1 files changed, 237 insertions, 0 deletions
diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix
new file mode 100644
index 00000000..78bbef6f
--- /dev/null
+++ b/modules/webapps/mediagoblin.nix
@@ -0,0 +1,237 @@
+{ lib, pkgs, config, ... }:
+let
+  name = "mediagoblin";
+  cfg = config.services.mediagoblin;
+  uid = config.ids.uids.mediagoblin;
+  gid = config.ids.gids.mediagoblin;
+  paste_local = pkgs.writeText "paste_local.ini" ''
+    [DEFAULT]
+    debug = false
+    [pipeline:main]
+    pipeline = mediagoblin
+    [app:mediagoblin]
+    use = egg:mediagoblin#app
+    config = ${cfg.configFile} ${cfg.workdir}/mediagoblin.ini
+    /mgoblin_static = ${cfg.workdir}/mediagoblin/static
+    [loggers]
+    keys = root
+    [handlers]
+    keys = console
+    [formatters]
+    keys = generic
+    [logger_root]
+    level = INFO
+    handlers = console
+    [handler_console]
+    class = StreamHandler
+    args = (sys.stderr,)
+    level = NOTSET
+    formatter = generic
+    [formatter_generic]
+    format = %(levelname)-7.7s [%(name)s] %(message)s
+    [filter:errors]
+    use = egg:mediagoblin#errors
+    debug = false
+    [server:main]
+    use = egg:waitress#main
+    unix_socket = ${cfg.sockets.paster}
+    unix_socket_perms = 777
+    url_scheme = https
+    '';
+in
+{
+  options.services.mediagoblin = {
+    enable = lib.mkEnableOption "Enable Mediagoblin’s service";
+    user = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "User account under which Mediagoblin runs";
+    };
+    group = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+      description = "Group under which Mediagoblin runs";
+    };
+    dataDir = lib.mkOption {
+      type = lib.types.path;
+      default = "/var/lib/${name}";
+      description = ''
+        The directory where Mediagoblin stores its data.
+      '';
+    };
+    socketsDir = lib.mkOption {
+      type = lib.types.path;
+      default = "/run/${name}";
+      description = ''
+        The directory where Mediagoblin puts runtime files and sockets.
+        '';
+    };
+    configFile = lib.mkOption {
+      type = lib.types.path;
+      description = ''
+        The configuration file path for Mediagoblin.
+        '';
+    };
+    package = lib.mkOption {
+      type = lib.types.package;
+      default = pkgs.webapps.mediagoblin;
+      description = ''
+        Mediagoblin package to use.
+        '';
+    };
+    plugins = lib.mkOption {
+      type = lib.types.listOf lib.types.package;
+      default = [];
+      description = ''
+        Mediagoblin plugins to use.
+        '';
+    };
+    # Output variables
+    workdir = lib.mkOption {
+      type = lib.types.package;
+      default = cfg.package.withPlugins cfg.plugins;
+      description = ''
+      Adjusted Mediagoblin package with plugins
+      '';
+      readOnly = true;
+    };
+    systemdStateDirectory = lib.mkOption {
+      type = lib.types.str;
+      # Use ReadWritePaths= instead if varDir is outside of /var/lib
+      default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
+        lib.strings.removePrefix "/var/lib/" cfg.dataDir;
+      description = ''
+      Adjusted Mediagoblin data directory for systemd
+      '';
+      readOnly = true;
+    };
+    systemdRuntimeDirectory = lib.mkOption {
+      type = lib.types.str;
+      # Use ReadWritePaths= instead if socketsDir is outside of /run
+      default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
+        lib.strings.removePrefix "/run/" cfg.socketsDir;
+      description = ''
+      Adjusted Mediagoblin sockets directory for systemd
+      '';
+      readOnly = true;
+    };
+    sockets = lib.mkOption {
+      type = lib.types.attrsOf lib.types.path;
+      default = {
+        paster = "${cfg.socketsDir}/mediagoblin.sock";
+      };
+      readOnly = true;
+      description = ''
+        Mediagoblin sockets
+        '';
+    };
+    pids = lib.mkOption {
+      type = lib.types.attrsOf lib.types.path;
+      default = {
+        paster = "${cfg.socketsDir}/mediagoblin.pid";
+        celery = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
+      };
+      readOnly = true;
+      description = ''
+        Mediagoblin pid files
+        '';
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
+      inherit name;
+      inherit uid;
+      group = cfg.group;
+      description = "Mediagoblin user";
+      home = cfg.dataDir;
+      useDefaultShell = true;
+    });
+    users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
+      inherit name;
+      inherit gid;
+    });
+    systemd.services.mediagoblin-web = {
+      description = "Mediagoblin service";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" ];
+      wants = [ "postgresql.service" "redis.service" ];
+      environment.SCRIPT_NAME = "/mediagoblin/";
+      script = ''
+        exec ./bin/paster serve \
+          ${paste_local} \
+          --pid-file=${cfg.pids.paster}
+        '';
+      preStop = ''
+        exec ./bin/paster serve \
+          --pid-file=${cfg.pids.paster} \
+          ${paste_local} stop
+        '';
+      preStart = ''
+        if [ -d ${cfg.dataDir}/plugin_static/ ]; then
+          rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+          ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
+        fi
+        ./bin/gmg -cf ${cfg.configFile} dbupdate
+        '';
+      serviceConfig = {
+        User = cfg.user;
+        PrivateTmp = true;
+        Restart = "always";
+        TimeoutSec = 15;
+        Type = "simple";
+        WorkingDirectory = cfg.workdir;
+        RuntimeDirectory = cfg.systemdRuntimeDirectory;
+        StateDirectory= cfg.systemdStateDirectory;
+        PIDFile = cfg.pids.paster;
+      };
+      unitConfig.RequiresMountsFor = cfg.dataDir;
+    };
+    systemd.services.mediagoblin-celeryd = {
+      description = "Mediagoblin service";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" "mediagoblin-web.service" ];
+      environment.MEDIAGOBLIN_CONFIG = cfg.configFile;
+      environment.CELERY_CONFIG_MODULE = "mediagoblin.init.celery.from_celery";
+      script = ''
+        exec ./bin/celery worker \
+          --logfile=${cfg.dataDir}/celery.log \
+          --loglevel=INFO
+        '';
+      serviceConfig = {
+        User = cfg.user;
+        PrivateTmp = true;
+        Restart = "always";
+        TimeoutSec = 60;
+        Type = "simple";
+        WorkingDirectory = cfg.workdir;
+        RuntimeDirectory = cfg.systemdRuntimeDirectory;
+        StateDirectory= cfg.systemdStateDirectory;
+        PIDFile = cfg.pids.celery;
+      };
+      unitConfig.RequiresMountsFor = cfg.dataDir;
+    };
+  };
+}

diff --git a/modules/webapps/mediagoblin.nix b/modules/webapps/mediagoblin.nix new file mode 100644 index 00000000..78bbef6f --- /dev/null +++ b/modules/webapps/mediagoblin.nix
@@ -0,0 +1,237 @@
	1	{ lib, pkgs, config, ... }:
	2	let
	3	name = "mediagoblin";
	4	cfg = config.services.mediagoblin;
	5
	6	uid = config.ids.uids.mediagoblin;
	7	gid = config.ids.gids.mediagoblin;
	8
	9	paste_local = pkgs.writeText "paste_local.ini" ''
	10	[DEFAULT]
	11	debug = false
	12
	13	[pipeline:main]
	14	pipeline = mediagoblin
	15
	16	[app:mediagoblin]
	17	use = egg:mediagoblin#app
	18	config = ${cfg.configFile} ${cfg.workdir}/mediagoblin.ini
	19	/mgoblin_static = ${cfg.workdir}/mediagoblin/static
	20
	21	[loggers]
	22	keys = root
	23
	24	[handlers]
	25	keys = console
	26
	27	[formatters]
	28	keys = generic
	29
	30	[logger_root]
	31	level = INFO
	32	handlers = console
	33
	34	[handler_console]
	35	class = StreamHandler
	36	args = (sys.stderr,)
	37	level = NOTSET
	38	formatter = generic
	39
	40	[formatter_generic]
	41	format = %(levelname)-7.7s [%(name)s] %(message)s
	42
	43	[filter:errors]
	44	use = egg:mediagoblin#errors
	45	debug = false
	46
	47	[server:main]
	48	use = egg:waitress#main
	49	unix_socket = ${cfg.sockets.paster}
	50	unix_socket_perms = 777
	51	url_scheme = https
	52	'';
	53	in
	54	{
	55	options.services.mediagoblin = {
	56	enable = lib.mkEnableOption "Enable Mediagoblin’s service";
	57	user = lib.mkOption {
	58	type = lib.types.str;
	59	default = name;
	60	description = "User account under which Mediagoblin runs";
	61	};
	62	group = lib.mkOption {
	63	type = lib.types.str;
	64	default = name;
	65	description = "Group under which Mediagoblin runs";
	66	};
	67	dataDir = lib.mkOption {
	68	type = lib.types.path;
	69	default = "/var/lib/${name}";
	70	description = ''
	71	The directory where Mediagoblin stores its data.
	72	'';
	73	};
	74	socketsDir = lib.mkOption {
	75	type = lib.types.path;
	76	default = "/run/${name}";
	77	description = ''
	78	The directory where Mediagoblin puts runtime files and sockets.
	79	'';
	80	};
	81	configFile = lib.mkOption {
	82	type = lib.types.path;
	83	description = ''
	84	The configuration file path for Mediagoblin.
	85	'';
	86	};
	87	package = lib.mkOption {
	88	type = lib.types.package;
	89	default = pkgs.webapps.mediagoblin;
	90	description = ''
	91	Mediagoblin package to use.
	92	'';
	93	};
	94	plugins = lib.mkOption {
	95	type = lib.types.listOf lib.types.package;
	96	default = [];
	97	description = ''
	98	Mediagoblin plugins to use.
	99	'';
	100	};
	101	# Output variables
	102	workdir = lib.mkOption {
	103	type = lib.types.package;
	104	default = cfg.package.withPlugins cfg.plugins;
	105	description = ''
	106	Adjusted Mediagoblin package with plugins
	107	'';
	108	readOnly = true;
	109	};
	110	systemdStateDirectory = lib.mkOption {
	111	type = lib.types.str;
	112	# Use ReadWritePaths= instead if varDir is outside of /var/lib
	113	default = assert lib.strings.hasPrefix "/var/lib/" cfg.dataDir;
	114	lib.strings.removePrefix "/var/lib/" cfg.dataDir;
	115	description = ''
	116	Adjusted Mediagoblin data directory for systemd
	117	'';
	118	readOnly = true;
	119	};
	120	systemdRuntimeDirectory = lib.mkOption {
	121	type = lib.types.str;
	122	# Use ReadWritePaths= instead if socketsDir is outside of /run
	123	default = assert lib.strings.hasPrefix "/run/" cfg.socketsDir;
	124	lib.strings.removePrefix "/run/" cfg.socketsDir;
	125	description = ''
	126	Adjusted Mediagoblin sockets directory for systemd
	127	'';
	128	readOnly = true;
	129	};
	130	sockets = lib.mkOption {
	131	type = lib.types.attrsOf lib.types.path;
	132	default = {
	133	paster = "${cfg.socketsDir}/mediagoblin.sock";
	134	};
	135	readOnly = true;
	136	description = ''
	137	Mediagoblin sockets
	138	'';
	139	};
	140	pids = lib.mkOption {
	141	type = lib.types.attrsOf lib.types.path;
	142	default = {
	143	paster = "${cfg.socketsDir}/mediagoblin.pid";
	144	celery = "${cfg.socketsDir}/mediagoblin-celeryd.pid";
	145	};
	146	readOnly = true;
	147	description = ''
	148	Mediagoblin pid files
	149	'';
	150	};
	151	};
	152
	153	config = lib.mkIf cfg.enable {
	154	users.users = lib.optionalAttrs (cfg.user == name) (lib.singleton {
	155	inherit name;
	156	inherit uid;
	157	group = cfg.group;
	158	description = "Mediagoblin user";
	159	home = cfg.dataDir;
	160	useDefaultShell = true;
	161	});
	162	users.groups = lib.optionalAttrs (cfg.group == name) (lib.singleton {
	163	inherit name;
	164	inherit gid;
	165	});
	166
	167	systemd.services.mediagoblin-web = {
	168	description = "Mediagoblin service";
	169	wantedBy = [ "multi-user.target" ];
	170	after = [ "network.target" ];
	171	wants = [ "postgresql.service" "redis.service" ];
	172
	173	environment.SCRIPT_NAME = "/mediagoblin/";
	174
	175	script = ''
	176	exec ./bin/paster serve \
	177	${paste_local} \
	178	--pid-file=${cfg.pids.paster}
	179	'';
	180	preStop = ''
	181	exec ./bin/paster serve \
	182	--pid-file=${cfg.pids.paster} \
	183	${paste_local} stop
	184	'';
	185	preStart = ''
	186	if [ -d ${cfg.dataDir}/plugin_static/ ]; then
	187	rm ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
	188	ln -sf ${cfg.workdir}/mediagoblin/plugins/basic_auth/static ${cfg.dataDir}/plugin_static/coreplugin_basic_auth
	189	fi
	190	./bin/gmg -cf ${cfg.configFile} dbupdate
	191	'';
	192
	193	serviceConfig = {
	194	User = cfg.user;
	195	PrivateTmp = true;
	196	Restart = "always";
	197	TimeoutSec = 15;
	198	Type = "simple";
	199	WorkingDirectory = cfg.workdir;
	200	RuntimeDirectory = cfg.systemdRuntimeDirectory;
	201	StateDirectory= cfg.systemdStateDirectory;
	202	PIDFile = cfg.pids.paster;
	203	};
	204
	205	unitConfig.RequiresMountsFor = cfg.dataDir;
	206	};
	207
	208	systemd.services.mediagoblin-celeryd = {
	209	description = "Mediagoblin service";
	210	wantedBy = [ "multi-user.target" ];
	211	after = [ "network.target" "mediagoblin-web.service" ];
	212
	213	environment.MEDIAGOBLIN_CONFIG = cfg.configFile;
	214	environment.CELERY_CONFIG_MODULE = "mediagoblin.init.celery.from_celery";
	215
	216	script = ''
	217	exec ./bin/celery worker \
	218	--logfile=${cfg.dataDir}/celery.log \
	219	--loglevel=INFO
	220	'';
	221
	222	serviceConfig = {
	223	User = cfg.user;
	224	PrivateTmp = true;
	225	Restart = "always";
	226	TimeoutSec = 60;
	227	Type = "simple";
	228	WorkingDirectory = cfg.workdir;
	229	RuntimeDirectory = cfg.systemdRuntimeDirectory;
	230	StateDirectory= cfg.systemdStateDirectory;
	231	PIDFile = cfg.pids.celery;
	232	};
	233
	234	unitConfig.RequiresMountsFor = cfg.dataDir;
	235	};
	236	};
	237	}