nixos-config/config/services/moa/default.nix

78 lines
1.8 KiB
Nix
Raw Normal View History

2022-11-02 15:53:13 +00:00
{
pkgs,
lib,
2022-11-02 16:30:45 +00:00
...
2022-11-02 15:53:13 +00:00
}: {
systemd.services = {
moa-app = {
description = "Moa web app";
after = ["network.target"];
wantedBy = ["multi-user.target"];
environment = {
2022-11-02 16:40:25 +00:00
PYTHONPATH = toString ./.;
2022-11-02 17:57:12 +00:00
MOA_CONFIG = "ProductionConfig";
2022-11-02 15:53:13 +00:00
};
serviceConfig = {
Type = "simple";
User = "moa";
Group = "moa";
ExecStart = "${pkgs.moa}/start-app.sh";
Restart = "always";
};
};
moa-worker = {
description = "Moa worker";
environment = {
2022-11-02 16:59:57 +00:00
PYTHONPATH = toString ./.;
2022-11-02 17:57:12 +00:00
MOA_CONFIG = "ProductionConfig";
2022-11-02 15:53:13 +00:00
};
serviceConfig = {
2022-11-03 15:18:58 +00:00
Type = "oneshot";
2022-11-02 15:53:13 +00:00
User = "moa";
Group = "moa";
ExecStart = "${pkgs.moa}/start-worker.sh";
};
};
};
2022-11-03 12:28:39 +00:00
systemd.timers.moa-worker = {
description = "Moa worker";
after = ["network.target"];
wantedBy = ["multi-user.target"];
requires = ["moa-worker.service"];
timerConfig = {
OnUnitActiveSec = 300;
RandomizedDelaySec = 60;
};
};
2022-11-02 15:53:13 +00:00
users.users.moa = {
description = "Moa";
useDefaultShell = true;
group = "moa";
isSystemUser = true;
};
users.groups.moa = {};
services.postgresql.ensureDatabases = [
"moa"
];
services.postgresql.ensureUsers = [
{
name = "moa";
ensurePermissions = {
"DATABASE moa" = "ALL PRIVILEGES";
};
}
];
services.caddy.virtualHosts."moa.int.chir.rs" = {
useACMEHost = "int.chir.rs";
extraConfig = ''
import baseConfig
2022-11-05 10:14:30 +00:00
reverse_proxy http://localhost:5000 {
header_up Host "moa.chir.rs"
}
2022-11-02 15:53:13 +00:00
'';
};
sops.secrets."services/moa/secret".owner = "moa";
sops.secrets."services/moa/twitter_consumer_key".owner = "moa";
sops.secrets."services/moa/twitter_consumer_secret".owner = "moa";
}