kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity
Files
267124dfd1f2bd3408594fdf7d0be443d31c2431
niveum/systems/ful/alew.nix

94 lines
2.1 KiB
Nix
Raw Blame History

{
pkgs,
config,
...
}:
let
postgrestPort = 3001;
alewPort = 3000;
in
{
systemd.services.postgrest = {
enable = true;
wantedBy = [ "podman-alew.service" ];
wants = [ "postgresql.service" ];
environment = {
PGRST_DB_ANON_ROLE = "alew_1";
PGRST_DB_SCHEMA = "alew_2022_05"; # alew_2023_09 for most recent (beta)
PGRST_DB_URI = "postgres://alew_1:alew_1@localhost:5432/alew";
PGRST_SERVER_PORT = toString postgrestPort;
};
script = "${pkgs.postgrest}/bin/postgrest";
serviceConfig = {
User = "postgres";
Group = "postgres";
};
};
services.nginx.virtualHosts."alew.kmein.de" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString alewPort}";
};
};
# deploy nuxt app using
# $ cd alew/web/
# $ rsync -rav --delete . ful:/var/lib/alew --exclude .git --exclude .nuxt --exclude node_modules
systemd.services.alew = {
enable = true;
wantedBy = [ "multi-user.target" ];
wants = [ "postgrest.service" ];
path = [
pkgs.yarn
pkgs.python3
pkgs.gcc
pkgs.bash
pkgs.coreutils
pkgs.gnumake
];
environment = {
NODE_OPTIONS = "--openssl-legacy-provider";
POSTGREST_URL = "http://localhost:${toString postgrestPort}";
BETA = "0";
PORT = toString alewPort;
};
preStart = ''
# rsync -rav --delete ALEW_SRC .
yarn install
yarn build
'';
script = "yarn start";
serviceConfig = {
User = "alew";
Group = "alew";
WorkingDirectory = config.users.extraUsers.alew.home;
};
};
users.extraUsers.alew = {
isSystemUser = true;
createHome = true;
home = "/var/lib/alew";
group = "alew";
};
users.extraGroups.alew = { };
environment.systemPackages = [ pkgs.podman ];
services.postgresql = {
enable = true;
ensureDatabases = [ "alew" ];
ensureUsers = [
{
name = "alew";
ensureDBOwnership = true;
}
{ name = "alew_1"; } # readonly
];
package = pkgs.postgresql_16;
};
}
View Git Blame Copy Permalink