diff options
author | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-07 23:02:10 +0100 |
---|---|---|
committer | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-07 23:02:10 +0100 |
commit | 295271b546ebb598a27325d86793ed88c63bbde4 (patch) | |
tree | f29a4bd381a2d4be3f71b026f836d7aab451f5fe | |
parent | 53fdeac982e00e619b0b6c374311643d2bfcb988 (diff) |
add dispatch server & NixOS module
-rw-r--r-- | nixos/modules/module-list.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/dispatch.nix | 108 | ||||
-rw-r--r-- | pkgs/default.nix | 5 |
3 files changed, 117 insertions, 3 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 0a778ee..43de9f8 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -10,12 +10,10 @@ ./services/ambience.nix ./services/catbus-lgtv.nix ./services/catbus-lifx.nix - ./sites/cgit.nix - ./sites/go.nix - ./sites/recipes.nix ./services/catbus-networkpresence.nix ./services/catbus-snapcast.nix ./services/catbus-wakeonlan.nix + ./services/dispatch.nix ./services/dlnatoad.nix ./services/helix-directory-jackalope.nix ./services/helix-directory.nix @@ -24,5 +22,8 @@ ./services/snapclient.nix ./services/ssh.nix ./services/upmpdcli.nix + ./sites/cgit.nix + ./sites/go.nix + ./sites/recipes.nix ./users/eth.nix ] diff --git a/nixos/modules/services/dispatch.nix b/nixos/modules/services/dispatch.nix new file mode 100644 index 0000000..c5f8005 --- /dev/null +++ b/nixos/modules/services/dispatch.nix @@ -0,0 +1,108 @@ +{ config, lib, pkgs, ... }: +with lib; + +let + + cfg = config.eth.services.dispatch; + + systemdDirectoryName = "dispatch"; + runtimeDirectory = "/run/${systemdDirectoryName}"; + socket = "${runtimeDirectory}/listen.sock"; + + configJSON = pkgs.writeText "config.json" (builtins.toJSON { + rules = cfg.rules; + }); + +in { + + options.eth.services.dispatch = { + enable = mkEnableOption "Whether to enable dispatch"; + + socket = mkOption { + type = types.path; + readOnly = true; + description = "Path of the UNIX socket to listen on."; + default = socket; + }; + + rules = mkOption { + type = types.attrsOf (types.submodule { + options = { + triggers = mkOption { + type = types.listOf (types.submodule { + options = { + url = mkOption { + type = types.str; + example = "/gitolite-repo-updated"; + }; + formValues = mkOption { + type = types.attrsOf types.str; + example = { + repo = "catbus-web-ui"; + }; + default = {}; + }; + }; + }); + default = []; + }; + actions = mkOption { + type = types.listOf (types.submodule { + options = { + url = mkOption { + type = types.str; + example = "https://build.eth.moe/deploy"; + }; + formValues = mkOption { + type = types.attrsOf types.str; + example = { + project = "catbus-web-ui"; + }; + default = {}; + }; + }; + }); + default = []; + }; + }; + }); + example = { + "update Catbus UI" = { + triggers = [ + { url = "/gitolite-repo-updated"; formValues = { repo = "catbus-web-ui"; }; } + ]; + output = [ + { url = "https://build.eth.moe/deploy"; formValues = { project = "catbus-web-ui"; }; } + ]; + }; + }; + default = {}; + }; + }; + + + config = mkIf cfg.enable { + systemd.services.dispatch = { + enable = true; + description = "Webhook & MQTT dispatch server"; + wants = [ "network.target" ]; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + Group = config.services.nginx.group; + + RuntimeDirectory = systemdDirectoryName; + + ExecStart = "${pkgs.eth.dispatch}/bin/dispatch -config-path ${configJSON} -listen ${socket}"; + + NoNewPrivileges = true; + ProtectHome = true; + ProtectKernelTunables = true; + ProtectControlGroups = true; + ProtectKernelModules = true; + }; + }; + }; + +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 573fd7b..e75bedd 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -23,6 +23,10 @@ let url = "https://github.com/ethulhu/catbus-web-ui"; # TODO: rev = "..."; }; + dispatch = builtins.fetchGit { + url = "https://git.eth.moe/dispatch"; + rev = "530fc42f37eb17e3638f6aef055da77847e20dfa"; + }; helix = builtins.fetchGit { url = "https://github.com/ethulhu/helix"; rev = "b64bdc80c3c994f22a28599747897aa5de3ada93"; @@ -42,6 +46,7 @@ let in pkgs: super: { eth = { + dispatch = pkgs.callPackage dispatch {}; helix = pkgs.callPackage helix {}; jackalope = pkgs.callPackage jackalope {}; recipes = pkgs.callPackage recipes {}; |