diff --git a/api/api-module.nix b/api/api-module.nix deleted file mode 100644 index 7cad0ef..0000000 --- a/api/api-module.nix +++ /dev/null @@ -1,152 +0,0 @@ -selfprivacy-graphql-api: { config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.selfprivacy-api; - directionArg = - if cfg.direction == "" - then "" - else "--direction=${cfg.direction}"; -in -{ - options.services.selfprivacy-api = { - enable = mkOption { - default = true; - type = types.bool; - description = '' - Enable SelfPrivacy API service - ''; - }; - enableSwagger = mkOption { - default = false; - type = types.bool; - description = '' - Enable Swagger UI - ''; - }; - b2Bucket = mkOption { - type = types.str; - description = '' - B2 bucket - ''; - }; - }; - config = lib.mkIf cfg.enable { - - systemd.services.selfprivacy-api = { - description = "API Server used to control system from the mobile application"; - environment = config.nix.envVars // { - inherit (config.environment.sessionVariables) NIX_PATH; - HOME = "/root"; - PYTHONUNBUFFERED = "1"; - ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0"); - B2_BUCKET = cfg.b2Bucket; - } // config.networking.proxy.envVars; - path = [ - "/var/" - "/var/dkim/" - pkgs.coreutils - pkgs.gnutar - pkgs.xz.bin - pkgs.gzip - pkgs.gitMinimal - config.nix.package.out - pkgs.nixos-rebuild - pkgs.restic - pkgs.mkpasswd - pkgs.util-linux - pkgs.e2fsprogs - pkgs.iproute2 - ]; - after = [ "network-online.target" ]; - wantedBy = [ "network-online.target" ]; - serviceConfig = { - User = "root"; - ExecStart = "${selfprivacy-graphql-api}/bin/app.py"; - Restart = "always"; - RestartSec = "5"; - }; - }; - systemd.services.selfprivacy-api-worker = { - description = "Task worker for SelfPrivacy API"; - environment = config.nix.envVars // { - inherit (config.environment.sessionVariables) NIX_PATH; - HOME = "/root"; - PYTHONUNBUFFERED = "1"; - ENABLE_SWAGGER = (if cfg.enableSwagger then "1" else "0"); - B2_BUCKET = cfg.b2Bucket; - PYTHONPATH = selfprivacy-graphql-api.pythonPath + ":${selfprivacy-graphql-api}/lib/python3.10/site-packages/"; - } // config.networking.proxy.envVars; - path = [ - "/var/" - "/var/dkim/" - pkgs.coreutils - pkgs.gnutar - pkgs.xz.bin - pkgs.gzip - pkgs.gitMinimal - config.nix.package.out - pkgs.nixos-rebuild - pkgs.restic - pkgs.mkpasswd - pkgs.util-linux - pkgs.e2fsprogs - pkgs.iproute2 - ]; - after = [ "network-online.target" ]; - wantedBy = [ "network-online.target" ]; - serviceConfig = { - User = "root"; - ExecStart = "${pkgs.python310Packages.huey}/bin/huey_consumer.py selfprivacy_api.task_registry.huey"; - Restart = "always"; - RestartSec = "5"; - }; - }; - # One shot systemd service to rebuild NixOS using nixos-rebuild - systemd.services.sp-nixos-rebuild = { - description = "Upgrade NixOS using nixos-rebuild"; - environment = config.nix.envVars // { - inherit (config.environment.sessionVariables) NIX_PATH; - HOME = "/root"; - } // config.networking.proxy.envVars; - path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ]; - serviceConfig = { - User = "root"; - ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch"; - KillMode = "none"; - SendSIGKILL = "no"; - }; - }; - # One shot systemd service to upgrade NixOS using nixos-rebuild - systemd.services.sp-nixos-upgrade = { - description = "Upgrade NixOS using nixos-rebuild"; - environment = config.nix.envVars // { - inherit (config.environment.sessionVariables) NIX_PATH; - HOME = "/root"; - } // config.networking.proxy.envVars; - path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ]; - serviceConfig = { - User = "root"; - ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --upgrade"; - KillMode = "none"; - SendSIGKILL = "no"; - }; - }; - # One shot systemd service to rollback NixOS using nixos-rebuild - systemd.services.sp-nixos-rollback = { - description = "Rollback NixOS using nixos-rebuild"; - environment = config.nix.envVars // { - inherit (config.environment.sessionVariables) NIX_PATH; - HOME = "/root"; - } // config.networking.proxy.envVars; - path = [ pkgs.coreutils pkgs.gnutar pkgs.xz.bin pkgs.gzip pkgs.gitMinimal config.nix.package.out pkgs.nixos-rebuild ]; - serviceConfig = { - User = "root"; - ExecStart = "${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --rollback"; - KillMode = "none"; - SendSIGKILL = "no"; - }; - }; - }; -} diff --git a/api/api.nix b/api/api.nix deleted file mode 100644 index 08d6a08..0000000 --- a/api/api.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, pkgs, ... }: -{ - services.selfprivacy-api = { - enable = true; - enableSwagger = config.selfprivacy.api.enableSwagger; - b2Bucket = config.selfprivacy.backup.bucket; - }; - - users.users."selfprivacy-api" = { - isNormalUser = false; - isSystemUser = true; - extraGroups = [ "opendkim" ]; - group = "selfprivacy-api"; - }; - users.groups."selfprivacy-api" = { - members = [ "selfprivacy-api" ]; - }; -} diff --git a/configuration.nix b/configuration.nix index bd43b47..8631d97 100644 --- a/configuration.nix +++ b/configuration.nix @@ -6,7 +6,6 @@ ./volumes.nix ./users.nix ./vpn/ocserv.nix - ./api/api.nix ./social/pleroma.nix ./letsencrypt/acme.nix ./letsencrypt/resolve.nix diff --git a/flake.lock b/flake.lock index 418067d..0da6e12 100644 --- a/flake.lock +++ b/flake.lock @@ -18,21 +18,21 @@ "root": { "inputs": { "nixpkgs": "nixpkgs", - "selfprivacy-graphql-api": "selfprivacy-graphql-api" + "selfprivacy-api": "selfprivacy-api" } }, - "selfprivacy-graphql-api": { + "selfprivacy-api": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1699259966, - "narHash": "sha256-NMZ1NZ/3I4d9AvegG95sSaV2Hv4A6WEfJ5UCpsFr+Zk=", - "ref": "flake", - "rev": "b6e84f2596b78da497f63179d72c903bb9b92d4e", - "revCount": 942, + "lastModified": 1700101644, + "narHash": "sha256-RtzREz64LQt0xO6mMW3CGtu6NOdKSStHqHM8Jlcnano=", + "ref": "nixos-module", + "rev": "e6e9d0677e51e5b1f2f5ee60809d190ab18a9f3e", + "revCount": 1028, "type": "git", "url": "https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git" }, diff --git a/flake.nix b/flake.nix index 3536f03..8e24fa9 100644 --- a/flake.nix +++ b/flake.nix @@ -4,13 +4,13 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs"; - selfprivacy-graphql-api.url = + selfprivacy-api.url = "git+https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git"; - # make selfprivacy-graphql-api use the same shared nixpkgs - selfprivacy-graphql-api.inputs.nixpkgs.follows = "nixpkgs"; + # make selfprivacy-api use the same shared nixpkgs + selfprivacy-api.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, nixpkgs, selfprivacy-graphql-api }: { + outputs = { self, nixpkgs, selfprivacy-api }: { nixosConfigurations-fun = { system , hardware-configuration @@ -25,8 +25,7 @@ hardware-configuration ./configuration.nix (import ./userdata-variables.nix userdata) - (import ./api/api-module.nix - selfprivacy-graphql-api.packages.${system}.default) + selfprivacy-api.nixosModules.default { # embed top-level flake source folder into the build environment.etc."selfprivacy/current-config-source".source =