gluestick/flake.nix
2023-04-29 13:12:03 -04:00

182 lines
5.4 KiB
Nix

{
description =
"NotNet's one stop shop for authentication and account onboarding";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, flake-utils }:
let
packages = flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages."${system}";
# I really cannot be assed to pick this apart
inputs = with pkgs; [ vips pkg-config python3 ];
# https://github.com/prisma/prisma/issues/3026#issuecomment-927258138
prismaHook = with pkgs; ''
export PRISMA_MIGRATION_ENGINE_BINARY="${prisma-engines}/bin/migration-engine"
export PRISMA_QUERY_ENGINE_BINARY="${prisma-engines}/bin/query-engine"
export PRISMA_QUERY_ENGINE_LIBRARY="${prisma-engines}/lib/libquery_engine.node"
export PRISMA_INTROSPECTION_ENGINE_BINARY="${prisma-engines}/bin/introspection-engine"
export PRISMA_FMT_BINARY="${prisma-engines}/bin/prisma-fmt"
'';
in rec {
packages.gluestick = pkgs.buildNpmPackage {
pname = "gluestick";
version = "0.1.0";
src = ./.;
npmDepsHash = "sha256-keOreamXKunlJzU2AKJo0J02ZxQrjLdoCIMCaiwEU4Y=";
nativeBuildInputs = inputs;
buildInputs = inputs;
preBuild = ''
${prismaHook}
# Use the introspection.json, because we can't connect to the API at build time
GRAPHQL_USE_INTROSPECTION=true npm run graphql-codegen
npm run prisma-generate
'';
installPhase = ''
runHook preInstall
mkdir -p $out
cp -r .next/standalone $out/server
cp -r .next/static $out/server/.next/static
cp -r public $out/server/public
cp -r prisma $out/prisma
mkdir -p $out/bin
cat > $out/bin/gluestick <<EOF
#!${pkgs.stdenv.shell}
${prismaHook}
${pkgs.nodejs}/bin/node $out/server/server.js \$@
EOF
chmod +x $out/bin/gluestick
cat > $out/bin/prisma <<EOF
#!${pkgs.stdenv.shell}
${prismaHook}
${pkgs.nodePackages.prisma}/bin/prisma \$@
EOF
chmod +x $out/bin/prisma
runHook postInstall
'';
meta = with pkgs.lib; {
description =
"NotNet's one stop shop for authentication and account onboarding";
homepage = "https://git.n2.pm/NotNet/gluestick";
license = licenses.mit;
};
};
apps.gluestick = flake-utils.lib.mkApp {
name = "gluestick";
drv = packages.gluestick;
};
devShell = pkgs.mkShell {
inputsFrom = [ packages.gluestick ];
shellHook = ''
${prismaHook}
if [ -f .env.local ]; then
set -a
source .env.local
set +a
fi
'';
};
});
in packages // {
nixosModule = { config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.gluestick;
pkg = self.packages.${pkgs.system}.gluestick;
in {
options.services.gluestick = {
enable = mkEnableOption "gluestick";
user = mkOption {
type = types.str;
default = "gluestick";
};
group = mkOption {
type = types.str;
default = "gluestick";
};
port = mkOption {
type = types.int;
default = 3000;
};
envFile = mkOption {
type = types.path;
default = "/var/lib/gluestick/.env.local";
};
databaseFile = mkOption {
type = types.path;
default = "/var/lib/gluestick/database.db";
};
};
config = mkIf cfg.enable {
systemd.services.gluestick = {
description = "gluestick";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
preStart = ''
export DATABASE_URL="file:${cfg.databaseFile}"
${pkg}/bin/prisma migrate deploy --schema=${pkg}/prisma/schema.prisma
'';
script = ''
export PORT=${toString cfg.port}
export NODE_ENV=production
export DATABASE_URL="file:${cfg.databaseFile}"
set -a
source ${cfg.envFile}
set +a
${pkg}/bin/gluestick
'';
serviceConfig = {
User = cfg.user;
Group = cfg.group;
Restart = "always";
WorkingDirectory = "/var/lib/gluestick";
};
};
users = {
users = mkIf (cfg.user == "gluestick") {
gluestick = {
home = "/var/lib/gluestick";
createHome = true;
group = cfg.group;
isSystemUser = true;
};
};
groups = mkIf (cfg.group == "gluestick") { gluestick = { }; };
};
};
};
};
}