Compare commits
4 Commits
9c832fa1b2
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
e4edffd69f | ||
|
|
7dbcc63394 | ||
|
fe9794a796 | ||
|
|
24b42352b3 |
44
flake.nix
44
flake.nix
@@ -10,7 +10,7 @@
|
||||
flake-utils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
packageName = "blanning-poker-kazbegi";
|
||||
packageName = "planning-poker-kazbegi";
|
||||
backendName = "${packageName}-backend";
|
||||
version = "0.1.1";
|
||||
backendPackage = sbt-derivation.lib.mkSbtDerivation rec {
|
||||
@@ -46,7 +46,7 @@
|
||||
# Just the backend jar
|
||||
packages.backend = backendPackage;
|
||||
# Module for NixOS to allow starting backend as SystemD service
|
||||
module = { config, pkgs, ... }:
|
||||
nixosModules.backendApp = { config, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.${backendName};
|
||||
lib = pkgs.lib;
|
||||
@@ -72,48 +72,52 @@
|
||||
default = true;
|
||||
description = "Whether to use Nginx to proxy requests.";
|
||||
};
|
||||
useHostTls = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description =
|
||||
"Whether virtual host should enable NixOS ACME certs";
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.groups."${backendName}-group" = { };
|
||||
users.users."${backendName}-user" = {
|
||||
};
|
||||
config.users = lib.mkIf cfg.enable {
|
||||
groups."${backendName}" = { };
|
||||
users."${backendName}" = {
|
||||
isSystemUser = true;
|
||||
group = "${backendName}-group";
|
||||
group = "${backendName}";
|
||||
};
|
||||
|
||||
systemd.services.${backendName} =
|
||||
let serverHost = if cfg.useNginx then "localhost" else cfg.host;
|
||||
in {
|
||||
};
|
||||
config.systemd.services.${backendName} = lib.mkIf cfg.enable {
|
||||
description = "Exercise app ${backendName}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
startLimitIntervalSec = 30;
|
||||
startLimitBurst = 10;
|
||||
serviceConfig = {
|
||||
serviceConfig =
|
||||
let serverHost = if cfg.useNginx then "localhost" else cfg.host;
|
||||
in {
|
||||
ExecStart =
|
||||
"${pkgs.jdk}/bin/java -jar ${backendPackage}/bin/${backendName}.jar -p ${
|
||||
toString cfg.port
|
||||
} --host ${serverHost}";
|
||||
WorkingDirectory = "${backendPackage}/bin";
|
||||
Restart = "on-failure";
|
||||
User = "${backendName}-user";
|
||||
Group = "${backendName}-group";
|
||||
User = "${backendName}";
|
||||
Group = "${backendName}";
|
||||
};
|
||||
};
|
||||
# this is only backend. Front end still configured and installed separately.
|
||||
services.nginx.virtualHosts.${cfg.host}.locations."/api" = {
|
||||
config.services.nginx.virtualHosts.${cfg.host} = {
|
||||
forceSSL = cfg.useHostTls;
|
||||
enableACME = cfg.useHostTls;
|
||||
locations."/api" = lib.mkIf cfg.enable {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||
# this is config for websocket
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
rewrite ^/api/(.*)$ /$1 break;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# Add the following lines for WebSocket support
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user