From 042bc8b53c34c13d322ef8bfedb31fee98cd7f02 Mon Sep 17 00:00:00 2001 From: Xe Date: Sat, 26 Mar 2022 16:16:34 +0000 Subject: [PATCH] add basic nixos module Signed-off-by: Xe --- flake.nix | 89 +++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 63 insertions(+), 26 deletions(-) diff --git a/flake.nix b/flake.nix index 3001154..d242971 100644 --- a/flake.nix +++ b/flake.nix @@ -21,26 +21,25 @@ }; version = builtins.substring 0 8 self.lastModifiedDate; in { - defaultPackage = pkgs.buildGoModule { - pname = "web-server"; - inherit version; - src = ./.; - - # This hash locks the dependencies of this package. It is - # necessary because of how Go requires network access to resolve - # VCS. See https://www.tweag.io/blog/2021-03-04-gomod2nix/ for - # details. Normally one can build with a fake sha256 and rely on native Go - # mechanisms to tell you what the hash should be or determine what - # it should be "out-of-band" with other tooling (eg. gomod2nix). - # To begin with it is recommended to set this, but one must - # remeber to bump this hash when your dependencies change. - #vendorSha256 = pkgs.lib.fakeSha256; - vendorSha256 = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo="; - }; - packages = { - docker = let - web = self.defaultPackage.${system}; + default = pkgs.buildGoModule { + pname = "web-server"; + inherit version; + src = ./.; + + # This hash locks the dependencies of this package. It is + # necessary because of how Go requires network access to resolve + # VCS. See https://www.tweag.io/blog/2021-03-04-gomod2nix/ for + # details. Normally one can build with a fake sha256 and rely on native Go + # mechanisms to tell you what the hash should be or determine what + # it should be "out-of-band" with other tooling (eg. gomod2nix). + # To begin with it is recommended to set this, but one must + # remeber to bump this hash when your dependencies change. + #vendorSha256 = pkgs.lib.fakeSha256; + vendorSha256 = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo="; + }; + + docker = let web = self.packages.${system}.default; in pkgs.dockerTools.buildLayeredImage { name = web.pname; tag = web.version; @@ -55,10 +54,9 @@ web-service = pkgs.substituteAll { name = "web-server.service"; src = ./systemd/web-server.service.in; - web = self.defaultPackage.${system}; + web = self.packages.${system}.default; }; - portable = let - web = self.defaultPackage.${system}; + portable = let web = self.packages.${system}.default; in pkgs.portableService { inherit (web) version; name = web.pname; @@ -67,11 +65,50 @@ }; }; - defaultApp = utils.lib.mkApp { - drv = self.defaultPackage.${system}; - }; + nixosModule = { config, lib, pkgs, ... }: + with lib; + let cfg = config.xeserv.services.gohello-http; + in { + options.xeserv.services.gohello-http = { + enable = mkEnableOption "Enables the gohello HTTP service"; - devShell = pkgs.mkShell { + domain = mkOption rec { + type = types.str; + default = "gohello.local.cetacean.club"; + example = default; + description = "The domain name for gohello"; + }; + }; + + config = mkIf cfg.enable { + systemd.services."xeserv.gohello" = { + wantedBy = [ "multi-user.target" ]; + + serviceConfig = let pkg = self.packages.${system}.default; + in { + Restart = "on-failure"; + ExecStart = "${pkg}/bin/web-server"; + DynamicUser = "yes"; + RuntimeDirectory = "xeserv.gohello"; + RuntimeDirectoryMode = "0755"; + StateDirectory = "xeserv.gohello"; + StateDirectoryMode = "0700"; + CacheDirectory = "xeserv.gohello"; + CacheDirectoryMode = "0750"; + }; + }; + + services.nginx.virtualHosts.${cfg.domain} = { + locations."/" = { + proxyPass = "http://127.0.0.1:3031"; + }; + }; + }; + }; + + defaultApp = utils.lib.mkApp { drv = self.defaultPackage.${system}; }; + + devShells.default = pkgs.mkShell { buildInputs = with pkgs; [ go gopls goimports go-tools ]; }; });