diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index 04eecbd..236cd8f 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -9,6 +9,7 @@ [ # Include the results of the hardware scan. ./hardware-configuration.nix ./homu/nixos-module.nix + ./notifico/nixos-module.nix ]; # Use the systemd-boot EFI boot loader. @@ -226,6 +227,11 @@ ACTION=="add", SUBSYSTEM=="tty", \ uwsgi_pass unix:${config.services.uwsgi.runDir}/uwsgi.sock; } ''; + "notifico.m-labs.hk" = { + forceSSL = true; + useACMEHost = "notifico.m-labs.hk"; + locations."/".proxyPass = "http://127.0.0.1:5000"; + }; }; }; }; @@ -245,6 +251,16 @@ ACTION=="add", SUBSYSTEM=="tty", \ config = "/etc/nixos/secret/homu.toml"; }; + services.notifico = { + enable = true; + config = "/etc/nixos/secret/notifico.py"; + }; + # Required by notifico + services.redis = { + enable = true; + bind = "127.0.0.1"; + }; + # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you diff --git a/nixbld-etc-nixos/notifico/nixos-module.nix b/nixbld-etc-nixos/notifico/nixos-module.nix new file mode 100644 index 0000000..361ee73 --- /dev/null +++ b/nixbld-etc-nixos/notifico/nixos-module.nix @@ -0,0 +1,83 @@ +{ config, pkgs, lib, ... }: +with lib; +let + notifico = (pkgs.callPackage ./pkg.nix {}) + .overrideAttrs (attrs: { + buildInputs = attrs.buildInputs ++ [ pkgs.makeWrapper ]; + # Extend the module path so that local_config.py can be found + postInstall = '' + ${attrs.postInstall} + + wrapProgram $out/bin/notifico \ + --set PYTHONPATH "$${PYTHONPATH}:${cfg.dbDir}" + ''; + }); + cfg = config.services.notifico; +in + +{ + options.services.notifico = { + enable = mkOption { + type = types.bool; + default = false; + description = "Enable the commit notification service"; + }; + dbDir = mkOption { + type = types.str; + default = "/var/db/notifico"; + description = "Home directory and location of the database file"; + }; + config = mkOption { + description = "Path to local_config.py, https://github.com/notifico/notifico/raw/master/notifico/config.py"; + type = types.str; + }; + }; + + config = mkIf cfg.enable { + users.users.notifico = { + group = "notifico"; + home = cfg.dbDir; + createHome = true; + }; + users.groups.notifico = {}; + + systemd.services = + let + User = "notifico"; + Group = "notifico"; + WorkingDirectory = "${cfg.dbDir}"; + ExecStartPre = [ + "${pkgs.coreutils}/bin/rm -f local_config.pyc" + "${pkgs.coreutils}/bin/ln -sf ${cfg.config} local_config.py" + ]; + + notifico-init = { + description = "Notifico initialization"; + serviceConfig = { + inherit User Group WorkingDirectory ExecStartPre; + Type = "oneshot"; + ExecStart = "${notifico}/bin/notifico init"; + }; + }; + notificoService = component: { + description = "Notifico ${component}"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" "notifico-init.service" ]; + requires = [ "notifico-init.service" ]; + serviceConfig = { + inherit User Group WorkingDirectory ExecStartPre; + Type = "simple"; + ExecStart = "${notifico}/bin/notifico ${component}"; + + Restart = "always"; + RestartSec = "5sec"; + }; + }; + in { + inherit notifico-init; + notifico-www = notificoService "www"; + notifico-worker = notificoService "worker"; + notifico-bots = notificoService "bots"; + }; + }; +} diff --git a/nixbld-etc-nixos/notifico/pkg.nix b/nixbld-etc-nixos/notifico/pkg.nix index 3887806..8f47953 100644 --- a/nixbld-etc-nixos/notifico/pkg.nix +++ b/nixbld-etc-nixos/notifico/pkg.nix @@ -97,8 +97,10 @@ in mkdir $out/bin cat << EOF > $out/bin/notifico #!${python2}/bin/python + import sys + from notifico.__main__ import main - import notifico + sys.exit(main(sys.argv)) EOF chmod +x $out/bin/notifico '';