 [handlers]
25 keys = console
26
27 [formatters]
28 keys = generic
29
30 [logger_root]
31 level = INFO
32 handlers = console
33
34 [handler_console]
35 class = StreamHandler
36 args = (sys.stderr,)
37 level = NOTSET
38 formatter = generic
39
40 [formatter_generic]
41 format = %(levelname)-7.7s [%(name)s] %(message)s
42
43 [filter:errors]
44 use = egg:mediagoblin#errors
45 debug = false
46
47 [server:main]
48 use = egg:waitress#main
49 unix_socket = ${cfg.sockets.paster}
50 unix_socket_perms = 777
51 url_scheme = https
52 '';
53in
54{
55 options.services.mediagoblin = {
56 enable = lib.mkEnableOption "Enable Mediagoblin’s service";
57 user = lib.mkOption {
58 type = lib.types.str;
59 default = name;
60 description = "User account under which Mediagoblin runs";
61 };
62 group = lib.mkOption {
63 type = lib.types.str;
64 default = name;
65 description = "Group under which Mediagoblin runs";
66 };
67 dataDir = lib.mkOption {
68 type = lib.types.path;
69 default = "/var/lib/${name}";
70 description = ''
71 The directory where Mediagoblin stores its data.
72 '';
73 };
74 socketsDir = lib.mkOption {
75 type = lib.types.path;
76 default = "/run/${name}";
77 description = ''
78 The directory where Mediagoblin puts runtime files and sockets.
79 '';
80 };
81 configFile = lib.mkOption {
82 type = lib.types.path;
83 description = ''
84 The configuration file path for Mediagoblin.
85 '';
86 };
87 package = lib.mkOption {
88 type = lib.types.package;
89 default = pkgs.webapps.mediagoblin;
90 description = ''
91 Mediagoblin package to use.
92 '';
93 };
94 plugins = lib.mkOption {
95 type = lib.types.listOf lib.types.package;
96 default = [];
97 description = ''
98 Mediagoblin plugins to use.
99 '';
100 };
101 # Output variables
102 workdir = lib.mkOption {
103 type = lib.types.package;
104 default = cfg.package.withPlugins cfg.plugins;
105 description = ''
106 Adjusted Mediagoblin package with plugins
107 '';
108 readOnly = true;
109 };
110 systemdStateDirectory = lib.mkOption {
111 type = lib.types.str;
112 # Use ReadWritePaths= instead if varDir is outside of /var/lib
113 default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
114 lib.strings.removePrefix "/var/lib/" cfg.dataDir;
115 description = ''
116 Adjusted Mediagoblin data directory for systemd
117 '';
118 readOnly = true;
119 };
120 systemdRuntimeDirectory = lib.mkOption {
121 type = lib.types.str;
122 # Use ReadWritePaths= instead if socketsDir is outside of /run
123 default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
124 lib.strings.removePrefix "/run/" cfg.socketsDir;
125 description = ''
126 Adjusted Mediagoblin sockets directory for systemd
127 '';
128 readOnly = true;
129 };
130 sockets = lib.mkOption {
131 type = lib.types.attrsOf lib.types.path;
132 default = {
133 paster = "${cfg.socketsDir}/mediagoblin.sock";
134 };
135 readOnly = true;
136 description = ''
137 Mediagoblin sockets
138 '';
139 };
140 pids = lib.mkOption {
141 type = lib.types.attrsOf lib.types.path;
142 default = {
143 paster = "${cfg.socketsDir}/mediagoblin.pid";
144 celery = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
145 };
146 readOnly = true;
147 description = ''
148 Mediagoblin pid files
149 '';
150 };
151 };
152
153 config = lib.mkIf cfg.enable {
154 users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
155 inherit name;
156 inherit uid;
157 group = cfg.group;
158 description = "Mediagoblin user";
159 home = cfg.dataDir;
160 useDefaultShell = true;
161 });
162 users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
163 inherit name;
164 inherit gid;
165 });
166
167 systemd.services.mediagoblin-web = {
168 description = "Mediagoblin service";
169 wantedBy = [ "multi-user.target" ];
170 after = [ "network.target" ];
171 wants = [ "postgresql.service" "redis.service" ];
172
173 environment.SCRIPT_NAME = "/mediagoblin/";
174
175 script = ''
176 exec ./bin/paster serve \
177 ${paste_local} \
178 --pid-file=${cfg.pids.paster}
179 '';
180 preStop = ''
181 exec ./bin/paster serve \
182 --pid-file=${cfg.pids.paster} \
183 ${paste_local} stop
184 '';
185 preStart = ''
186 if [ -d ${cfg.dataDir}/plugin_static/ ]; then
187 rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
188 ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
189 fi
190 ./bin/gmg -cf ${cfg.configFile} dbupdate
191 '';
192
193 serviceConfig = {
194 User = cfg.user;
195 PrivateTmp = true;
196 Restart = "always";
197 TimeoutSec = 15;
198 Type = "simple";
199 WorkingDirectory = cfg.workdir;
200 RuntimeDirectory = cfg.systemdRuntimeDirectory;
201 StateDirectory= cfg.systemdStateDirectory;
202 PIDFile = cfg.pids.paster;
203 };
204
205 unitConfig.RequiresMountsFor = cfg.dataDir;
206 };
207
208 systemd.services.mediagoblin-celeryd = {
209 description = "Mediagoblin service";
210 wantedBy = [ "multi-user.target" ];
211 after = [ "network.target" "mediagoblin-web.service" ];
212
213 environment.MEDIAGOBLIN_CONFIG = cfg.configFile;
214 environment.CELERY_CONFIG_MODULE = "mediagoblin.init.celery.from_celery";
215
216 script = ''
217 exec ./bin/celery worker \
218 --logfile=${cfg.dataDir}/celery.log \
219 --loglevel=INFO
220 '';
221
222 serviceConfig = {
223 User = cfg.user;
224 PrivateTmp = true;
225 Restart = "always";
226 TimeoutSec = 60;
227 Type = "simple";
228 WorkingDirectory = cfg.workdir;
229 RuntimeDirectory = cfg.systemdRuntimeDirectory;
230 StateDirectory= cfg.systemdStateDirectory;
231 PIDFile = cfg.pids.celery;
232 };
233
234 unitConfig.RequiresMountsFor = cfg.dataDir;
235 };
236 };
237}