diff --git a/machines/compute01/ds-fr/module.nix b/machines/compute01/ds-fr/module.nix index d200cbf..96fe4d5 100644 --- a/machines/compute01/ds-fr/module.nix +++ b/machines/compute01/ds-fr/module.nix @@ -112,8 +112,86 @@ in { }; config = mkIf cfg.enable { - services.demarches-simplifiees.settings = - (builtins.mapAttrs (_: mkDefault) { + + environment.systemPackages = [ ds-fr ]; + + systemd.tmpfiles.rules = [ + "f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -" + "f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -" + "d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -" + "d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -" + ]; + + systemd.services = { + ds-fr-setup = { + description = "Demarches Simplifiees setup"; + + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.bash ds-fr ]; + after = [ "postgresql.service" ]; + + serviceConfig = { + Type = "oneshot"; + User = cfg.user; + Group = cfg.group; + EnvironmentFile = [ env ] + ++ (optional (cfg.secretFile != null) cfg.secretFile); + StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; + LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; + }; + + script = '' + [[ ! -f ${cfg.dataDir}/.initial-migration ]] \ + && ds-fr rails db:environment:set \ + && ds-fr rails db:schema:load \ + && ds-fr rails db:seed \ + && touch ${cfg.dataDir}/.initial-migration + + ds-fr rake db:migrate + ds-fr rake after_party:run + ''; + }; + + ds-fr-work = { + description = "Demarches Simplifiees work service"; + + wantedBy = [ "multi-user.target" "ds-fr.service" ]; + after = [ "network.target" "ds-fr-setup.service" ]; + requires = [ "ds-fr-setup.service" ]; + + serviceConfig = { + ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work"; + EnvironmentFile = [ env ] + ++ (optional (cfg.secretFile != null) cfg.secretFile); + User = cfg.user; + Group = cfg.group; + StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; + LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; + }; + }; + + ds-fr = { + description = "Demarches Simplifiees web service"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" "ds-fr-setup.service" ]; + requires = [ "ds-fr-setup.service" ]; + + serviceConfig = { + ExecStart = "${ds-fr}/bin/ds-fr rails server"; + Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ]; + EnvironmentFile = [ env ] + ++ (optional (cfg.secretFile != null) cfg.secretFile); + User = cfg.user; + Group = cfg.group; + StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; + LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; + }; + }; + }; + + services = { + demarches-simplifiees.settings = (builtins.mapAttrs (_: mkDefault) { RAILS_ENV = "production"; RAILS_ROOT = builtins.toString cfg.package; @@ -279,94 +357,32 @@ in { RAILS_LOG_TO_STDOUT = true; }; - environment.systemPackages = [ ds-fr ]; + postgresql = { + enable = true; - systemd.tmpfiles.rules = [ - "f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -" - "f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -" - "d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -" - "d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -" - ]; + ensureDatabases = [ "ds-fr" ]; - systemd.services = { - ds-fr-setup = { - description = "Demarches Simplifiees setup"; - - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.bash ds-fr ]; - after = [ "postgresql.service" ]; - - serviceConfig = { - Type = "oneshot"; - User = cfg.user; - Group = cfg.group; - EnvironmentFile = [ env ] - ++ (optional (cfg.secretFile != null) cfg.secretFile); - StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; - LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; + ensureUsers = optional (cfg.user == "ds-fr") { + name = "ds-fr"; + ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; }; }; - script = '' - [[ ! -f ${cfg.dataDir}/.initial-migration ]] \ - && ds-fr rails db:environment:set \ - && ds-fr rails db:schema:load \ - && ds-fr rails db:seed \ - && touch ${cfg.dataDir}/.initial-migration - - ds-fr rake db:migrate - ds-fr rake after_party:run - ''; + extraPlugins = with config.services.postgresql.package.pkgs; + [ postgis ]; }; - ds-fr-work = { - description = "Demarches Simplifiees work service"; + nginx = { + enable = true; - wantedBy = [ "multi-user.target" "ds-fr.service" ]; - after = [ "network.target" "ds-fr-setup.service" ]; - requires = [ "ds-fr-setup.service" ]; + virtualHosts.${cfg.settings.APP_HOST} = { + enableACME = true; + forceSSL = true; + root = "${cfg.package}/public/"; - serviceConfig = { - ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work"; - EnvironmentFile = [ env ] - ++ (optional (cfg.secretFile != null) cfg.secretFile); - User = cfg.user; - Group = cfg.group; - StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; - LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; + locations."/".tryFiles = "$uri @proxy"; + locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; }; }; }; - - ds-fr = { - description = "Demarches Simplifiees web service"; - - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "ds-fr-setup.service" ]; - requires = [ "ds-fr-setup.service" ]; - - serviceConfig = { - ExecStart = "${ds-fr}/bin/ds-fr rails server"; - Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ]; - EnvironmentFile = [ env ] - ++ (optional (cfg.secretFile != null) cfg.secretFile); - User = cfg.user; - Group = cfg.group; - StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr"; - LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr"; - }; - }; - }; - - services.postgresql = { - enable = true; - - ensureDatabases = [ "ds-fr" ]; - - ensureUsers = optional (cfg.user == "ds-fr") { - name = "ds-fr"; - ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; }; - }; - - extraPlugins = with config.services.postgresql.package.pkgs; [ postgis ]; }; users.users = mkIf (cfg.user == "ds-fr") { @@ -380,18 +396,5 @@ in { users.groups.${cfg.group} = { }; - services.nginx = { - enable = true; - - virtualHosts.${cfg.settings.APP_HOST} = { - enableACME = true; - forceSSL = true; - root = "${cfg.package}/public/"; - - locations."/".tryFiles = "$uri @proxy"; - locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; }; - }; - }; - }; }