{pkgs, ...}:
(import ../lib/node-application.nix) { inherit pkgs; } {
tarball = "https://git.cryto.net/joepie91/pastebin-stream/archive/master.tar.gz";
name = "pastebin-stream";
hasErrorReporting = true;
mainBinaryPath = "server.js";

{pkgs}: {tarball, name, mainBinaryPath, serviceOptions ? {}, serviceConfig ? {}, hasErrorReporting ? false}:
with pkgs.stdenv.lib;
/*serviceName = "node-${name}";*/
serviceName = "node-foo";
cfg = config.services."${serviceName}";
source = builtins.fetchTarball tarball;
application = (import (pkgs.stdenv.mkDerivation {
src = source;
buildInputs = [ pkgs.node2nix ];
buildCommand = ''
node2nix -6 --pkg-name nodejs_6_x
errorReporter = (import ./node-error-reporter) { inherit pkgs; };
in {
imports = [
/*mkIf hasErrorReporting (errorReporter {
application = application;
applicationName = name;
options.services."${serviceName}" = {
enable = mkEnableOption "${name}";
} // serviceOptions;
config = mkIf cfg.enable {
# FIXME: What if a username conflict occurs?
users.extraUsers."${name}" = {
description = "${name} Service User";
services."${serviceName}" = {
description = "${name} Service";
wantedBy = ["multi-user.target"];
after = ["network.target"];
serviceConfig = {
ExecStart = "${application}/${mainBinaryPath}";
User = name;
} // serviceConfig;

{pkgs}: {applicationName, application}:
with pkgs.stdenv.lib;
serviceName = "node-${applicationName}-error-reporter";
cfg = config.services."${serviceName}";
# FIXME: report-errors NPM package!
in {
options.services."${serviceName}" = {
enable = mkEnableOption "${name} Error Reporter";
stackFilter = mkOption {
description = ''
What modules to filter out of the simplified stacktraces
shown in the e-mail report. This can either be the
string "*" (to filter out every third-party module), or
an array of module names to filter.
Note that the e-mail will always include a JSON
attachment containing the full stacktrace - this setting
purely affects the e-mail body.
default = "*";
type = types.either types.str (types.listOf types.str);
subjectFormat = mkOption {
description = ''
The format for the subject line of the report e-mail. In
this string, `$type` will be replaced with the error
type/name, and `$message` will be replaced with the
error message.
default = "UNHANDLED ERROR: $type - $message";
type = types.str;
metadata = {
from = mkOption {
description = ''
The sender address displayed on the e-mail report.
type = types.str;
to = mkOption {
description = ''
The address to e-mail reports to.
type = types.str;
smtp = {
hostname = mkOption {
description = ''
The hostname on which the SMTP server can be
default = null;
type = types.nullOr types.str;
port = mkOption {
description = ''
The port number that the SMTP server is accessible
default = null;
type = types.nullOr types.str;
username = mkOption {
description = ''
Your username for the SMTP server.
default = null;
type = types.nullOr types.str;
password = mkOption {
description = ''
Your password for the SMTP server.
default = null;
type = types.nullOr types.str;
config = {
services."${serviceName}" = mkIf cfg.enabled {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.nodejs_6_x}/bin/node ${application}/node_modules/report-errors/lib/daemon/index.js";
User = systemd.services."node-${applicationName}".serviceConfig.User; # MARKER

{ {
services.openssh = {
enable = true;
passwordAuthentication = false;
challengeResponseAuthentication = false;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
(builtins.readFile ./joepie91.pub) (builtins.readFile ./joepie91.pub)
]; ];

proxiedApplications = [{ proxiedApplications = [{
hostname = "pastebin-stream.cryto.net"; hostname = "pastebin-stream.cryto.net";
tls = false; tls = false;
root = "${pkgs.valgrind.doc}/share/doc/valgrind/html";
config = '' config = ''
root ${pkgs.valgrind.doc}/share/doc/valgrind/html
''; '';
}]; }];
lib.concatStrings (map (application: '' lib.concatStrings (map (application: ''
${application.hostname} { ${application.hostname} {
${lib.optionalString (application.tls == false) "tls off"} ${lib.optionalString (application.tls == false) "tls off"}
${lib.optionalString (application.root != null) "root ${application.root}"}
${application.config} ${application.config}
} }
'') applications); '') applications);
pastebinStream = (import ../applications/pastebin-stream.nix);
in { in {
imports = [
pastebinStream { inherit pkgs; }
services.caddy = { services.caddy = {
enable = true; enable = true;
agree = true; agree = true;
}; };
networking.firewall.allowedTCPPorts = [ 2015 ]; networking.firewall.allowedTCPPorts = [ 2015 ];
environment.systemPackages = with pkgs; [
}; };
} }

resources.sshKeyPairs.ssh-key = {}; resources.sshKeyPairs.ssh-key = {};
osmium = { config, pkgs, ... }: { osmium = { config, pkgs, ... }: {
services.openssh = {
enable = true;
passwordAuthentication = false;
challengeResponseAuthentication = false;
deployment.targetEnv = "digitalOcean"; deployment.targetEnv = "digitalOcean";
deployment.digitalOcean.region = "ams2"; deployment.digitalOcean.region = "ams2";
deployment.digitalOcean.size = "512mb"; deployment.digitalOcean.size = "512mb";

foo1 = {
qux1 = bar2 1;
quz = 42;
bar2 = arg: baz3 (item: item);
baz3 = func: func bah4;
bah4 = foo1.qux1;
in bar2 1 #foo1.qux1