nix-module
This commit is contained in:
parent
4b95292b14
commit
9c8b772ecb
9 changed files with 128 additions and 27 deletions
|
@ -177,7 +177,7 @@ USE_TZ = True
|
||||||
|
|
||||||
STATIC_URL = "/static/"
|
STATIC_URL = "/static/"
|
||||||
|
|
||||||
STATIC_ROOT = "static/"
|
STATIC_ROOT = os.environ.get(f"{env_prefix}STATIC_ROOT", "static/")
|
||||||
|
|
||||||
# Default primary key field type
|
# Default primary key field type
|
||||||
# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
|
# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib , pythoncas, django, ldap, buildPythonPackage }:
|
{ lib, pythoncas, django, ldap, buildPythonPackage }:
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "authens";
|
pname = "authens";
|
||||||
version = "v0.1b5";
|
version = "v0.1b5";
|
26
provisioning/mkAssets.nix
Normal file
26
provisioning/mkAssets.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
{ pkgs, settings, source, app }:
|
||||||
|
let
|
||||||
|
manage-py-file = "${source}/${app}/manage.py";
|
||||||
|
static-assets = pkgs.callPackage ./static-assets.nix { inherit python managePy; envPrefix = "HACKENS_ORGA_"};
|
||||||
|
mkEnv = settings: let # make env file to source before using manage.py and other commands
|
||||||
|
lib = pkgs.lib;
|
||||||
|
mkVarVal = v: let
|
||||||
|
isHasAttr = s: isAttrs v && hasAttr s v;
|
||||||
|
in
|
||||||
|
if builtins.isString v then lib.escapeShellArg v
|
||||||
|
# NOTE: If any value contains a , (comma) this will not get escaped
|
||||||
|
else if builtins.isList v && any lib.strings.isCoercibleToString v then lib.escapeShellArg (concatMapStringsSep "," toString v)
|
||||||
|
else if builtins.isInt v then toString v
|
||||||
|
else if builtins.isBool v then toString (if v then 1 else 0)
|
||||||
|
else if isHasAttr "_file" then "$(cat ${lib.escapeShellArg v._file} | xargs)"
|
||||||
|
else if isHasAttr "_raw" then v._raw
|
||||||
|
else abort "The django conf value ${lib.generators.toPretty {} v} can not be encoded.";
|
||||||
|
in lib.concatStrinsSep "\n" (lib.mapAttrsToList (k: v: "export ${k}=${mkVarVal v}") settings);
|
||||||
|
envFile = mkEnv settings;
|
||||||
|
managePy = pkgs.writeScript "manage-${app}" ''
|
||||||
|
source ${envFile}
|
||||||
|
${python}/bin/python ${manage-py-file} $@
|
||||||
|
'';
|
||||||
|
{
|
||||||
|
inherit managePy static-assets envFile source;
|
||||||
|
}
|
63
provisioning/module.nix
Normal file
63
provisioning/module.nix
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
{ pkgs, lib, config }:
|
||||||
|
let
|
||||||
|
app = "hackens-orga";
|
||||||
|
cfg = config.services.django.${app};
|
||||||
|
assets = import ./mk-assets.nix {
|
||||||
|
inherit pkgs app;
|
||||||
|
settings = cfg.settings;
|
||||||
|
source = cfg.src;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
|
||||||
|
options = {
|
||||||
|
services.django.${app} = {
|
||||||
|
settings = lib.mkOption {
|
||||||
|
type = with lib.types; attrsOf anything;
|
||||||
|
default = {};
|
||||||
|
description = ''
|
||||||
|
Configuration for django ${app}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
src = lib.mkOption {
|
||||||
|
type = lib.types.package;
|
||||||
|
description = lib.mdDoc "Which DokuWiki package to use.";
|
||||||
|
};
|
||||||
|
port = lib.mkOption {
|
||||||
|
type = lib.types.port;
|
||||||
|
default = 51666;
|
||||||
|
};
|
||||||
|
processes = lib.mkOption {
|
||||||
|
type = lib.types.int;
|
||||||
|
default = 2;
|
||||||
|
};
|
||||||
|
threads = lib.mkOption {
|
||||||
|
type = lib.types.int;
|
||||||
|
default = 2;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
systemd.services.${user} = {
|
||||||
|
description = "${name} django service";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = user;
|
||||||
|
};
|
||||||
|
script = ''
|
||||||
|
source ${assets.envFile}
|
||||||
|
${assets.managePy} migrate
|
||||||
|
${python}/bin/gunicorn ${app}.wsgi \
|
||||||
|
--pythonpath ${cfg.src}/${app} \
|
||||||
|
-b 127.0.0.1:${toString cfg.port} \
|
||||||
|
--workers=${toString cfg.processes} \
|
||||||
|
--threads=${toString cfg.threads}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
users.users."django-${app}" = {
|
||||||
|
isSystemUser = true;
|
||||||
|
group = "django-${app}";
|
||||||
|
};
|
||||||
|
users.groups."django-${app}" = {};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib , requests, lxml, six, buildPythonPackage , fetchFromGitHub }:
|
{ lib, requests, lxml, six, buildPythonPackage, fetchFromGitHub }:
|
||||||
buildPythonPackage rec {
|
buildPythonPackage rec {
|
||||||
pname = "python-cas";
|
pname = "python-cas";
|
||||||
version = "1.6.0";
|
version = "1.6.0";
|
19
provisioning/python.nix
Normal file
19
provisioning/python.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{ pkgs ? import ../nix { }, debug ? false }:
|
||||||
|
let
|
||||||
|
python = pkgs.python310.override {
|
||||||
|
packageOverrides = self: super: {
|
||||||
|
django = super.django_4;
|
||||||
|
authens = self.callPackage ./authens.nix { };
|
||||||
|
pythoncas = self.callPackage ./python-cas.nix { };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
python.withPackages (ps: [
|
||||||
|
ps.django
|
||||||
|
ps.djangorestframework
|
||||||
|
ps.authens
|
||||||
|
] ++ pkgs.lib.optionals debug [
|
||||||
|
ps.django-debug-toolbar
|
||||||
|
ps.black
|
||||||
|
ps.isort
|
||||||
|
])
|
6
provisioning/shell.nix
Normal file
6
provisioning/shell.nix
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
{ pkgs ? import ../nix { } }:
|
||||||
|
pkgs.mkShell {
|
||||||
|
buildInputs = [
|
||||||
|
(import ./python.nix { inherit pkgs; debug = true; })
|
||||||
|
];
|
||||||
|
}
|
10
provisioning/static-assets.nix
Normal file
10
provisioning/static-assets.nix
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{ python, managePy, envPrefix ? ""}:
|
||||||
|
pkgs.runCommand "${name}-static" { buildInputs = [ src python ]; } ''
|
||||||
|
mkdir $out
|
||||||
|
export ${envPrefix}SECRET_KEY="collectstatic"
|
||||||
|
export ${envPrefix}STATIC_ROOT=$out
|
||||||
|
export ${envPrefix}DEBUG=0
|
||||||
|
export ${envPrefix}ALLOWED_HOSTS=
|
||||||
|
export ${envPrefix}DB_FILE=
|
||||||
|
${managePy} collectstatic
|
||||||
|
''
|
24
shell.nix
24
shell.nix
|
@ -1,24 +0,0 @@
|
||||||
{ pkgs ? import ./nix {} }:
|
|
||||||
let
|
|
||||||
python = pkgs.python310.override {
|
|
||||||
packageOverrides = self: super: {
|
|
||||||
django = super.django_4;
|
|
||||||
authens = self.callPackage ./authens.nix {};
|
|
||||||
pythoncas = self.callPackage ./python-cas.nix {};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
pkgs.mkShell {
|
|
||||||
buildInputs = [
|
|
||||||
(python.withPackages (ps: [
|
|
||||||
ps.django
|
|
||||||
ps.black
|
|
||||||
ps.isort
|
|
||||||
ps.djangorestframework
|
|
||||||
ps.django-debug-toolbar
|
|
||||||
ps.authens
|
|
||||||
# (ps.django-extensions.override { inherit django; })
|
|
||||||
# ps.django-compressor
|
|
||||||
]))
|
|
||||||
];
|
|
||||||
}
|
|
1
shell.nix
Symbolic link
1
shell.nix
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
provisioning/shell.nix
|
Loading…
Reference in a new issue