chore(ds-fr): Refactor module

This commit is contained in:
Tom Hubrecht 2023-10-04 14:35:32 +02:00
parent 8a905aa2d5
commit 6f136c5233

View file

@ -112,8 +112,86 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.demarches-simplifiees.settings =
(builtins.mapAttrs (_: mkDefault) { environment.systemPackages = [ ds-fr ];
systemd.tmpfiles.rules = [
"f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -"
"f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -"
"d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -"
"d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -"
];
systemd.services = {
ds-fr-setup = {
description = "Demarches Simplifiees setup";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bash ds-fr ];
after = [ "postgresql.service" ];
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
};
script = ''
[[ ! -f ${cfg.dataDir}/.initial-migration ]] \
&& ds-fr rails db:environment:set \
&& ds-fr rails db:schema:load \
&& ds-fr rails db:seed \
&& touch ${cfg.dataDir}/.initial-migration
ds-fr rake db:migrate
ds-fr rake after_party:run
'';
};
ds-fr-work = {
description = "Demarches Simplifiees work service";
wantedBy = [ "multi-user.target" "ds-fr.service" ];
after = [ "network.target" "ds-fr-setup.service" ];
requires = [ "ds-fr-setup.service" ];
serviceConfig = {
ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work";
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
User = cfg.user;
Group = cfg.group;
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
};
};
ds-fr = {
description = "Demarches Simplifiees web service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "ds-fr-setup.service" ];
requires = [ "ds-fr-setup.service" ];
serviceConfig = {
ExecStart = "${ds-fr}/bin/ds-fr rails server";
Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ];
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
User = cfg.user;
Group = cfg.group;
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
};
};
};
services = {
demarches-simplifiees.settings = (builtins.mapAttrs (_: mkDefault) {
RAILS_ENV = "production"; RAILS_ENV = "production";
RAILS_ROOT = builtins.toString cfg.package; RAILS_ROOT = builtins.toString cfg.package;
@ -279,94 +357,32 @@ in {
RAILS_LOG_TO_STDOUT = true; RAILS_LOG_TO_STDOUT = true;
}; };
environment.systemPackages = [ ds-fr ]; postgresql = {
enable = true;
systemd.tmpfiles.rules = [ ensureDatabases = [ "ds-fr" ];
"f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -"
"f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -"
"d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -"
"d '${cfg.dataDir}/storage' 0700 ${cfg.user} ${cfg.group} - -"
];
systemd.services = { ensureUsers = optional (cfg.user == "ds-fr") {
ds-fr-setup = { name = "ds-fr";
description = "Demarches Simplifiees setup"; ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; };
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bash ds-fr ];
after = [ "postgresql.service" ];
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
}; };
script = '' extraPlugins = with config.services.postgresql.package.pkgs;
[[ ! -f ${cfg.dataDir}/.initial-migration ]] \ [ postgis ];
&& ds-fr rails db:environment:set \
&& ds-fr rails db:schema:load \
&& ds-fr rails db:seed \
&& touch ${cfg.dataDir}/.initial-migration
ds-fr rake db:migrate
ds-fr rake after_party:run
'';
}; };
ds-fr-work = { nginx = {
description = "Demarches Simplifiees work service"; enable = true;
wantedBy = [ "multi-user.target" "ds-fr.service" ]; virtualHosts.${cfg.settings.APP_HOST} = {
after = [ "network.target" "ds-fr-setup.service" ]; enableACME = true;
requires = [ "ds-fr-setup.service" ]; forceSSL = true;
root = "${cfg.package}/public/";
serviceConfig = { locations."/".tryFiles = "$uri @proxy";
ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work"; locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; };
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
User = cfg.user;
Group = cfg.group;
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
}; };
}; };
ds-fr = {
description = "Demarches Simplifiees web service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "ds-fr-setup.service" ];
requires = [ "ds-fr-setup.service" ];
serviceConfig = {
ExecStart = "${ds-fr}/bin/ds-fr rails server";
Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ];
EnvironmentFile = [ env ]
++ (optional (cfg.secretFile != null) cfg.secretFile);
User = cfg.user;
Group = cfg.group;
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
};
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "ds-fr" ];
ensureUsers = optional (cfg.user == "ds-fr") {
name = "ds-fr";
ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; };
};
extraPlugins = with config.services.postgresql.package.pkgs; [ postgis ];
}; };
users.users = mkIf (cfg.user == "ds-fr") { users.users = mkIf (cfg.user == "ds-fr") {
@ -380,18 +396,5 @@ in {
users.groups.${cfg.group} = { }; users.groups.${cfg.group} = { };
services.nginx = {
enable = true;
virtualHosts.${cfg.settings.APP_HOST} = {
enableACME = true;
forceSSL = true;
root = "${cfg.package}/public/";
locations."/".tryFiles = "$uri @proxy";
locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; };
};
};
}; };
} }