summaryrefslogtreecommitdiff
path: root/chaski/services/tracktrain.nix
blob: 3d59806363cc20418a3dc2f4229f8dba8fd9b190 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
{ config, lib, pkgs, inputs, ... }:

let
  # this gets rid of the implicit dependency on ghc, reducing closure size
  stripLib = drv: pkgs.stdenv.mkDerivation {
    name = drv.name + "-without-lib";
    src = drv.outPath;
    buildPhase = ''
      mkdir -p $out
      cp -r $src/bin $out
    '';
    phases = [ "buildPhase" ];
  };
in
{
  services.nginx.recommendedProxySettings = true;
  services.nginx.virtualHosts."tracktrain.stuebinm.eu" = {
    locations."/" = {
      proxyPass = "http://192.168.42.41:4000";
      proxyWebsockets = true;
    };
    enableACME = true;
    forceSSL = true;
    extraConfig = ''
      add_header 'Access-Control-Allow-Origin' '*' always;
    '';
  };

  networking.firewall.allowedTCPPorts = [ 443 ];

  containers.tracktrain = {
    autoStart = true;
    privateNetwork = true;
    hostAddress6 = "fd00::42:40";
    localAddress6 = "fd00::42:41";
    hostAddress = "192.168.42.40";
    localAddress = "192.168.42.41";

    config = { config, pkgs, ... }: {

      systemd.services.tracktrain = {
        enable = true;

        description = "tracks trains, hopefully";
        wantedBy = [ "multi-user.target" ];
        after = [ "network.target" ];
        serviceConfig.Type = "simple";
        path = [ pkgs.wget ];
        script = ''
          cd /tmp
          wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
          ${stripLib (((import inputs.tracktrain {nixpkgs = pkgs;}))
            # have to remove version constraints because some aren't in 22.05
            .overrideAttrs (old: { patchPhase = ''
              sed -i "s/base.*/base/g" *.cabal
              sed -i "s/^>=.*//g" *.cabal
              sed -i "s/>=.*//g" *.cabal
            ''; }))
           }/bin/tracktrain --dbString="dbname=tracktrain user=tracktrain" --warp.port=4000
        '';
        startAt = "daily";
      };

      services.postgresql = {
        enable = true;

        ensureDatabases = [ "tracktrain" ];
        ensureUsers = [ {
          name = "tracktrain";
          ensurePermissions = {
            "DATABASE tracktrain" = "ALL PRIVILEGES";
          };
        } ];
        authentication = ''
          local   all   all                              trust
          host    all   all        127.0.0.1/32          trust
        '';
      };

      networking.firewall.allowedTCPPorts = [ 4000 ];
      system.stateVersion = "22.05";

      services.coredns = {
        enable = true;
        config = ''
          .:53 {
          forward . 1.1.1.1
          }
        '';
      };
    };
  };

  networking.nat = {
    enable = true;
    internalInterfaces = [ "ve-tracktrain" ];
    externalInterface = "ens3";
  };

}