services/sips: remove

2022-06-18 18:40:35 +02:00 · 2022-06-18 18:40:35 +02:00 · cf713a6a9e
commit cf713a6a9e
parent 6c3b268306
2 changed files with 0 additions and 82 deletions
--- a/hosts/VEGAS/services/sips/default.nix
+++ b/hosts/VEGAS/services/sips/default.nix
@ -1,81 +0,0 @@
 { config, inputs, pkgs, tools, ... }:
 let
  host = tools.identity.autoDomain "sips";
  inherit (inputs.self.packages.${pkgs.system}) sips;
  inherit (config) links;
  connStringNet = "host=127.0.0.1 sslmode=disable dbname=sips user=sips";
  connString = "host=/var/run/postgresql dbname=sips user=sips";
  sipsctl = pkgs.runCommandNoCC "sipsctl-with-env" {
    nativeBuildInputs = [ pkgs.makeWrapper ];
  } ''
    makeWrapper ${sips}/bin/sipsctl $out/bin/sipsctl \
      --set PGPASSFILE ${config.age.secrets.sips-db-credentials.path} \
      --add-flags '--dbdriver postgres --db "${connStringNet}"'
      ln -s ${sips}/share $out/share
  '';
 in
 {
  age.secrets.sips-db-credentials = {
    file = ../../../../secrets/sips-db-credentials.age;
    mode = "0400";
  };
  links = {
    sips.protocol = "http";
    sipsInternal.protocol = "http";
    sipsIpfsApiProxy.protocol = "http";
  };
  systemd.services.sips = {
    wantedBy = [ "multi-user.target" ];
    after = [ "network.target" "postgresql.service" ];
    requires = [ "sips-ipfs-api-proxy.service" ]; 
    serviceConfig = {
      ExecStart = "${sips}/bin/sips --dbdriver postgres --db \"${connString}\" --addr ${links.sipsInternal.tuple} --api ${links.sipsIpfsApiProxy.url} --apitimeout 604800s";
      PrivateNetwork = true;
      DynamicUser = true;
    };
    environment.PGPASSFILE = config.age.secrets.sips-db-credentials.path;
  };
  systemd.services.sips-ipfs-api-proxy = {
    after = [ "network.target" "sips.service" ];
    bindsTo = [ "sips.service" ];
    serviceConfig = {
      ExecStart = "${pkgs.socat}/bin/socat tcp4-listen:${links.sipsIpfsApiProxy.portStr},fork,reuseaddr,bind=${links.sipsIpfsApiProxy.ipv4} unix-connect:/run/ipfs/ipfs-api.sock";
      PrivateNetwork = true;
      DynamicUser = true;
      SupplementaryGroups = "ipfs";
    };
    unitConfig.JoinsNamespaceOf = "sips.service";
  };
  systemd.services.sips-proxy = {
    after = [ "network.target" "sips.service" ];
    bindsTo = [ "sips.service" ];
    requires = [ "sips-proxy.socket" ];
    serviceConfig = {
      ExecStart = "${config.systemd.package}/lib/systemd/systemd-socket-proxyd ${links.sipsInternal.tuple}";
      PrivateNetwork = true;
      DynamicUser = true;
      SupplementaryGroups = "ipfs";
    };
    unitConfig.JoinsNamespaceOf = "sips.service";
  };
  systemd.sockets.sips-proxy = {
    wantedBy = [ "sockets.target" ];
    after = [ "network.target" ];
    socketConfig = {
      ListenStream = "${links.sips.tuple}";
    };
  };
  environment.systemPackages = [ sipsctl ];
  services.nginx.virtualHosts.${host} = tools.nginx.vhosts.proxy links.sips.url;
 }
--- a/hosts/VEGAS/system.nix
+++ b/hosts/VEGAS/system.nix
@ -36,7 +36,6 @@
      ./services/nix/nar-serve.nix
      ./services/object-storage
      ./services/searxng
      ./services/sips
      ./services/sso
      ./services/uptime-kuma
      ./services/vault