Akshay Mankar
8d707f9a53
Crashes immediately on hitting any route because vue js stuff is not compiled yet.
117 lines
3.2 KiB
Nix
117 lines
3.2 KiB
Nix
{pkgs, lib, config, ...}:
|
|
let
|
|
cfg = config.services.loomio;
|
|
package = pkgs.loomio;
|
|
|
|
env = {
|
|
RAILS_ENV = "production";
|
|
BUNDLE_FORCE_RUBY_PLATFORM = "true";
|
|
|
|
LOOMIO_DATABASE = "loomio";
|
|
LOOMIO_ENCRYPTED_CREDENTIALS_PATH = cfg.encyrptedCredentials;
|
|
};
|
|
cfgService = {
|
|
User = "loomio";
|
|
Group = "loomio";
|
|
WorkingDirectory = package;
|
|
StateDirectory = "loomio";
|
|
};
|
|
in {
|
|
imports = [];
|
|
options = {
|
|
services.loomio = {
|
|
enable = lib.mkEnableOption "loomio";
|
|
encyrptedCredentials = lib.mkOption {
|
|
description = "Credentials required to run loomio";
|
|
type = lib.types.path;
|
|
};
|
|
credentialEncryptionKeyFile = lib.mkOption {
|
|
description = "File containing encryption key for the encyptedCredentials";
|
|
type = lib.types.path;
|
|
};
|
|
};
|
|
};
|
|
config = {
|
|
users.groups.loomio = {};
|
|
users.users.loomio = {
|
|
description = "User to run loomio";
|
|
group = "loomio";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
systemd.services.loomio-init-dirs = {
|
|
enable = true;
|
|
after = ["network.target" ];
|
|
serviceConfig = cfgService // {
|
|
Type = "oneshot";
|
|
};
|
|
script = ''
|
|
cat > /var/lib/loomio/.secrets_env <<EOF
|
|
RAILS_MASTER_KEY=$(cat ${cfg.credentialEncryptionKeyFile})
|
|
EOF
|
|
'';
|
|
};
|
|
|
|
systemd.services.loomio-init-db = {
|
|
enable = true;
|
|
after = ["network.target" "postgresql.service" "loomio-init-dirs.service" ];
|
|
requires = [ "postgresql.service" "loomio-init-dirs.service" ];
|
|
serviceConfig = cfgService // {
|
|
Type = "oneshot";
|
|
EnvironmentFile = [ "/var/lib/loomio/.secrets_env" ];
|
|
};
|
|
environment = env;
|
|
path = [package config.services.postgresql.package];
|
|
script = ''
|
|
#!/usr/bin/env bash
|
|
result="$(psql -t --csv -c \
|
|
"select count(*) from pg_class c \
|
|
join pg_namespace s on s.oid = c.relnamespace \
|
|
where s.nspname not in ('pg_catalog', 'pg_toast', 'information_schema') \
|
|
and s.nspname not like 'pg_temp%';")" || error_code=$?
|
|
if [ "''${error_code:-0}" -ne 0 ]; then
|
|
echo "Failure checking if database is seeded. psql gave exit code $error_code"
|
|
exit "$error_code"
|
|
fi
|
|
if [ "$result" -eq 0 ]; then
|
|
echo "Seeding database"
|
|
SAFETY_ASSURED=1 rails db:schema:load
|
|
rails db:seed
|
|
else
|
|
echo "Migrating database (this might be a noop)"
|
|
rails db:migrate
|
|
fi
|
|
'';
|
|
};
|
|
|
|
systemd.services.loomio = {
|
|
enable = true;
|
|
after = [ "network.target" "loomio-init-db.service" ];
|
|
requires = [ "loomio.socket" "loomio-init-db.service" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
serviceConfig = cfgService // {
|
|
Type = "notify";
|
|
TimeoutStartSec = 120;
|
|
WatchdogSec = 10;
|
|
Restart = "always";
|
|
ExecStart = "${package}/bin/puma -C config/puma.rb";
|
|
EnvironmentFile = [ "/var/lib/loomio/.secrets_env" ];
|
|
};
|
|
|
|
environment = env // {
|
|
PORT="3000";
|
|
};
|
|
};
|
|
|
|
systemd.sockets.loomio = {
|
|
listenStreams = ["0.0.0.0:3000"];
|
|
socketConfig = {
|
|
NoDelay = true;
|
|
ReusePort = true;
|
|
Backlog = 1024;
|
|
};
|
|
};
|
|
};
|
|
}
|