64 lines
1.7 KiB
Nix
64 lines
1.7 KiB
Nix
{ config, inputs, pkgs, ... }:
|
|
let
|
|
dataDir = "/srv/data/SHINOBI/shinobi";
|
|
|
|
shinobiConfigJson = builtins.toJSON {
|
|
ffmpegBinary = "${pkgs.ffmpeg}/bin/ffmpeg";
|
|
port = 38080;
|
|
db = {
|
|
host = "127.0.0.1";
|
|
port = 3306;
|
|
user = "majesticflame";
|
|
database = "ccio";
|
|
};
|
|
};
|
|
|
|
configFile = pkgs.writeText "shinobi-conf.json" shinobiConfigJson;
|
|
|
|
secretFile = config.age.secrets.shinobi-secrets.path;
|
|
|
|
inherit (inputs.self.packages.${pkgs.system}) shinobi;
|
|
in
|
|
{
|
|
age.secrets.shinobi-secrets = {
|
|
file = ../../../secrets/shinobi-secrets.age;
|
|
owner = "shinobi";
|
|
group = "shinobi";
|
|
mode = "0400";
|
|
};
|
|
services.mysql = {
|
|
enable = true;
|
|
settings.mysqld.bind-address = "127.0.0.1";
|
|
package = pkgs.mariadb;
|
|
dataDir = "/srv/data/DB/mariadb";
|
|
};
|
|
|
|
users.users.shinobi = {
|
|
isSystemUser = true;
|
|
group = "shinobi";
|
|
};
|
|
|
|
users.groups.shinobi = {};
|
|
|
|
systemd.tmpfiles.rules = [ "d '${dataDir}' 0750 shinobi shinobi - -" ];
|
|
|
|
systemd.services.shinobi = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [ pkgs.bash pkgs.nodejs-14_x ];
|
|
preStart = ''
|
|
${pkgs.jq}/bin/jq --slurp '.[0] * .[1]' ${configFile} ${secretFile} | install -Dm600 -o shinobi -g shinobi /dev/stdin ${dataDir}/conf.json
|
|
'';
|
|
serviceConfig = {
|
|
WorkingDirectory = dataDir;
|
|
User = "shinobi";
|
|
ExecStart = "${pkgs.nodejs-14_x}/bin/node ${shinobi}/bin/shinobi";
|
|
KillSignal = "HUP";
|
|
OOMPolicy = "continue";
|
|
Restart = "on-abnormal";
|
|
RestartSec = "5s";
|
|
};
|
|
environment.NODE_PATH = "${shinobi}/lib/node_modules/shinobi/node_modules";
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 38080 ];
|
|
}
|