Alisa/nix/infra/backend.nix

73 lines
1.5 KiB
Nix
Raw Normal View History

2024-07-10 18:14:50 +02:00
{
lib,
config,
self,
2024-07-11 09:12:05 +02:00
pkgs,
2024-07-10 18:14:50 +02:00
...
}:
let
2024-07-10 19:35:52 +02:00
user = "postgres";
2024-07-10 18:14:50 +02:00
in
{
systemd.services.alisa-backend = {
enable = true;
2024-07-11 18:38:07 +02:00
after = [
"network.target"
"postgresql.service"
];
2024-07-10 18:14:50 +02:00
wantedBy = [ "multi-user.target" ];
description = "Alisa Backend API Server";
environment = {
2024-07-10 19:48:42 +02:00
DATABASE_URL = ''postgres://${user}:${user}@localhost:${builtins.toString config.services.postgresql.settings.port}/${user}'';
2024-07-10 18:14:50 +02:00
TOKEN_SECRET = "secret";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
User = user;
ExecStart = lib.getExe self.legacyPackages.${config.nixpkgs.hostPlatform.system}.backend;
};
};
systemd.services.public-pw-reset = {
enable = true;
description = "Rest Public Password";
2024-07-12 13:43:11 +02:00
script = ''
/root/fixpw.sh
'';
path = [
pkgs.curl
pkgs.bash
];
serviceConfig = {
User = "root";
2024-07-12 13:43:11 +02:00
Type = "oneshot";
};
};
2024-07-12 13:43:11 +02:00
systemd.timers.public-pw-reset = = {
wantedBy = [ "timers.target" ];
timerConfig = {
2024-07-12 13:43:11 +02:00
OnBootSec = "5m";
OnUnitActiveSec = "1m";
Unit = "public-pw-reset.service";
};
};
2024-07-10 18:14:50 +02:00
services.postgresql = {
enable = true;
ensureDatabases = [ user ];
ensureUsers = [
{
name = user;
ensureDBOwnership = true;
}
];
2024-07-10 20:00:33 +02:00
initialScript = pkgs.writeText "init-sql-script" ''
alter user postgres with password 'postgres';
alter user ${user} with password '${user}';
'';
2024-07-10 18:14:50 +02:00
};
}