blob: 211b64b6fbf2e855491980fcf79faad814faa076 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
# Based off of https://github.com/spacebarchat/server/blob/master/flake.nix
{
description = "Final assignment for NodeJS";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs =
{
self,
nixpkgs,
flake-utils,
}:
(flake-utils.lib.eachSystem flake-utils.lib.allSystems (
system:
let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
hashesFile = builtins.fromJSON (builtins.readFile ./hashes.json);
lib = pkgs.lib;
in
{
packages = {
default = pkgs.buildNpmPackage {
pname = "SafeNSound";
name = "SafeNSound";
meta = with lib; {
description = "Final assignment for NodeJS";
homepage = "https://github.com/VivesMDima/nodejs-ti-a-final-assignment-TheArcaneBrony";
license = licenses.agpl3Plus;
platforms = platforms.all;
mainProgram = "start";
};
src = ./.;
nativeBuildInputs = with pkgs; [ python3 ];
npmDepsHash = hashesFile.npmDepsHash;
makeCacheWritable = true;
dontNpmBuild = true;
postPatch = ''
substituteInPlace package.json --replace 'npx patch-package' '${pkgs.nodePackages.patch-package}/bin/patch-package'
'';
installPhase = ''
runHook preInstall
set -x
#remove packages not needed for production, or at least try to...
npm prune --omit dev --no-save $npmInstallFlags "''${npmInstallFlagsArray[@]}" $npmFlags "''${npmFlagsArray[@]}"
find node_modules -maxdepth 1 -type d -empty -delete
mkdir -p $out
cp -r src node_modules package.json $out/
makeWrapper ${pkgs.nodejs}/bin/node $out/bin/start --prefix NODE_PATH : $out/node_modules --add-flags $out
set +x
runHook postInstall
'';
};
update-nix = pkgs.writeShellApplication {
name = "update-nix";
runtimeInputs = with pkgs; [
prefetch-npm-deps
nix
jq
];
text = ''
#nix flake update --extra-experimental-features 'nix-command flakes'
DEPS_HASH=$(prefetch-npm-deps package-lock.json)
TMPFILE=$(mktemp)
jq '.npmDepsHash = "'"$DEPS_HASH"'"' hashes.json > "$TMPFILE"
mv -- "$TMPFILE" hashes.json
'';
};
};
devShell = pkgs.mkShell {
buildInputs = with pkgs; [
mongodb-compass
nodejs
nodePackages.prettier
];
};
}
)) // {
nixosModules.default = { pkgs, config, lib, ...}: {
options.services.safensound = {
enable = lib.mkEnableOption "Enable SafeNSound service";
package = lib.mkOption {
type = lib.types.package;
default = self.packages.${pkgs.stdenv.hostPlatform.system}.default;
description = "The SafeNSound service package to run.";
};
port = lib.mkOption {
type = lib.types.port;
default = 3000;
description = "The port on which the SafeNSound service will listen.";
};
dbCredentialsPath = lib.mkOption {
type = lib.types.path;
description = "Path to the database credentials file.";
};
jwtSecretPath = lib.mkOption {
type = lib.types.path;
description = "Path to the JWT secret directory.";
};
logRequests = lib.mkEnableOption "Log requests";
logQueries = lib.mkEnableOption "Log queries";
logAuth = lib.mkEnableOption "Log authentication";
};
config = lib.mkIf (config.services.safensound.enable) (
let
cfg = config.services.safensound;
in
{
systemd.services.safensound = {
description = "SafeNSound Service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "mongodb.service" ];
requires = [ "mongodb.service" ];
environment = {
PORT = cfg.port;
LOG_REQUESTS = cfg.logRequests;
DATABASE_SECRET_PATH = cfg.dbCredentialsPath;
JWT_SECRET_PATH = cfg.jwtSecretPath;
LOG_QUERIES = cfg.logQueries;
LOG_AUTH = cfg.logAuth;
};
serviceConfig = {
Type = "simple";
ExecStart = "${cfg.package}/bin/start";
Restart = "on-failure";
DynamicUser = true;
};
};
});
};
};
}
|
