panamax: new package and service

3 files changed, 126 insertions, 0 deletions

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 7415af8ab6af..f3cda7b95416 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -177,6 +177,8 @@
       cadvisor = 167;
       nylon = 168;
       apache-kafka = 169;
+      panamax = 170;
+
       # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
 
       nixbld = 30000; # start of range of uids
@@ -315,6 +317,7 @@
       kubernetes = 162;
       gitlab = 165;
       nylon = 166;
+      panamax = 170;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 023a053cf9bb..292feb948828 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -104,6 +104,7 @@
   ./services/backup/tarsnap.nix
   ./services/cluster/fleet.nix
   ./services/cluster/kubernetes.nix
+  ./services/cluster/panamax.nix
   ./services/computing/torque/server.nix
   ./services/computing/torque/mom.nix
   ./services/continuous-integration/jenkins/default.nix
diff --git a/nixos/modules/services/cluster/panamax.nix b/nixos/modules/services/cluster/panamax.nix
new file mode 100644
index 000000000000..011a1e3666b4
--- /dev/null
+++ b/nixos/modules/services/cluster/panamax.nix
@@ -0,0 +1,122 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.panamax;
+
+  panamax_api = pkgs.panamax_api.override { dataDir = cfg.dataDir+"/api"; };
+  panamax_ui = pkgs.panamax_ui.override { dataDir = cfg.dataDir+"/ui"; };
+
+in {
+
+  ##### Interface
+  options.services.panamax = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Whether to enable Panamax service.
+      '';
+    };
+
+    UIPort = mkOption {
+      type = types.int;
+      default = 8888;
+      description = ''
+        Panamax UI listening port.
+      '';
+    };
+
+    APIPort = mkOption {
+      type = types.int;
+      default = 3000;
+      description = ''
+        Panamax UI listening port.
+      '';
+    };
+
+    dataDir = mkOption {
+      type = types.str;
+      default = "/var/lib/panamax";
+      description = ''
+        Data dir for Panamax.
+      '';
+    };
+
+    fleetctlEndpoint = mkOption {
+      type = types.str;
+      default = "http://127.0.0.1:4001";
+      description = ''
+        Fleetctl endpoint.
+      '';
+    };
+
+    journalEndpoint = mkOption {
+      type = types.str;
+      default = "http://127.0.0.1:19531";
+      description = ''
+        Journal endpoint.
+      '';
+    };
+
+    secretKey = mkOption {
+      type = types.str;
+      default = "SomethingVeryLong.";
+      description = ''
+        Secret key (do change this).
+      '';
+    };
+
+  };
+
+  ##### Implementation
+  config = mkIf cfg.enable {
+    systemd.services.panamax_api = {
+      description = "Panamax API";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" "fleet.service" "etcd.service" "docker.service" ];
+      environment = {
+        JOURNAL_ENDPOINT = cfg.journalEndpoint;
+        FLEETCTL_ENDPOINT = cfg.fleetctlEndpoint;
+      };
+      preStart = "${panamax_api}/bin/panamax-api-init";
+      serviceConfig = {
+        ExecStart = "${panamax_api}/bin/panamax-api-run --port ${toString cfg.APIPort}";
+        User = "panamax";
+        Group = "panamax";
+      };
+    };
+
+    systemd.services.panamax_ui = {
+      description = "Panamax UI";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "network.target" "panamax_api.service" ];
+      environment = {
+        JOURNAL_ENDPOINT = cfg.journalEndpoint;
+        PMX_API_PORT_3000_TCP_PORT = toString cfg.APIPort;
+        SECRET_KEY_BASE = cfg.secretKey;
+      };
+      serviceConfig = {
+        ExecStart = "${panamax_ui}/bin/panamax-ui-run --port ${toString cfg.UIPort}";
+        User = "panamax";
+        Group = "panamax";
+      };
+    };
+
+    users.extraUsers.panamax =
+    { uid = config.ids.uids.panamax;
+      description = "Panamax user";
+      createHome = true;
+      home = cfg.dataDir;
+      extraGroups = [ "docker" ];
+    };
+
+    services.journald.enableHttpGateway = mkDefault true;
+    services.fleet.enable = mkDefault true;
+    virtualisation.docker.enable = mkDefault true;
+
+    environment.systemPackages = [ panamax_api panamax_ui ];
+    users.extraGroups.panamax.gid = config.ids.gids.panamax;
+  };
+}