1 files changed, 108 insertions, 0 deletions

diff --git a/nixos/modules/services/dispatch.nix b/nixos/modules/services/dispatch.nix
new file mode 100644
index 0000000..c5f8005
--- /dev/null
+++ b/nixos/modules/services/dispatch.nix
@@ -0,0 +1,108 @@
+{ config, lib, pkgs, ... }:
+with lib;
+
+let
+
+  cfg = config.eth.services.dispatch;
+
+  systemdDirectoryName = "dispatch";
+  runtimeDirectory = "/run/${systemdDirectoryName}";
+  socket = "${runtimeDirectory}/listen.sock";
+
+  configJSON = pkgs.writeText "config.json" (builtins.toJSON {
+    rules = cfg.rules;
+  });
+
+in {
+
+  options.eth.services.dispatch = {
+    enable = mkEnableOption "Whether to enable dispatch";
+
+    socket = mkOption {
+      type = types.path;
+      readOnly = true;
+      description = "Path of the UNIX socket to listen on.";
+      default = socket;
+    };
+
+    rules = mkOption {
+      type = types.attrsOf (types.submodule {
+        options = {
+          triggers = mkOption {
+            type = types.listOf (types.submodule {
+              options = {
+                url = mkOption {
+                  type = types.str;
+                  example = "/gitolite-repo-updated";
+                };
+                formValues = mkOption {
+                  type = types.attrsOf types.str;
+                  example = {
+                    repo = "catbus-web-ui";
+                  };
+                  default = {};
+                };
+              };
+            });
+            default = [];
+          };
+          actions = mkOption {
+            type = types.listOf (types.submodule {
+              options = {
+                url = mkOption {
+                  type = types.str;
+                  example = "https://build.eth.moe/deploy";
+                };
+                formValues = mkOption {
+                  type = types.attrsOf types.str;
+                  example = {
+                    project = "catbus-web-ui";
+                  };
+                  default = {};
+                };
+              };
+            });
+            default = [];
+          };
+        };
+      });
+      example = {
+        "update Catbus UI" = {
+          triggers = [
+            { url = "/gitolite-repo-updated"; formValues = { repo = "catbus-web-ui"; }; }
+          ];
+          output = [
+            { url = "https://build.eth.moe/deploy"; formValues = { project = "catbus-web-ui"; }; }
+          ];
+        };
+      };
+      default = {};
+    };
+  };
+
+
+  config = mkIf cfg.enable {
+    systemd.services.dispatch = {
+      enable = true;
+      description = "Webhook & MQTT dispatch server";
+      wants = [ "network.target" ];
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        DynamicUser = true;
+        Group = config.services.nginx.group;
+
+        RuntimeDirectory = systemdDirectoryName;
+
+        ExecStart = "${pkgs.eth.dispatch}/bin/dispatch -config-path ${configJSON} -listen ${socket}";
+
+        NoNewPrivileges = true;
+        ProtectHome = true;
+        ProtectKernelTunables = true;
+        ProtectControlGroups = true;
+        ProtectKernelModules = true;
+      };
+    };
+  };
+
+}