rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(nixos): use mkWebApp module to simplify web app definitions

Browse source
This commit is contained in:
Mohammad Rafiq 2025-06-16 14:55:00 +08:00
parent 2292baecf6
commit a5d8bfcdd5
No known key found for this signature in database
8 changed files with 81 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/default.nix
View file

@ -15,6 +15,10 @@ rec {
if len <= count then list else (shortenList count (tail list));
# Modules
mkAttrOption = lib.mkOption {
type = lib.types.attrs;
default = { };
};
mkStrOption = lib.mkOption {
type = lib.types.str;
default = "";

8
lib/modules/default.nix
View file

@ -7,7 +7,12 @@ let
singleton
mkIf
;
inherit (lib.pantheon) mkRootDomain mkPortOption mkStrOption;
inherit (lib.pantheon)
mkAttrOption
mkRootDomain
mkPortOption
mkStrOption
;
networkingConfig =
{
config,
@ -45,6 +50,7 @@ in
port = mkPortOption defaultPort;
domain = mkStrOption;
openFirewall = mkEnableOption "";
extraCfg = mkAttrOption;
} // extraOptions;
config = mkIf cfg.enable (mkMerge [

32
modules/nixos/server/web-apps/forgejo/default.nix
View file

@ -1,33 +1,25 @@
{ config, lib, ... }:
let
inherit (lib) mkEnableOption mkIf singleton;
inherit (lib.pantheon) mkRootDomain mkStrOption mkPortOption;
inherit (lib) singleton;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.forgejo;
upstreamCfg = config.services.forgejo;
in
{
options.server.web-apps.forgejo = {
enable = mkEnableOption "";
url = mkStrOption;
port = mkPortOption 3000;
mkWebApp {
inherit config;
name = "forgejo";
defaultPort = 3000;
persistDirs = singleton {
directory = upstreamCfg.stateDir;
inherit (upstreamCfg) user group;
};
config = mkIf cfg.enable {
persistDirs = singleton {
directory = upstreamCfg.stateDir;
inherit (upstreamCfg) user group;
};
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
server.web-servers.nginx.proxies = mkIf config.server.web-servers.nginx.enable (singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
});
extraConfig = {
services.forgejo = {
enable = true;
settings = {
server = {
DOMAIN = cfg.url;
ROOT_URL = "https://${cfg.url}/";
DOMAIN = cfg.domain;
ROOT_URL = "https://${cfg.domain}/";
HTTP_PORT = cfg.port;
};
"repository.signing".FORMAT = "ssh";

44
modules/nixos/server/web-apps/librechat/default.nix
View file

@ -5,33 +5,24 @@
...
}:
let
inherit (lib) singleton mkEnableOption mkIf;
inherit (lib.pantheon) mkRootDomain mkPortOption mkStrOption;
inherit (lib) singleton;
inherit (lib.pantheon) mkStrOption;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.librechat;
upstreamCfg = config.services.librechat;
in
{
imports = singleton "${inputs.rrvsh-nixpkgs}/nixos/modules/services/web-apps/librechat.nix";
options.server.web-apps.librechat = {
enable = mkEnableOption "";
port = mkPortOption 3080;
url = mkStrOption;
mongodbURI = mkStrOption // {
default = "mongodb://${config.system.hostname}:27017/LibreChat";
};
mkWebApp {
inherit config;
name = "librechat";
defaultPort = 3080;
persistDirs = singleton {
directory = upstreamCfg.logDir;
inherit (upstreamCfg) user group;
};
config = mkIf cfg.enable {
persistDirs = singleton {
directory = upstreamCfg.logDir;
inherit (upstreamCfg) user group;
};
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
server.web-servers.nginx.proxies = lib.mkIf config.server.web-servers.nginx.enable (singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
});
extraOptions.mongodbURI = mkStrOption // {
default = "mongodb://${config.system.hostname}:27017/LibreChat";
};
extraConfig = {
services.librechat = {
enable = true;
openFirewall = true;
@ -41,8 +32,8 @@ in
ALLOW_REGISTRATION = "true";
NO_INDEX = "true";
MONGO_URI = cfg.mongodbURI;
DOMAIN_CLIENT = cfg.url;
DOMAIN_SERVER = cfg.url;
DOMAIN_CLIENT = cfg.domain;
DOMAIN_SERVER = cfg.domain;
ENDPOINTS = "anthropic,agents,google";
};
credentials = {
@ -78,3 +69,6 @@ in
};
};
}
// {
imports = singleton "${inputs.rrvsh-nixpkgs}/nixos/modules/services/web-apps/librechat.nix";
}

47
modules/nixos/server/web-apps/mattermost/default.nix
View file

@ -1,7 +1,8 @@
{ config, lib, ... }:
let
inherit (lib) singleton;
inherit (lib.pantheon) mkRootDomain;
inherit (lib.pantheon) mkStrOption;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.mattermost;
upstreamCfg = config.services.mattermost;
mkDir = directory: {
@ -10,36 +11,33 @@ let
mode = "0750";
};
in
{
options.server.web-apps.mattermost = {
enable = lib.mkEnableOption "the Mattermost service";
port = lib.pantheon.mkPortOption 8065;
url = lib.pantheon.mkStrOption;
configDir = lib.pantheon.mkStrOption // {
mkWebApp {
inherit config;
name = "mattermost";
defaultPort = 8065;
persistDirs = [
(mkDir cfg.configDir)
(mkDir cfg.logDir)
(mkDir cfg.dataDir)
];
extraOptions = {
configDir = mkStrOption // {
default = "/etc/mattermost";
};
dataDir = lib.pantheon.mkStrOption // {
dataDir = mkStrOption // {
default = "/var/lib/mattermost";
};
logDir = lib.pantheon.mkStrOption // {
logDir = mkStrOption // {
default = "/var/log/mattermost";
};
};
config = lib.mkIf cfg.enable {
extraConfig = {
assertions = [
{
assertion = config.services.postgresql.enable;
message = "You must enable a local instance of postgresql.";
}
];
persistDirs = [
(mkDir cfg.configDir)
(mkDir cfg.logDir)
(mkDir cfg.dataDir)
];
networking.firewall.allowedTCPPorts = lib.singleton cfg.port;
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
services.mattermost = {
enable = true;
inherit (cfg)
@ -49,21 +47,14 @@ in
port
;
host = "0.0.0.0";
siteName = "pantheon";
siteUrl = "https://${cfg.url}";
siteUrl = "https://${cfg.domain}";
};
services.postgresql = {
ensureDatabases = lib.singleton upstreamCfg.database.name;
ensureUsers = lib.singleton {
ensureDatabases = singleton upstreamCfg.database.name;
ensureUsers = singleton {
name = upstreamCfg.database.user;
ensureDBOwnership = true;
};
};
server.web-servers.nginx.proxies = lib.mkIf config.server.web-servers.nginx.enable (
lib.singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
}
);
};
}

24
modules/nixos/server/web-apps/sd-webui-forge/default.nix
View file

@ -1,26 +1,26 @@
{ config, lib, ... }:
let
inherit (lib) singleton mkEnableOption mkIf;
cfg = config.server.sd-webui-forge;
inherit (lib) singleton;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.sd-webui-forge;
upstreamCfg = config.services.sd-webui-forge;
in
{
options.server.sd-webui-forge = {
enable = mkEnableOption "";
mkWebApp {
inherit config;
name = "sd-webui-forge";
defaultPort = 7860;
persistDirs = singleton {
directory = upstreamCfg.dataDir;
inherit (upstreamCfg) user group;
};
config = mkIf cfg.enable {
extraConfig = {
assertions = singleton {
assertion = config.hardware.gpu == "nvidia";
message = "You must run the sd-webui-forge service only with an nvidia gpu.";
};
persistDirs = singleton {
directory = upstreamCfg.dataDir;
inherit (upstreamCfg) user group;
};
services.sd-webui-forge = {
enable = true;
listen = true;
listen = cfg.openFirewall;
extraArgs = "--cuda-malloc";
};
};

11
systems/x86_64-linux/apollo/default.nix
View file

@ -34,13 +34,16 @@
};
web-apps = {
librechat.enable = true;
librechat.url = "chat.bwfiq.com";
mattermost.enable = true;
mattermost.url = "mm.bwfiq.com";
librechat.domain = "chat.bwfiq.com";
forgejo.enable = true;
forgejo.url = "git.rrv.sh";
forgejo.domain = "git.rrv.sh";
glance.enable = true;
glance.domain = "glance.bwfiq.com";
mattermost = {
enable = true;
domain = "mm.bwfiq.com";
extraCfg.siteName = "pantheon";
};
};
web-servers = {
enableSSL = true;

2
systems/x86_64-linux/nemesis/default.nix
View file

@ -38,5 +38,5 @@
};
};
server.sd-webui-forge.enable = true;
server.web-apps.sd-webui-forge.enable = true;
}