momo/cloud
momo/cloud
4
0
Fork 0
Code Issues9 Pull requests5 Projects Releases Packages Wiki Activity Actions
cloud/modules/solidtime/default.nix

162 lines
5 KiB
Nix
Raw Permalink Blame History

{
config,
pkgs,
lib,
...
}:
let
backupDir = "/var/backups/solidtime";
domain = "timetracking.${config.momo-cloud.networking.domain}";
in
{
options.momo-cloud.solidtime = with lib; {
enable = mkEnableOption "Enable solidtime instance";
superAdmins = mkOption {
type = types.listOf types.str;
default = [ ];
};
envFile = mkOption { type = types.str; };
dbEnvFile = mkOption { type = types.str; };
};
config =
let
superAdmins = lib.strings.concatStringsSep "," config.momo-cloud.solidtime.superAdmins;
defaultEnvironment = {
SUPER_ADMINS = superAdmins;
APP_URL = "https://timetracking.${config.momo-cloud.networking.domain}";
};
in
lib.mkIf config.momo-cloud.solidtime.enable {
momo-cloud.nginx.enable = true;
momo-cloud.acme.enable = true;
momo-cloud.docker.enable = true;
security.acme.certs = {
"${domain}" = { };
};
services.nginx.virtualHosts = {
"${domain}" = {
forceSSL = true;
useACMEHost = domain;
listenAddresses = [
config.momo-cloud.wireguard.ipv4.address
"[${config.momo-cloud.wireguard.ipv6.address}]"
];
locations."/".proxyPass = "http://127.0.0.1:8000";
};
};
systemd.services."docker-network-solidtime" =
let
docker = config.virtualisation.oci-containers.backend;
dockerBin = "${pkgs.${docker}}/bin/${docker}";
in
{
serviceConfig.Type = "oneshot";
before = [ "docker-solidtime.service" ];
requiredBy = [ "docker-solidtime.service" ];
script = ''
${dockerBin} network inspect solidtime >/dev/null 2>&1 || ${dockerBin} network create solidtime --subnet 172.20.0.0/24
'';
};
virtualisation = {
oci-containers = {
backend = "docker";
containers."solidtime" = {
image = "solidtime/solidtime:latest";
autoStart = true;
volumes = [
"/var/lib/solidtime/storage:/var/www/html/storage"
"${config.momo-cloud.solidtime.envFile}:/var/www/html/.env"
];
extraOptions = [
"--network=solidtime"
"--add-host=mail.momo.koeln:host-gateway"
"--health-cmd"
"curl --fail http://localhost:8000/health-check/up || exit 1"
];
environment = defaultEnvironment // {
CONTAINER_MODE = "http";
AUTO_DB_MIGRATE = "true";
};
ports = [ "127.0.0.1:8000:8000" ];
dependsOn = [ "solidtime-db" ];
};
containers."solidtime-scheduler" = {
image = "solidtime/solidtime:latest";
autoStart = true;
volumes = [
"/var/lib/solidtime/storage:/var/www/html/storage"
"${config.momo-cloud.solidtime.envFile}:/var/www/html/.env"
];
extraOptions = [
"--network=solidtime"
"--add-host=mail.momo.koeln:host-gateway"
"--health-cmd"
"supervisorctl status scheduler:scheduler_00"
];
environment = defaultEnvironment // {
CONTAINER_MODE = "scheduler";
};
dependsOn = [ "solidtime-db" ];
};
containers."solidtime-queue" = {
image = "solidtime/solidtime:latest";
autoStart = true;
volumes = [
"/var/lib/solidtime/storage:/var/www/html/storage"
"${config.momo-cloud.solidtime.envFile}:/var/www/html/.env"
];
extraOptions = [
"--network=solidtime"
"--add-host=mail.momo.koeln:host-gateway"
"--health-cmd"
"supervisorctl status worker:worker_00"
];
environment = defaultEnvironment // {
CONTAINER_MODE = "worker";
WORKER_COMMAND = "php /var/www/html/artisan queue:work";
};
dependsOn = [ "solidtime-db" ];
};
containers."solidtime-db" = {
image = "postgres:16";
autoStart = true;
volumes = [
"/var/lib/solidtime/db:/var/lib/postgresql/data"
];
extraOptions = [ "--network=solidtime" ];
environmentFiles = [
config.momo-cloud.solidtime.dbEnvFile
];
};
};
};
systemd.tmpfiles.rules = [
"d '${backupDir}' 0700 root root - -"
];
momo-cloud.backups.restic.solidtime = {
paths = [
backupDir
"/var/lib/solidtime/storage"
];
initialize = true;
backupPrepareCommand = ''
${pkgs.docker-client}/bin/docker exec -t solidtime-db pg_dumpall -c -U solidtime > "${backupDir}/postgres.sql"
'';
backupCleanupCommand = ''
rm -rf ${backupDir}/*
'';
};
};
}
Reference in a new issue View git blame Copy permalink