summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/bookwyrm.nix55
-rw-r--r--pkgs/bookwyrm.nix6
2 files changed, 51 insertions, 10 deletions
diff --git a/modules/bookwyrm.nix b/modules/bookwyrm.nix
index a55d115..9f48ab3 100644
--- a/modules/bookwyrm.nix
+++ b/modules/bookwyrm.nix
@@ -78,6 +78,24 @@ in
The name of the nginx virtual host to set up.
'';
};
+
+ installWrapper = mkOption {
+ default = true;
+ type = types.bool;
+ description = mdDoc ''
+ Whether to install a wrapper script `bookworm-manage.py` into the system environmnt,
+ which calls bookwyrm's `manage.py` script with the correct python path.
+ '';
+ };
+
+ environmentFile = mkOption {
+ default = null;
+ type = types.nullOr types.path;
+ description = mdDoc ''
+ An environment file containing config options which should not be set via Nix / not
+ be contained in the nix store.
+ '';
+ };
};
@@ -91,32 +109,44 @@ in
serviceConfig = mkMerge [
{
BindPaths = [
- cfg.package.passthru.gunicorn
- cfg.package.passthru.celery
+ cfg.package.gunicorn
+ cfg.package.celery
cfg.stateDir
];
}
(mkIf (cfg.bindAddress != "0.0.0.0" || cfg.port != 8000 || cfg.threads != 8) {
- ExecStart = "${lib.getExe cfg.package.passthru.gunicorn} bookwyrm.wsgi:application --threads=${toString cfg.threads} --bind ${cfg.bindAddress}:${toString cfg.port}";
-
+ ExecStart = "${lib.getExe cfg.package.gunicorn} bookwyrm.wsgi:application --threads=${toString cfg.threads} --bind ${cfg.bindAddress}:${toString cfg.port}";
+ })
+ (mkIf (cfg.environmentFile != null) {
+ EnvironmentFile = cfg.environmentFile;
})
];
- environment.PYTHONPATH = cfg.package.passthru.pythonPath;
+ environment.PYTHONPATH = cfg.package.pythonPath;
+
+ preStart = ''
+ ${lib.getExe cfg.package.manage} migrate
+ # will fail after the first time
+ ${lib.getExe cfg.package.manage} initdb || true
+ '';
};
bookwyrm-worker = {
enable = true;
wantedBy = [ "multi-user.target" ];
- environment.PYTHONPATH = cfg.package.passthru.pythonPath;
+ environment.PYTHONPATH = cfg.package.pythonPath;
serviceConfig.BindPaths = [
cfg.stateDir
];
+ serviceConfig.EnvironmentFile =
+ mkIf (cfg.environmentFile != null) cfg.environmentFile;
};
bookwyrm-scheduler = {
enable = true;
wantedBy = [ "multi-user.target" ];
- environment.PYTHONPATH = cfg.package.passthru.pythonPath;
+ environment.PYTHONPATH = cfg.package.pythonPath;
+ serviceConfig.EnvironmentFile =
+ mkIf (cfg.environmentFile != null) cfg.environmentFile;
};
};
@@ -146,6 +176,15 @@ in
];
users.groups.bookwyrm = {};
- };
+ environment.systemPackages = mkIf cfg.installWrapper [
+ cfg.package.manage
+ ];
+
+ warnings = mkIf (cfg.settings ? "SECRET_KEY") [ ''
+ Setting bookwyrm's SECRET_KEY via the free-form services.bookwyrm.settings.* is discouraged.
+ It's better to pass an env file containing it to servies.bookwyrm.envFile instead.
+ ''
+ ];
+ };
}
diff --git a/pkgs/bookwyrm.nix b/pkgs/bookwyrm.nix
index 309e90b..0c9cb70 100644
--- a/pkgs/bookwyrm.nix
+++ b/pkgs/bookwyrm.nix
@@ -11,7 +11,6 @@ let
settingsWithDefaults = {
DOMAIN = "localhost";
DEBUG = false;
- SECRET_KEY = "fnord";
USE_HTTPS = false;
EMAIL = "your@email.here";
PGPORT = 5432;
@@ -95,6 +94,9 @@ let
postBuild = ''
ln -s ${envfile} .env
+ # needed for the python settings.py file to not fail, but not
+ # used during the commands executed below, so this is safe
+ export SECRET_KEY=fnord
substituteInPlace contrib/systemd/* \
--replace /opt/bookwyrm/venv/bin/gunicorn ${lib.getExe python.pkgs.gunicorn} \
@@ -104,7 +106,7 @@ let
sed -i /BindPath/d contrib/systemd/*
python manage.py compile_themes
- python manage.py collectstatic --no-input --ignore=*.scss
+ python manage.py collectstatic --no-input
'';
postInstall = ''