selfprivacy-nixos-config/api/api-module.nix

{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.services.selfprivacy-api;
  directionArg =
    if cfg.direction == ""
    then ""
    else "--direction=${cfg.direction}";
in
{
  options.services.selfprivacy-api = {
    enable = mkOption {
      default = false;
      type = types.bool;
      description = ''
        Enable SelfPrivacy API service
      '';
    };
    token = mkOption {
      type = types.str;
      description = ''
        SelfPrivacy API token
      '';
    };
    enableSwagger = mkOption {
      default = false;
      type = types.bool;
      description = ''
        Enable Swagger UI
      '';
    };
    b2AccountId = mkOption {
      type = types.str;
      description = ''
        B2 account ID
      '';
    };
    b2AccountKey = mkOption {
      type = types.str;
      description = ''
        B2 account key
      '';
    };
    b2Bucket = mkOption {
      type = types.str;
      description = ''
        B2 bucket
      '';
    };
    resticPassword = mkOption {
      type = types.str;
      description = ''
        Restic password
      '';
    };
  };
  config = lib.mkIf cfg.enable {

    systemd.services.selfprivacy-api = {
      description = "API Server used to control system from the mobile application";
      environment = config.nix.envVars // {
        inherit (config.environment.sessionVariables) NIX_PATH;
        HOME = "/root";
        PYTHONUNBUFFERED = "1";
        AUTH_TOKEN = cfg.token;
        ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0");
        B2_ACCOUNT_ID = cfg.b2AccountId;
        B2_ACCOUNT_KEY = cfg.b2AccountKey;
        B2_BUCKET = cfg.b2Bucket;
        RESTIC_PASSWORD = cfg.resticPassword;
      } // config.networking.proxy.envVars;
      path = [ "/var/" "/var/dkim/" pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild pkgs.restic pkgs.mkpasswd ];
      after = [ "network-online.target" ];
      wantedBy = [ "network-online.target" ];
      serviceConfig = {
        User = "root";
        ExecStart = "${pkgs.selfprivacy-api}/bin/app.py";
        Restart = "always";
        RestartSec = "5";
      };
    };
    # One shot systemd service to rebuild NixOS using nixos-rebuild
    systemd.services.sp-nixos-rebuild = {
      description = "Upgrade NixOS using nixos-rebuild";
      environment = config.nix.envVars // {
        inherit (config.environment.sessionVariables) NIX_PATH;
        HOME = "/root";
      } // config.networking.proxy.envVars;
      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
      serviceConfig = {
        User = "root";
        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch";
      };
    };
    # One shot systemd service to upgrade NixOS using nixos-rebuild
    systemd.services.sp-nixos-upgrade = {
      description = "Upgrade NixOS using nixos-rebuild";
      environment = config.nix.envVars // {
        inherit (config.environment.sessionVariables) NIX_PATH;
        HOME = "/root";
      } // config.networking.proxy.envVars;
      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
      serviceConfig = {
        User = "root";
        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --upgrade";
      };
    };
    # One shot systemd service to rollback NixOS using nixos-rebuild
    systemd.services.sp-nixos-rollback = {
      description = "Rollback NixOS using nixos-rebuild";
      environment = config.nix.envVars // {
        inherit (config.environment.sessionVariables) NIX_PATH;
        HOME = "/root";
      } // config.networking.proxy.envVars;
      path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];
      serviceConfig = {
        User = "root";
        ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --rollback";
      };
    };
  };
}
Initial commit 2021-11-15 12:02:05 +02:00			`{ config, lib, pkgs, ... }:`

			`with lib;`

			`let`
			`cfg = config.services.selfprivacy-api;`
			`directionArg =`
			`if cfg.direction == ""`
			`then ""`
			`else "--direction=${cfg.direction}";`
			`in`
			`{`
			`options.services.selfprivacy-api = {`
			`enable = mkOption {`
			`default = false;`
			`type = types.bool;`
			`description = ''`
			`Enable SelfPrivacy API service`
			`'';`
			`};`
Add api token param 2021-11-16 12:28:16 +02:00			`token = mkOption {`
Oops, types.string is deprecated See https://github.com/NixOS/nixpkgs/pull/66346 2021-11-16 12:30:11 +02:00			`type = types.str;`
Add api token param 2021-11-16 12:28:16 +02:00			`description = ''`
			`SelfPrivacy API token`
			`'';`
			`};`
Add Swagger to API package 2021-11-16 16:08:58 +02:00			`enableSwagger = mkOption {`
			`default = false;`
			`type = types.bool;`
			`description = ''`
			`Enable Swagger UI`
			`'';`
			`};`
Provide backup env vars to api 2021-11-16 18:05:05 +02:00			`b2AccountId = mkOption {`
			`type = types.str;`
			`description = ''`
			`B2 account ID`
			`'';`
			`};`
			`b2AccountKey = mkOption {`
			`type = types.str;`
			`description = ''`
			`B2 account key`
			`'';`
			`};`
Update API to properly support b2 2021-12-02 17:16:16 +02:00			`b2Bucket = mkOption {`
			`type = types.str;`
			`description = ''`
			`B2 bucket`
			`'';`
			`};`
Provide backup env vars to api 2021-11-16 18:05:05 +02:00			`resticPassword = mkOption {`
			`type = types.str;`
			`description = ''`
			`Restic password`
			`'';`
			`};`
Initial commit 2021-11-15 12:02:05 +02:00			`};`
			`config = lib.mkIf cfg.enable {`

			`systemd.services.selfprivacy-api = {`
			`description = "API Server used to control system from the mobile application";`
			`environment = config.nix.envVars // {`
			`inherit (config.environment.sessionVariables) NIX_PATH;`
			`HOME = "/root";`
			`PYTHONUNBUFFERED = "1";`
Add api token param 2021-11-16 12:28:16 +02:00			`AUTH_TOKEN = cfg.token;`
Add Swagger to API package 2021-11-16 16:08:58 +02:00			`ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0");`
Provide backup env vars to api 2021-11-16 18:05:05 +02:00			`B2_ACCOUNT_ID = cfg.b2AccountId;`
			`B2_ACCOUNT_KEY = cfg.b2AccountKey;`
Update API to properly support b2 2021-12-02 17:16:16 +02:00			`B2_BUCKET = cfg.b2Bucket;`
Provide backup env vars to api 2021-11-16 18:05:05 +02:00			`RESTIC_PASSWORD = cfg.resticPassword;`
Initial commit 2021-11-15 12:02:05 +02:00			`} // config.networking.proxy.envVars;`
			`path = [ "/var/" "/var/dkim/" pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild pkgs.restic pkgs.mkpasswd ];`
			`after = [ "network-online.target" ];`
			`wantedBy = [ "network-online.target" ];`
			`serviceConfig = {`
			`User = "root";`
Move sp-api to nix overlay 2021-11-17 15:35:00 +02:00			`ExecStart = "${pkgs.selfprivacy-api}/bin/app.py";`
Initial commit 2021-11-15 12:02:05 +02:00			`Restart = "always";`
			`RestartSec = "5";`
			`};`
			`};`
Add systemd units for nixos-rebuild 2021-11-17 12:34:55 +02:00			`# One shot systemd service to rebuild NixOS using nixos-rebuild`
			`systemd.services.sp-nixos-rebuild = {`
			`description = "Upgrade NixOS using nixos-rebuild";`
			`environment = config.nix.envVars // {`
			`inherit (config.environment.sessionVariables) NIX_PATH;`
			`HOME = "/root";`
			`} // config.networking.proxy.envVars;`
			`path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];`
			`serviceConfig = {`
			`User = "root";`
			`ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch";`
			`};`
			`};`
			`# One shot systemd service to upgrade NixOS using nixos-rebuild`
			`systemd.services.sp-nixos-upgrade = {`
			`description = "Upgrade NixOS using nixos-rebuild";`
			`environment = config.nix.envVars // {`
			`inherit (config.environment.sessionVariables) NIX_PATH;`
			`HOME = "/root";`
			`} // config.networking.proxy.envVars;`
			`path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];`
			`serviceConfig = {`
			`User = "root";`
			`ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --upgrade";`
			`};`
			`};`
			`# One shot systemd service to rollback NixOS using nixos-rebuild`
			`systemd.services.sp-nixos-rollback = {`
			`description = "Rollback NixOS using nixos-rebuild";`
			`environment = config.nix.envVars // {`
			`inherit (config.environment.sessionVariables) NIX_PATH;`
			`HOME = "/root";`
			`} // config.networking.proxy.envVars;`
			`path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ];`
			`serviceConfig = {`
			`User = "root";`
			`ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --rollback";`
			`};`
			`};`
Initial commit 2021-11-15 12:02:05 +02:00			`};`
			`}`