diff options
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-apps/healthchecks.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/healthchecks.nix | 45 |
1 files changed, 36 insertions, 9 deletions
diff --git a/nixpkgs/nixos/modules/services/web-apps/healthchecks.nix b/nixpkgs/nixos/modules/services/web-apps/healthchecks.nix index b3fdb681e2f3..b92525075541 100644 --- a/nixpkgs/nixos/modules/services/web-apps/healthchecks.nix +++ b/nixpkgs/nixos/modules/services/web-apps/healthchecks.nix @@ -1,16 +1,16 @@ -{ config, lib, pkgs, buildEnv, ... }: +{ config, lib, options, pkgs, buildEnv, ... }: with lib; let defaultUser = "healthchecks"; cfg = config.services.healthchecks; + opt = options.services.healthchecks; pkg = cfg.package; boolToPython = b: if b then "True" else "False"; environment = { PYTHONPATH = pkg.pythonPath; STATIC_ROOT = cfg.dataDir + "/static"; - DB_NAME = "${cfg.dataDir}/healthchecks.sqlite"; } // cfg.settings; environmentFile = pkgs.writeText "healthchecks-environment" (lib.generators.toKeyValue { } environment); @@ -98,17 +98,24 @@ in description = lib.mdDoc '' Environment variables which are read by healthchecks `(local)_settings.py`. - Settings which are explicitly covered in options bewlow, are type-checked and/or transformed + Settings which are explicitly covered in options below, are type-checked and/or transformed before added to the environment, everything else is passed as a string. See <https://healthchecks.io/docs/self_hosted_configuration/> for a full documentation of settings. - We add two variables to this list inside the packages `local_settings.py.` - - STATIC_ROOT to set a state directory for dynamically generated static files. - - SECRET_KEY_FILE to read SECRET_KEY from a file at runtime and keep it out of /nix/store. + We add additional variables to this list inside the packages `local_settings.py.` + - `STATIC_ROOT` to set a state directory for dynamically generated static files. + - `SECRET_KEY_FILE` to read `SECRET_KEY` from a file at runtime and keep it out of + /nix/store. + - `_FILE` variants for several values that hold sensitive information in + [Healthchecks configuration](https://healthchecks.io/docs/self_hosted_configuration/) so + that they also can be read from a file and kept out of /nix/store. To see which values + have support for a `_FILE` variant, run: + - `nix-instantiate --eval --expr '(import <nixpkgs> {}).healthchecks.secrets'` + - or `nix eval 'nixpkgs#healthchecks.secrets'` if the flake support has been enabled. ''; - type = types.submodule { + type = types.submodule (settings: { freeformType = types.attrsOf types.str; options = { ALLOWED_HOSTS = lib.mkOption { @@ -143,8 +150,28 @@ in ''; apply = boolToPython; }; + + DB = mkOption { + type = types.enum [ "sqlite" "postgres" "mysql" ]; + default = "sqlite"; + description = lib.mdDoc "Database engine to use."; + }; + + DB_NAME = mkOption { + type = types.str; + default = + if settings.config.DB == "sqlite" + then "${cfg.dataDir}/healthchecks.sqlite" + else "hc"; + defaultText = lib.literalExpression '' + if config.${settings.options.DB} == "sqlite" + then "''${config.${opt.dataDir}}/healthchecks.sqlite" + else "hc" + ''; + description = lib.mdDoc "Database name."; + }; }; - }; + }); }; }; @@ -168,7 +195,7 @@ in StateDirectoryMode = mkIf (cfg.dataDir == "/var/lib/healthchecks") "0750"; }; in - { + { healthchecks-migration = { description = "Healthchecks migrations"; wantedBy = [ "healthchecks.target" ]; |