Home

mint @066c5b9ac96f092f59a295499f56f0ee095de8c1 - refs - log -
- 
https://git.jolheiser.com/mint.git
Budget
mint / nix / module.nix
- raw - 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108

{
  pkgs,
  lib,
  config,
  ...
}:
let
  cfg = config.services.mint;
  pkg = pkgs.callPackage ./pkg.nix { inherit pkgs; };
in
{
  options =
    let
      inherit (lib) mkEnableOption mkOption types;
    in
    {
      services.mint = {
        enable = mkEnableOption "Enable mint";

        package = mkOption {
          type = types.package;
          description = "mint package to use";
          default = pkg;
        };

        address = mkOption {
          type = types.str;
          default = "localhost";
          description = "Web interface address";
        };

        port = mkOption {
          type = types.port;
          default = 6468;
          description = "Web interface port";
        };

        user = mkOption {
          type = types.str;
          default = "mint";
          description = "User account under which mint runs";
        };

        group = mkOption {
          type = types.str;
          default = "mint";
          description = "Group account under which mint runs";
        };

        database = mkOption {
          type = types.str;
          default = "/var/lib/mint/mint.sqlite3";
          description = "Location for the SQLite3 database";
        };

        settings = mkOption {
          type = types.attrs;
          default = { };
          description = "Non-secret environment settings";
          example = {
            DEBUG = true;
          };
        };

        environmentFile = mkOption {
          type = types.nullOr types.path;
          default = null;
          description = "File to use as systemd environmentfile, usually for secret settings";
        };
      };
    };
  config = lib.mkIf cfg.enable {
    users.users."${cfg.user}" = {
      home = "/var/lib/mint";
      createHome = true;
      group = "${cfg.group}";
      isSystemUser = true;
      isNormalUser = false;
      description = "user for mint service";
    };
    users.groups."${cfg.group}" = { };

    systemd.services.mint = {
      enable = true;
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
      environment = {
        PYTHONPATH = "${cfg.package.python.pkgs.makePythonPath cfg.package.propagatedBuildInputs}:${cfg.package}/lib/mint";
        GUNICORN_CMD_ARGS = "--bind=${cfg.address}:${toString cfg.port}";
        MINT_DATABASE = cfg.database;
      } // (pkgs.lib.mapAttrs (_: toString) cfg.settings);
      serviceConfig = {
        User = cfg.user;
        Group = cfg.group;
        Restart = "always";
        RestartSec = "15";
        WorkingDirectory = "/var/lib/mint";
        EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile;
        ExecStart = ''
          ${cfg.package.python.pkgs.gunicorn}/bin/gunicorn mint.wsgi
        '';
      };
      preStart = ''
        ${cfg.package}/bin/mint migrate
      '';
    };
  };
}