WIP: Create a vm with systemd services to run erpnext

This commit is contained in:
Akshay Mankar 2023-06-03 19:31:46 +02:00
parent 779d1ad5d9
commit 2bcd75eb09
Signed by: axeman
GPG key ID: CA08F3AB62369B89
2 changed files with 160 additions and 22 deletions

View file

@ -9,17 +9,15 @@
};
outputs = {nixpkgs, flake-utils, pip2nix, ...}:
flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs {
pkgs = system: import nixpkgs {
inherit system;
overlays = [
(import ./python-overlay.nix)
(import ./overlay.nix)
];
};
in rec {
packages = {
packages = flake-utils.lib.eachDefaultSystem (system: rec {
devEnv = pkgs.buildEnv {
name = "erpnext-nix-dev-env";
paths = [
@ -32,6 +30,14 @@
erpnext = pkgs.python3.pkgs.erpnext;
bench = pkgs.python3.pkgs.bench;
pythonPkgs = pkgs.python3.pkgs;
};
});
nixosConfigurations = {
test-vm = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
system = "x86_64-linux";
modules = [./test-vm/configuration.nix];
};
};
in {inherit packages nixosConfigurations;};
}

132
test-vm/configuration.nix Normal file
View file

@ -0,0 +1,132 @@
{ pkgs, lib, config, modulesPath, ... }:
with lib;
{
imports = [
"${modulesPath}/profiles/minimal.nix"
"${modulesPath}/profiles/qemu-guest.nix"
"${modulesPath}/virtualisation/qemu-vm.nix"
];
config = {
services.qemuGuest.enable = true;
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
autoResize = true;
};
boot = {
growPartition = true;
loader.timeout = 5;
};
virtualisation = {
diskSize = 8000; # MB
memorySize = 2048; # MB
# We don't want to use tmpfs, otherwise the nix store's size will be bounded
# by a fraction of available RAM.
writableStoreUseTmpfs = false;
};
# So that we can ssh into the VM, see e.g.
# http://blog.patapon.info/nixos-local-vm/#accessing-the-vm-with-ssh
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
# Give root an empty password to ssh in.
users.extraUsers.root.password = "";
users.mutableUsers = false;
environment.systemPackages = with pkgs; [
git
htop
neovim
];
services.mysql = {
enable = true;
package = pkgs.mariadb;
};
services.redis.servers = {
# Queue, naming it "" makes it use default values.
"".enable = true;
socketio = {
enable = true;
port = 12311;
};
};
users.users.erpnext = {
description = "User to run erpnext";
group = "erpnext";
isSystemUser = true;
};
systemd.services.erpnext =
let
penv = python3.buildEnv.override {
extraLibs = [
python3.pkgs.frappe
python3.pkgs.erpnext
python3.pkgs.bench
];
};
in
{
enable = true;
wantedBy = [ "multi-user.target" ];
after = [ "mysql.service" "redis.service" "redis-socketio.service" ];
description = "ERPNext";
confinement = {
enable = true;
packages = [ ];
};
script = ''
export PYTHON_PATH=${penv}/${python3.sitePackages}
cat > /frappe-bench/sites/apps.txt <<EOF
frappe
erpnext
EOF
cat >/frape-bench/sites/common_site_config.json <<EOF
{
"db_host": "localhost",
"db_port": 3306,
"db_name": "erpnext" ,
"db_password": "erpnext" ,
"redis_cache": "redis://localhost:6379?db=0",
"redis_queue": "redis://localhost:6379?db=1",
"redis_socketio": "redis://localhost:6379?db=2",
"socketio_port": 3000
}
EOF
# Upstream initializes the DB with this command
# TODO: Make this idempotent
cd /frappe-bench/sites
bench new-site localhost --mariadb-root-password password --admin-password admin
bench --site localhost install-app erpnext
echo "Workdir: $tmp"
# TODO: Run these as systemd units
node $tmp/apps/frappe/socketio.js &
gunicorn --chdir="$tmp/sites" --bind=0.0.0.0:9090 --threads=4 --workers=2 --worker-class=gthread --worker-tmp-dir=/dev/shm --timeout=120 --preload frappe.app:application
'';
serviceConfig = {
User = "erpnext";
NoNewPrivileges = true;
Type = "simple";
BindReadOnlyPaths = [
"${frappe-app}/share/apps/frappe:/frappe-bench/apps/frappe"
"${erpnext-app}/share/apps/erpnext:/frappe-bench/apps/erpnext"
"${frappe-erpnext-assets}/share/sites/assets:/frappe-bench/sites/assets"
# "${penv}:/frappe-bench/env"
];
};
};
};
}