rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(nixos): use mkWebApp module to simplify web app definitions

Browse source
This commit is contained in:
Mohammad Rafiq 2025-06-16 14:55:00 +08:00
parent 2292baecf6
commit a5d8bfcdd5
No known key found for this signature in database
8 changed files with 81 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/default.nix
View file

@ -15,6 +15,10 @@ rec {
if len <= count then list else (shortenList count (tail list)); if len <= count then list else (shortenList count (tail list));
# Modules # Modules
mkAttrOption = lib.mkOption {
type = lib.types.attrs;
default = { };
};
mkStrOption = lib.mkOption { mkStrOption = lib.mkOption {
type = lib.types.str; type = lib.types.str;
default = ""; default = "";

8
lib/modules/default.nix
View file

@ -7,7 +7,12 @@ let
singleton singleton
mkIf mkIf
; ;
inherit (lib.pantheon) mkRootDomain mkPortOption mkStrOption; inherit (lib.pantheon)
mkAttrOption
mkRootDomain
mkPortOption
mkStrOption
;
networkingConfig = networkingConfig =
{ {
config, config,
@ -45,6 +50,7 @@ in
port = mkPortOption defaultPort; port = mkPortOption defaultPort;
domain = mkStrOption; domain = mkStrOption;
openFirewall = mkEnableOption ""; openFirewall = mkEnableOption "";
extraCfg = mkAttrOption;
} // extraOptions; } // extraOptions;
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [

32
modules/nixos/server/web-apps/forgejo/default.nix
View file

@ -1,33 +1,25 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (lib) mkEnableOption mkIf singleton; inherit (lib) singleton;
inherit (lib.pantheon) mkRootDomain mkStrOption mkPortOption; inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.forgejo; cfg = config.server.web-apps.forgejo;
upstreamCfg = config.services.forgejo; upstreamCfg = config.services.forgejo;
in in
{ mkWebApp {
options.server.web-apps.forgejo = { inherit config;
enable = mkEnableOption ""; name = "forgejo";
url = mkStrOption; defaultPort = 3000;
port = mkPortOption 3000; persistDirs = singleton {
directory = upstreamCfg.stateDir;
inherit (upstreamCfg) user group;
}; };
extraConfig = {
config = mkIf cfg.enable {
persistDirs = singleton {
directory = upstreamCfg.stateDir;
inherit (upstreamCfg) user group;
};
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
server.web-servers.nginx.proxies = mkIf config.server.web-servers.nginx.enable (singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
});
services.forgejo = { services.forgejo = {
enable = true; enable = true;
settings = { settings = {
server = { server = {
DOMAIN = cfg.url; DOMAIN = cfg.domain;
ROOT_URL = "https://${cfg.url}/"; ROOT_URL = "https://${cfg.domain}/";
HTTP_PORT = cfg.port; HTTP_PORT = cfg.port;
}; };
"repository.signing".FORMAT = "ssh"; "repository.signing".FORMAT = "ssh";

44
modules/nixos/server/web-apps/librechat/default.nix
View file

@ -5,33 +5,24 @@
... ...
}: }:
let let
inherit (lib) singleton mkEnableOption mkIf; inherit (lib) singleton;
inherit (lib.pantheon) mkRootDomain mkPortOption mkStrOption; inherit (lib.pantheon) mkStrOption;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.librechat; cfg = config.server.web-apps.librechat;
upstreamCfg = config.services.librechat; upstreamCfg = config.services.librechat;
in in
{ mkWebApp {
imports = singleton "${inputs.rrvsh-nixpkgs}/nixos/modules/services/web-apps/librechat.nix"; inherit config;
name = "librechat";
options.server.web-apps.librechat = { defaultPort = 3080;
enable = mkEnableOption ""; persistDirs = singleton {
port = mkPortOption 3080; directory = upstreamCfg.logDir;
url = mkStrOption; inherit (upstreamCfg) user group;
mongodbURI = mkStrOption // {
default = "mongodb://${config.system.hostname}:27017/LibreChat";
};
}; };
extraOptions.mongodbURI = mkStrOption // {
config = mkIf cfg.enable { default = "mongodb://${config.system.hostname}:27017/LibreChat";
persistDirs = singleton { };
directory = upstreamCfg.logDir; extraConfig = {
inherit (upstreamCfg) user group;
};
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
server.web-servers.nginx.proxies = lib.mkIf config.server.web-servers.nginx.enable (singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
});
services.librechat = { services.librechat = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -41,8 +32,8 @@ in
ALLOW_REGISTRATION = "true"; ALLOW_REGISTRATION = "true";
NO_INDEX = "true"; NO_INDEX = "true";
MONGO_URI = cfg.mongodbURI; MONGO_URI = cfg.mongodbURI;
DOMAIN_CLIENT = cfg.url; DOMAIN_CLIENT = cfg.domain;
DOMAIN_SERVER = cfg.url; DOMAIN_SERVER = cfg.domain;
ENDPOINTS = "anthropic,agents,google"; ENDPOINTS = "anthropic,agents,google";
}; };
credentials = { credentials = {
@ -78,3 +69,6 @@ in
}; };
}; };
} }
// {
imports = singleton "${inputs.rrvsh-nixpkgs}/nixos/modules/services/web-apps/librechat.nix";
}

47
modules/nixos/server/web-apps/mattermost/default.nix
View file

@ -1,7 +1,8 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (lib) singleton; inherit (lib) singleton;
inherit (lib.pantheon) mkRootDomain; inherit (lib.pantheon) mkStrOption;
inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.mattermost; cfg = config.server.web-apps.mattermost;
upstreamCfg = config.services.mattermost; upstreamCfg = config.services.mattermost;
mkDir = directory: { mkDir = directory: {
@ -10,36 +11,33 @@ let
mode = "0750"; mode = "0750";
}; };
in in
{ mkWebApp {
options.server.web-apps.mattermost = { inherit config;
enable = lib.mkEnableOption "the Mattermost service"; name = "mattermost";
port = lib.pantheon.mkPortOption 8065; defaultPort = 8065;
url = lib.pantheon.mkStrOption; persistDirs = [
configDir = lib.pantheon.mkStrOption // { (mkDir cfg.configDir)
(mkDir cfg.logDir)
(mkDir cfg.dataDir)
];
extraOptions = {
configDir = mkStrOption // {
default = "/etc/mattermost"; default = "/etc/mattermost";
}; };
dataDir = lib.pantheon.mkStrOption // { dataDir = mkStrOption // {
default = "/var/lib/mattermost"; default = "/var/lib/mattermost";
}; };
logDir = lib.pantheon.mkStrOption // { logDir = mkStrOption // {
default = "/var/log/mattermost"; default = "/var/log/mattermost";
}; };
}; };
extraConfig = {
config = lib.mkIf cfg.enable {
assertions = [ assertions = [
{ {
assertion = config.services.postgresql.enable; assertion = config.services.postgresql.enable;
message = "You must enable a local instance of postgresql."; message = "You must enable a local instance of postgresql.";
} }
]; ];
persistDirs = [
(mkDir cfg.configDir)
(mkDir cfg.logDir)
(mkDir cfg.dataDir)
];
networking.firewall.allowedTCPPorts = lib.singleton cfg.port;
server.networking.ddns.domains = singleton (mkRootDomain cfg.url);
services.mattermost = { services.mattermost = {
enable = true; enable = true;
inherit (cfg) inherit (cfg)
@ -49,21 +47,14 @@ in
port port
; ;
host = "0.0.0.0"; host = "0.0.0.0";
siteName = "pantheon"; siteUrl = "https://${cfg.domain}";
siteUrl = "https://${cfg.url}";
}; };
services.postgresql = { services.postgresql = {
ensureDatabases = lib.singleton upstreamCfg.database.name; ensureDatabases = singleton upstreamCfg.database.name;
ensureUsers = lib.singleton { ensureUsers = singleton {
name = upstreamCfg.database.user; name = upstreamCfg.database.user;
ensureDBOwnership = true; ensureDBOwnership = true;
}; };
}; };
server.web-servers.nginx.proxies = lib.mkIf config.server.web-servers.nginx.enable (
lib.singleton {
source = cfg.url;
target = "http://${config.system.hostname}:${builtins.toString cfg.port}";
}
);
}; };
} }

24
modules/nixos/server/web-apps/sd-webui-forge/default.nix
View file

@ -1,26 +1,26 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (lib) singleton mkEnableOption mkIf; inherit (lib) singleton;
cfg = config.server.sd-webui-forge; inherit (lib.pantheon.modules) mkWebApp;
cfg = config.server.web-apps.sd-webui-forge;
upstreamCfg = config.services.sd-webui-forge; upstreamCfg = config.services.sd-webui-forge;
in in
{ mkWebApp {
options.server.sd-webui-forge = { inherit config;
enable = mkEnableOption ""; name = "sd-webui-forge";
defaultPort = 7860;
persistDirs = singleton {
directory = upstreamCfg.dataDir;
inherit (upstreamCfg) user group;
}; };
extraConfig = {
config = mkIf cfg.enable {
assertions = singleton { assertions = singleton {
assertion = config.hardware.gpu == "nvidia"; assertion = config.hardware.gpu == "nvidia";
message = "You must run the sd-webui-forge service only with an nvidia gpu."; message = "You must run the sd-webui-forge service only with an nvidia gpu.";
}; };
persistDirs = singleton {
directory = upstreamCfg.dataDir;
inherit (upstreamCfg) user group;
};
services.sd-webui-forge = { services.sd-webui-forge = {
enable = true; enable = true;
listen = true; listen = cfg.openFirewall;
extraArgs = "--cuda-malloc"; extraArgs = "--cuda-malloc";
}; };
}; };

11
systems/x86_64-linux/apollo/default.nix
View file

@ -34,13 +34,16 @@
}; };
web-apps = { web-apps = {
librechat.enable = true; librechat.enable = true;
librechat.url = "chat.bwfiq.com"; librechat.domain = "chat.bwfiq.com";
mattermost.enable = true;
mattermost.url = "mm.bwfiq.com";
forgejo.enable = true; forgejo.enable = true;
forgejo.url = "git.rrv.sh"; forgejo.domain = "git.rrv.sh";
glance.enable = true; glance.enable = true;
glance.domain = "glance.bwfiq.com"; glance.domain = "glance.bwfiq.com";
mattermost = {
enable = true;
domain = "mm.bwfiq.com";
extraCfg.siteName = "pantheon";
};
}; };
web-servers = { web-servers = {
enableSSL = true; enableSSL = true;

2
systems/x86_64-linux/nemesis/default.nix
View file

@ -38,5 +38,5 @@
}; };
}; };
server.sd-webui-forge.enable = true; server.web-apps.sd-webui-forge.enable = true;
} }