diff --git a/configuration/default.nix b/configuration/default.nix index 5c0a12d..92f1dc8 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -29,6 +29,7 @@ let trackServiceMetrics = (import ./lib/track-service-metrics.nix); httpHealthChecks = (import ./lib/http-health-checks.nix); nginx = (import ./lib/nginx.nix); + daemon = (import ./lib/daemon.nix); in { network = { inherit pkgs; @@ -123,6 +124,20 @@ in { "ossworks.nl" ]; }) + (daemon { + name = "mobile-proxy"; + displayName = "Mobile Proxy"; + fakeHome = true; # Needed for Babel + binaryPath = "${pkgs.cryto.mobileProxy.override { configFile = ./data/mobile-proxy/config.jsx; }}/bin/mobile-proxy"; + environmentVariables = {}; + }) + (daemon { + name = "matrix-rooms"; + displayName = "Matrix Room List Viewer"; + fakeHome = true; # Needed for Babel + binaryPath = "${pkgs.cryto.matrixRooms}/bin/matrix-room-list-viewer"; + environmentVariables = { NODE_ENV = "production"; }; + }) (nginx { "modular-matrix.cryto.net" = [ (nginxPresets.letsEncrypt) @@ -209,70 +224,6 @@ in { compression = "auto,zlib"; startAt = "daily"; }; - - users.groups.mobile-proxy = {}; - users.users.mobile-proxy = { - description = "mobile-proxy Service User"; - isSystemUser = true; - group = "mobile-proxy"; - }; - - systemd.services.mobile-proxy = let - package = pkgs.cryto.mobileProxy.override { configFile = ./data/mobile-proxy/config.jsx; }; - in { - description = "Mobile Proxy"; - wantedBy = ["multi-user.target"]; - after = ["network.target"]; - - serviceConfig = { - ExecStart = "${package}/bin/mobile-proxy"; - User = "mobile-proxy"; - Restart = "on-failure"; - PermissionsStartOnly = true; - }; - - preStart = '' - mkdir -m 0700 -p /tmp/mobile-proxy-home - chown mobile-proxy /tmp/mobile-proxy-home - ''; - - environment = { - HOME = "/tmp/mobile-proxy-home"; - }; - }; - - users.groups.matrix-rooms = {}; - users.users.matrix-rooms = { - description = "mobile-proxy Service User"; - isSystemUser = true; - group = "matrix-rooms"; - }; - - systemd.services.matrix-rooms = let - package = pkgs.cryto.matrixRooms; - in { - description = "Matrix Room List Viewer"; - wantedBy = ["multi-user.target"]; - after = ["network.target"]; - - serviceConfig = { - ExecStart = "${package}/bin/matrix-room-list-viewer"; /* FIXME: Change binary name in its package.json at some point */ - User = "matrix-rooms"; - Restart = "on-failure"; - PermissionsStartOnly = true; - }; - - # FIXME: Is a fake homes necessary for this application? - preStart = '' - mkdir -m 0700 -p /tmp/matrix-rooms-home - chown matrix-rooms /tmp/matrix-rooms-home - ''; - - environment = { - HOME = "/tmp/matrix-rooms-home"; - NODE_ENV = "production"; - }; - }; }; "machine-konjassiem-02.cryto.net" = { pkgs, lib, config, ... }@args: { diff --git a/configuration/lib/daemon.nix b/configuration/lib/daemon.nix new file mode 100644 index 0000000..14e7a6c --- /dev/null +++ b/configuration/lib/daemon.nix @@ -0,0 +1,31 @@ +{ name, displayName, fakeHome, binaryPath, environmentVariables }: + { lib, ... }: { + users.groups.${name} = {}; + users.users.${name} = { + description = "${name} Service User"; + isSystemUser = true; + group = name; + }; + + systemd.services.${name} = { + description = displayName; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; + + serviceConfig = { + ExecStart = binaryPath; + User = name; + Restart = "on-failure"; + # PermissionsStartOnly = true; + }; + + preStart = lib.mkIf fakeHome '' + mkdir -m 0700 -p /tmp/${name}-home + chown ${name} /tmp/${name}-home + ''; + + environment = { + HOME = lib.mkIf fakeHome "/tmp/${name}-home"; + } // environmentVariables; + }; + }