{ config, lib, pkgs, ... }: with lib; let cfg = config.services.panamax; panamax_api = pkgs.panamax_api.override { dataDir = cfg.dataDir + "/api"; }; panamax_ui = pkgs.panamax_ui.override { dataDir = cfg.dataDir + "/ui"; }; in { ##### Interface options.services.panamax = { enable = mkOption { type = types.bool; default = false; description = '' Whether to enable Panamax service. ''; }; UIPort = mkOption { type = types.int; default = 8888; description = '' Panamax UI listening port. ''; }; APIPort = mkOption { type = types.int; default = 3000; description = '' Panamax UI listening port. ''; }; dataDir = mkOption { type = types.str; default = "/var/lib/panamax"; description = '' Data dir for Panamax. ''; }; fleetctlEndpoint = mkOption { type = types.str; default = "http://127.0.0.1:2379"; description = '' Panamax fleetctl endpoint. ''; }; journalEndpoint = mkOption { type = types.str; default = "http://127.0.0.1:19531"; description = '' Panamax journal endpoint. ''; }; secretKey = mkOption { type = types.str; default = "SomethingVeryLong."; description = '' Panamax secret key (do change this). ''; }; }; ##### Implementation config = mkIf cfg.enable { systemd.services.panamax-api = { description = "Panamax API"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" "fleet.service" "etcd.service" "docker.service" ]; path = [ panamax_api ]; environment = { RAILS_ENV = "production"; JOURNAL_ENDPOINT = cfg.journalEndpoint; FLEETCTL_ENDPOINT = cfg.fleetctlEndpoint; PANAMAX_DATABASE_PATH = "${cfg.dataDir}/api/db/mnt/db.sqlite3"; }; preStart = '' rm -rf ${cfg.dataDir}/state/tmp mkdir -p ${cfg.dataDir}/api/{db/mnt,state/log,state/tmp} ln -sf ${panamax_api}/share/panamax-api/_db/{schema.rb,seeds.rb,migrate} ${cfg.dataDir}/api/db/ if [ ! -f ${cfg.dataDir}/.created ]; then bundle exec rake db:setup bundle exec rake db:seed bundle exec rake panamax:templates:load || true touch ${cfg.dataDir}/.created else bundle exec rake db:migrate fi ''; serviceConfig = { ExecStart = "${panamax_api}/bin/bundle exec rails server --binding 127.0.0.1 --port ${toString cfg.APIPort}"; User = "panamax"; Group = "panamax"; }; }; systemd.services.panamax-ui = { description = "Panamax UI"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" "panamax_api.service" ]; path = [ panamax_ui ]; environment = { RAILS_ENV = "production"; JOURNAL_ENDPOINT = cfg.journalEndpoint; PMX_API_PORT_3000_TCP_ADDR = "localhost"; PMX_API_PORT_3000_TCP_PORT = toString cfg.APIPort; SECRET_KEY_BASE = cfg.secretKey; }; preStart = '' mkdir -p ${cfg.dataDir}/ui/state/{log,tmp} chown -R panamax:panamax ${cfg.dataDir} ''; serviceConfig = { ExecStart = "${panamax_ui}/bin/bundle exec rails server --binding 127.0.0.1 --port ${toString cfg.UIPort}"; User = "panamax"; Group = "panamax"; PermissionsStartOnly = true; }; }; users.extraUsers.panamax = { uid = config.ids.uids.panamax; description = "Panamax user"; createHome = true; home = cfg.dataDir; extraGroups = [ "docker" ]; }; services.journald.enableHttpGateway = mkDefault true; services.fleet.enable = mkDefault true; services.cadvisor.enable = mkDefault true; services.cadvisor.port = mkDefault 3002; virtualisation.docker.enable = mkDefault true; environment.systemPackages = [ panamax_api panamax_ui ]; users.extraGroups.panamax.gid = config.ids.gids.panamax; }; }