infra/build01/marvin-mk2.nix

{ pkgs, lib, config, ... }:
let
  userLib = import ../users/lib.nix { inherit lib; };
  sources = import ../nix/sources.nix;

  marvinNixpkgs = (import (sources.marvin-mk2.outPath + "/definitions.nix") {}).pkgs;

  marvin-mk2 = marvinNixpkgs.python3.pkgs.buildPythonApplication rec {
    pname = "marvin-mk2";
    version = "rolling";
    src = sources.marvin-mk2;

    propagatedBuildInputs = with marvinNixpkgs.python3.pkgs; [
      aiohttp
      gidgethub
    ];
  };
in
{
  users.groups.marvin-mk2 = { };
  users.users.marvin-mk2 = {
    useDefaultShell = true;
    uid = userLib.mkUid "mmkt";
    extraGroups = [ "marvin-mk2" ];
  };

  systemd.services.marvin-mk2 = {
    description = "marvin-mk2 service";
    enable = true;
    path = [
      marvin-mk2
    ];
    environment.BOT_NAME = "marvin-mk2";
    environment.PORT = "3001";
    environment.GH_PRIVATE_KEY_FILE = "/var/lib/marvin-mk2/marvin-mk2-key.pem";
    environment.GH_APP_ID_FILE = "/var/lib/marvin-mk2/marvin_mk2_id.txt";
    environment.WEBHOOK_SECRET_FILE = "/var/lib/marvin-mk2/marvin-mk2-webhook-secret.txt";

    serviceConfig = {
      User = "marvin-mk2";
      Group = "marvin-mk2";
      WorkingDirectory = "/var/lib/marvin-mk2";
      StateDirectory = "marvin-mk2";
      StateDirectoryMode = "700";
      CacheDirectory = "marvin-mk2";
      CacheDirectoryMode = "700";
      LogsDirectory = "marvin-mk2";
      LogsDirectoryMode = "755";
      StandardOutput = "journal";
    };

    script = ''
      marvin
    '';

    wantedBy = [ "multi-user.target" ];
  };
}
build01: add initial marvin-mk2 configuration 2020-06-10 23:12:38 +02:00			`{ pkgs, lib, config, ... }:`
			`let`
			`userLib = import ../users/lib.nix { inherit lib; };`
			`sources = import ../nix/sources.nix;`

			`marvinNixpkgs = (import (sources.marvin-mk2.outPath + "/definitions.nix") {}).pkgs;`

			`marvin-mk2 = marvinNixpkgs.python3.pkgs.buildPythonApplication rec {`
			`pname = "marvin-mk2";`
			`version = "rolling";`
			`src = sources.marvin-mk2;`

			`propagatedBuildInputs = with marvinNixpkgs.python3.pkgs; [`
			`aiohttp`
			`gidgethub`
			`];`
			`};`
			`in`
			`{`
			`users.groups.marvin-mk2 = { };`
			`users.users.marvin-mk2 = {`
			`useDefaultShell = true;`
			`uid = userLib.mkUid "mmkt";`
			`extraGroups = [ "marvin-mk2" ];`
			`};`

			`systemd.services.marvin-mk2 = {`
			`description = "marvin-mk2 service";`
			`enable = true;`
			`path = [`
			`marvin-mk2`
			`];`
			`environment.BOT_NAME = "marvin-mk2";`
			`environment.PORT = "3001";`
			`environment.GH_PRIVATE_KEY_FILE = "/var/lib/marvin-mk2/marvin-mk2-key.pem";`
			`environment.GH_APP_ID_FILE = "/var/lib/marvin-mk2/marvin_mk2_id.txt";`
			`environment.WEBHOOK_SECRET_FILE = "/var/lib/marvin-mk2/marvin-mk2-webhook-secret.txt";`

			`serviceConfig = {`
			`User = "marvin-mk2";`
			`Group = "marvin-mk2";`
			`WorkingDirectory = "/var/lib/marvin-mk2";`
			`StateDirectory = "marvin-mk2";`
			`StateDirectoryMode = "700";`
			`CacheDirectory = "marvin-mk2";`
			`CacheDirectoryMode = "700";`
			`LogsDirectory = "marvin-mk2";`
			`LogsDirectoryMode = "755";`
			`StandardOutput = "journal";`
			`};`

			`script = ''`
			`marvin`
			`'';`

			`wantedBy = [ "multi-user.target" ];`
			`};`
			`}`
No results found.