2023-09-19 17:53:44 +01:00
|
|
|
{
|
|
|
|
self,
|
|
|
|
config,
|
|
|
|
...
|
|
|
|
}: let
|
2023-09-20 18:44:24 +01:00
|
|
|
clusterConfig = import "${self}/data/piped/pipedClusterConfig.nix";
|
2023-09-19 17:53:44 +01:00
|
|
|
inherit (clusterConfig) hosts ports;
|
|
|
|
|
|
|
|
currentHostName = config.networking.hostName;
|
|
|
|
currentHostConfig = hosts.${currentHostName};
|
|
|
|
|
|
|
|
baseDomain = currentHostConfig.baseDomain;
|
|
|
|
in {
|
|
|
|
systemd.coredump.enable = true;
|
|
|
|
|
|
|
|
services.piped = {
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
frontend = {
|
|
|
|
domain = "${baseDomain}";
|
|
|
|
|
|
|
|
nginx = {
|
|
|
|
forceSSL = false;
|
|
|
|
enableACME = false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
backend = {
|
|
|
|
domain = "backend.${baseDomain}";
|
|
|
|
internalPort = ports.internalPipedBackend;
|
|
|
|
|
|
|
|
nginx = {
|
|
|
|
forceSSL = false;
|
|
|
|
enableACME = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
settings = {
|
|
|
|
disableRegistrations = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
database = {
|
|
|
|
disablePostgresDB = true;
|
|
|
|
name = "piped";
|
|
|
|
username = "piped";
|
|
|
|
passwordFile = builtins.toFile "password-file" "piped";
|
|
|
|
host = "127.0.0.1";
|
|
|
|
port = ports.cockroachDB;
|
|
|
|
dialect = "org.hibernate.dialect.CockroachDialect";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
proxy = {
|
|
|
|
domain = "proxy.${baseDomain}";
|
|
|
|
internalPort = ports.internalPipedProxy;
|
|
|
|
|
|
|
|
nginx = {
|
|
|
|
forceSSL = false;
|
|
|
|
enableACME = false;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
"d /var/sockets - nginx nginx"
|
|
|
|
];
|
|
|
|
|
|
|
|
systemd.services.nginx = {
|
|
|
|
serviceConfig.ReadWritePaths = [
|
|
|
|
"/var/sockets"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.services.piped-backend = {
|
|
|
|
after = ["network.target" "cockroachdb.service" "haproxy.service"];
|
|
|
|
wants = ["network.target" "cockroachdb.service" "haproxy.service"];
|
|
|
|
};
|
|
|
|
|
|
|
|
services.nginx.virtualHosts = let
|
|
|
|
componentPath = component: "/var/sockets/piped-${component}.sock";
|
|
|
|
in {
|
|
|
|
"${baseDomain}" = {
|
|
|
|
listen = [
|
|
|
|
{
|
|
|
|
addr = "127.0.0.1";
|
|
|
|
port = 8091;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
extraConfig = "listen unix:${componentPath "frontend"};";
|
|
|
|
};
|
|
|
|
|
|
|
|
"backend.${baseDomain}" = {
|
|
|
|
extraConfig = "listen unix:${componentPath "backend"};";
|
|
|
|
listen = [
|
|
|
|
{
|
|
|
|
addr = "127.0.0.1";
|
|
|
|
port = 8092;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
"proxy.${baseDomain}" = {
|
|
|
|
extraConfig = "listen unix:${componentPath "proxy"};";
|
|
|
|
listen = [
|
|
|
|
{
|
|
|
|
addr = "127.0.0.1";
|
|
|
|
port = 8093;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|