5 files changed, 51 insertions, 8 deletions
diff --git a/host/Spacebar-nginx/configuration.nix b/host/Spacebar-nginx/configuration.nix
index 56b5bf1..434b2ff 100755
--- a/host/Spacebar-nginx/configuration.nix
+++ b/host/Spacebar-nginx/configuration.nix
@@ -26,6 +26,13 @@
       recommendedProxySettings = true;
       recommendedTlsSettings = true;
       clientMaxBodySize = "50m";
+      appendConfig = ''
+        worker_processes 16;
+        '';
+      eventsConfig = ''
+        #use kqueue;
+        worker_connections 512;
+        '';
       virtualHosts = {
         # legacy
         "matrix.thearcanebrony.net" = import ./nginx-hosts/thearcanebrony.net/matrix.nix;
@@ -44,6 +51,11 @@
       };
     };
   };
+
+  systemd.services.nginx.serviceConfig = {
+    LimitNOFILE=5000000;
+  };
+
   systemd.services.nginx.requires = [ "data.mount" ];
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "chris@spacebar.chat";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
index bed6690..277a556 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
@@ -16,7 +16,7 @@
       '';
     networking.firewall = {
       enable = true;
-      allowedTCPPorts = [ 80 ];
+      allowedTCPPorts = [ 80 5432 ];
     };
   };  
   hostAddress = "192.168.101.1";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
index bb005f9..d543ef2 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
@@ -5,6 +5,7 @@
     [
       ./services/nginx.nix
       ./services/spacebar-server.nix
+      ./services/postgres.nix
     ];
 
   environment.systemPackages = with pkgs; [
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
index 97ea3e6..b3c8cad 100644
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
@@ -16,7 +16,7 @@
     '';
     initialScript = pkgs.writeText "backend-initScript" ''
       CREATE ROLE spacebar WITH LOGIN PASSWORD 'spacebar' CREATEDB;
-      CREATE DATABASE spacebar;
+      CREATE DATABASE spacebar WITH OWNER spacebar ENCODING 'UTF8';
       GRANT ALL PRIVILEGES ON DATABASE spacebar TO spacebar;
     '';
     #dataDir = "/data/pg";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
index d207687..1debbbd 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
@@ -1,41 +1,71 @@
 { config, pkgs, lib, spacebar-server, ... }:
 
 {
+  services.rabbitmq.enable = true;
+
+  systemd.tmpfiles.rules = [  "d /var/lib/spacebar-server 0750 spacebar spacebar" ];
+  users.users.spacebar = {
+    isSystemUser = true;
+    group = "spacebar";
+    home = "/var/lib/spacebar-server";
+    createHome = true;
+    shell = "/bin/false";
+  };
+
+  users.groups.spacebar = {
+    #isSystemGroup = true;
+  };
+
   systemd.services = {
     "spacebar-server-api" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-api
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
     "spacebar-server-gateway" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-gateway
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
     "spacebar-server-cdn" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-cdn
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
   };