Compare commits
2 commits
8d5dfb66e3
...
6f136c5233
Author | SHA1 | Date | |
---|---|---|---|
|
6f136c5233 | ||
|
8a905aa2d5 |
2 changed files with 104 additions and 98 deletions
|
@ -112,8 +112,86 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
services.demarches-simplifiees.settings =
|
|
||||||
(builtins.mapAttrs (_: mkDefault) {
|
environment.systemPackages = [ ds-fr ];
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -"
|
||||||
|
"d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -"
|
||||||
|
"d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services = {
|
||||||
|
ds-fr-setup = {
|
||||||
|
description = "Demarches Simplifiees setup";
|
||||||
|
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
path = [ pkgs.bash ds-fr ];
|
||||||
|
after = [ "postgresql.service" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
User = cfg.user;
|
||||||
|
Group = cfg.group;
|
||||||
|
EnvironmentFile = [ env ]
|
||||||
|
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||||
|
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||||
|
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||||
|
};
|
||||||
|
|
||||||
|
script = ''
|
||||||
|
[[ ! -f ${cfg.dataDir}/.initial-migration ]] \
|
||||||
|
&& ds-fr rails db:environment:set \
|
||||||
|
&& ds-fr rails db:schema:load \
|
||||||
|
&& ds-fr rails db:seed \
|
||||||
|
&& touch ${cfg.dataDir}/.initial-migration
|
||||||
|
|
||||||
|
ds-fr rake db:migrate
|
||||||
|
ds-fr rake after_party:run
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
ds-fr-work = {
|
||||||
|
description = "Demarches Simplifiees work service";
|
||||||
|
|
||||||
|
wantedBy = [ "multi-user.target" "ds-fr.service" ];
|
||||||
|
after = [ "network.target" "ds-fr-setup.service" ];
|
||||||
|
requires = [ "ds-fr-setup.service" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work";
|
||||||
|
EnvironmentFile = [ env ]
|
||||||
|
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||||
|
User = cfg.user;
|
||||||
|
Group = cfg.group;
|
||||||
|
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||||
|
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
ds-fr = {
|
||||||
|
description = "Demarches Simplifiees web service";
|
||||||
|
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" "ds-fr-setup.service" ];
|
||||||
|
requires = [ "ds-fr-setup.service" ];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${ds-fr}/bin/ds-fr rails server";
|
||||||
|
Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ];
|
||||||
|
EnvironmentFile = [ env ]
|
||||||
|
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||||
|
User = cfg.user;
|
||||||
|
Group = cfg.group;
|
||||||
|
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||||
|
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
demarches-simplifiees.settings = (builtins.mapAttrs (_: mkDefault) {
|
||||||
RAILS_ENV = "production";
|
RAILS_ENV = "production";
|
||||||
RAILS_ROOT = builtins.toString cfg.package;
|
RAILS_ROOT = builtins.toString cfg.package;
|
||||||
|
|
||||||
|
@ -279,84 +357,7 @@ in {
|
||||||
RAILS_LOG_TO_STDOUT = true;
|
RAILS_LOG_TO_STDOUT = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = [ ds-fr ];
|
postgresql = {
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -"
|
|
||||||
"f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -"
|
|
||||||
"d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -"
|
|
||||||
"d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -"
|
|
||||||
];
|
|
||||||
|
|
||||||
systemd.services = {
|
|
||||||
ds-fr-setup = {
|
|
||||||
description = "Demarches Simplifiees setup";
|
|
||||||
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
path = [ pkgs.bash ds-fr ];
|
|
||||||
after = [ "postgresql.service" ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
User = cfg.user;
|
|
||||||
Group = cfg.group;
|
|
||||||
EnvironmentFile = [ env ]
|
|
||||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
|
||||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
|
||||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
|
||||||
};
|
|
||||||
|
|
||||||
script = ''
|
|
||||||
[[ ! -f ${cfg.dataDir}/.initial-migration ]] \
|
|
||||||
&& ds-fr rails db:environment:set \
|
|
||||||
&& ds-fr rails db:schema:load \
|
|
||||||
&& ds-fr rails db:seed \
|
|
||||||
&& touch ${cfg.dataDir}/.initial-migration
|
|
||||||
|
|
||||||
ds-fr rake db:migrate
|
|
||||||
ds-fr rake after_party:run
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
ds-fr-work = {
|
|
||||||
description = "Demarches Simplifiees work service";
|
|
||||||
|
|
||||||
wantedBy = [ "multi-user.target" "ds-fr.service" ];
|
|
||||||
after = [ "network.target" "ds-fr-setup.service" ];
|
|
||||||
requires = [ "ds-fr-setup.service" ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work";
|
|
||||||
EnvironmentFile = [ env ]
|
|
||||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
|
||||||
User = cfg.user;
|
|
||||||
Group = cfg.group;
|
|
||||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
|
||||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
ds-fr = {
|
|
||||||
description = "Demarches Simplifiees web service";
|
|
||||||
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [ "network.target" "ds-fr-setup.service" ];
|
|
||||||
requires = [ "ds-fr-setup.service" ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${ds-fr}/bin/ds-fr rails server";
|
|
||||||
Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ];
|
|
||||||
EnvironmentFile = [ env ]
|
|
||||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
|
||||||
User = cfg.user;
|
|
||||||
Group = cfg.group;
|
|
||||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
|
||||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.postgresql = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
ensureDatabases = [ "ds-fr" ];
|
ensureDatabases = [ "ds-fr" ];
|
||||||
|
@ -366,7 +367,22 @@ in {
|
||||||
ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; };
|
ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; };
|
||||||
};
|
};
|
||||||
|
|
||||||
extraPlugins = with config.services.postgresql.package.pkgs; [ postgis ];
|
extraPlugins = with config.services.postgresql.package.pkgs;
|
||||||
|
[ postgis ];
|
||||||
|
};
|
||||||
|
|
||||||
|
nginx = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
virtualHosts.${cfg.settings.APP_HOST} = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
root = "${cfg.package}/public/";
|
||||||
|
|
||||||
|
locations."/".tryFiles = "$uri @proxy";
|
||||||
|
locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; };
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users = mkIf (cfg.user == "ds-fr") {
|
users.users = mkIf (cfg.user == "ds-fr") {
|
||||||
|
@ -380,18 +396,5 @@ in {
|
||||||
|
|
||||||
users.groups.${cfg.group} = { };
|
users.groups.${cfg.group} = { };
|
||||||
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
virtualHosts.${cfg.settings.APP_HOST} = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
root = "${cfg.package}/public/";
|
|
||||||
|
|
||||||
locations."/".tryFiles = "$uri @proxy";
|
|
||||||
locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
/*
|
/* To add a new member add an attribute to `members`
|
||||||
To add a new member add an attribute to `members`
|
Then add the key to the required groups.
|
||||||
Then add the key to the required groups.
|
|
||||||
*/
|
*/
|
||||||
let
|
let
|
||||||
members = {
|
members = {
|
||||||
|
@ -18,6 +17,11 @@ let
|
||||||
name = "Ryan Lahfa";
|
name = "Ryan Lahfa";
|
||||||
email = "ryan@dgnum.eu";
|
email = "ryan@dgnum.eu";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
jemagius = {
|
||||||
|
name = "Jean-Marc Gailis";
|
||||||
|
email = "jm@dgnum.eu";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
groups = {
|
groups = {
|
||||||
|
@ -32,6 +36,5 @@ let
|
||||||
|
|
||||||
bureau = [ "gdd" ];
|
bureau = [ "gdd" ];
|
||||||
};
|
};
|
||||||
in
|
|
||||||
|
|
||||||
{ inherit groups members; }
|
in { inherit groups members; }
|
||||||
|
|
Loading…
Reference in a new issue