nix: nixos module for backend installation

systemd to run service, nginx config bundled in
2023-08-06 13:40:21 +00:00 · 2023-08-06 13:40:21 +00:00 · 24b42352b3
parent 81f466ceb0
commit 24b42352b3
1 changed files with 112 additions and 36 deletions
--- a/flake.nix
+++ b/flake.nix
@ -1,18 +1,35 @@
 {
-  description = "Planning Poker web app. Trying to build something and learn new things";
+  description =
+    "Planning Poker web app. Trying to build something and learn new things";
  inputs.nixpkgs.url = "github:nixos/nixpkgs";
  inputs.flake-utils.url = "github:numtide/flake-utils";
  inputs.sbt-derivation.url = "github:zaninime/sbt-derivation/master";
  inputs.sbt-derivation.inputs.nixpkgs.follows = "nixpkgs";

  outputs = { self, nixpkgs, flake-utils, sbt-derivation }:
-    flake-utils.lib.eachDefaultSystem
-      (system:
+    flake-utils.lib.eachDefaultSystem (system:
      let
        pkgs = nixpkgs.legacyPackages.${system};
        packageName = "blanning-poker-kazbegi";
+        backendName = "${packageName}-backend";
        version = "0.1.1";
+        backendPackage = sbt-derivation.lib.mkSbtDerivation rec {
+          inherit pkgs version;
+
+          # ...and the rest of the arguments
+          pname = "${backendName}";
+          depsSha256 = "sha256-7MNlMeljYqXY4/kK4BXoycp9xUz0tGwCQvPTlE1RIQU=";
+          src = pkgs.nix-gitignore.gitignoreSource [ ] ./.;
+          buildPhase = ''
+            sbt backend/assembly
+          '';
+          installPhase = ''
+            mkdir -p $out/bin
+            cp backend/target/scala-*/backend-assembly-*.jar $out/bin/${pname}.jar
+          '';
+        };
      in {
+        # Development shell with things required for local dev
        devShells.default = pkgs.mkShell {
          buildInputs = [
            pkgs.nodejs
@ -26,22 +43,81 @@
            echo "dev env for planning poker BWARGH started"
          '';
        };
-          packages.backend = sbt-derivation.lib.mkSbtDerivation rec {
-            inherit pkgs version;
+        # Just the backend jar
+        packages.backend = backendPackage;
+        # Module for NixOS to allow starting backend as SystemD service
+        nixosModules.backendApp = { config, pkgs, ... }:
+          let
+            cfg = config.services.${backendName};
+            lib = pkgs.lib;
+          in {
+            options.services.${backendName} = {
+              enable =
+                lib.mkEnableOption "My frontendmentor exercise ${backendName}";

-            # ...and the rest of the arguments
-            pname = "${packageName}-backend";
-            depsSha256 = "sha256-7MNlMeljYqXY4/kK4BXoycp9xUz0tGwCQvPTlE1RIQU=";
-            src = pkgs.nix-gitignore.gitignoreSource [] ./.;
-            buildPhase = ''
-              sbt backend/assembly
-            '';
-            installPhase = ''
-              mkdir -p $out/bin
-              cp backend/target/scala-*/backend-assembly-*.jar $out/bin/
+              port = lib.mkOption {
+                type = lib.types.int;
+                default = 8080;
+                description = "Port to listen on.";
+              };
+
+              host = lib.mkOption {
+                type = lib.types.str;
+                default = "localhost";
+                description = "Host to bind to.";
+              };
+
+              useNginx = lib.mkOption {
+                type = lib.types.bool;
+                default = true;
+                description = "Whether to use Nginx to proxy requests.";
+              };
+            };
+            config = lib.mkIf cfg.enable {
+              users.groups."${backendName}-group" = { };
+              users.users."${backendName}-user" = {
+                isSystemUser = true;
+                group = "${backendName}-group";
+              };
+
+              systemd.services.${backendName} =
+                let serverHost = if cfg.useNginx then "localhost" else cfg.host;
+                in {
+                  description = "Exercise app ${backendName}";
+                  wantedBy = [ "multi-user.target" ];
+                  after = [ "network.target" ];
+                  startLimitIntervalSec = 30;
+                  startLimitBurst = 10;
+                  serviceConfig = {
+                    ExecStart =
+                      "${pkgs.jdk}/bin/java -jar ${backendPackage}/bin/${backendName}.jar -p ${
+                        toString cfg.port
+                      } --host ${serverHost}";
+                    WorkingDirectory = "${backendPackage}/bin";
+                    Restart = "on-failure";
+                    User = "${backendName}-user";
+                    Group = "${backendName}-group";
+                  };
+                };
+              # this is only backend. Front end still configured and installed separately.
+              services.nginx.virtualHosts.${cfg.host}.locations."/api" = {
+                proxyPass = "http://127.0.0.1:${toString cfg.port}";
+                # this is config for websocket
+                extraConfig = ''
+                  rewrite ^/api/(.*)$ /$1 break;
+                  proxy_set_header Host $host;
+                  proxy_set_header X-Real-IP $remote_addr;
+                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                  proxy_set_header X-Forwarded-Proto $scheme;
+
+                  # Add the following lines for WebSocket support
+                  proxy_http_version 1.1;
+                  proxy_set_header Upgrade $http_upgrade;
+                  proxy_set_header Connection "upgrade";
                '';
              };
-        }
-      );
+            };
+          };
+      });
  # see https://serokell.io/blog/practical-nix-flakes
 }