diff options
| author | Nathan Perry <np@nathanperry.dev> | 2022-11-30 00:40:37 -0500 |
|---|---|---|
| committer | Nathan Perry <np@nathanperry.dev> | 2022-11-30 00:40:37 -0500 |
| commit | 7b81c1105558fdad28cd2555fa24cb06453e6ad6 (patch) | |
| tree | a8121cc5b094caee25b1f9dbebc03a535377822a | |
| parent | 1a74c1560a420915ceb6d0da911ea1e632472dd5 (diff) | |
nix: move init script to file
| -rw-r--r-- | flake.nix | 94 | ||||
| -rwxr-xr-x | nix/dbinit.sh | 49 |
2 files changed, 103 insertions, 40 deletions
@@ -98,6 +98,7 @@ devShells.default = pkgs.mkShell { buildInputs = (with pkgs; [ devToolchain + shellcheck ]) ++ (deps pkgs); RUST_SRC_PATH = "${devToolchain}/lib/rustlib/src/rust"; @@ -108,7 +109,6 @@ type = "app"; program = "${pkg}/bin/thulani"; }; - }) // { hydraJobs.thulani.x86_64-linux = self.packages.x86_64-linux.default; @@ -125,11 +125,21 @@ self.nixosModules.default "${nixpkgs}/nixos/modules/virtualisation/qemu-vm.nix" - ({ lib, ... }: { + ({ config, lib, pkgs, ... }: { nixpkgs.overlays = [ self.overlays.default ]; + environment.systemPackages = with pkgs; [ + (writeShellScriptBin "jl" '' + journalctl -eu thulani | cat + '') + + (writeShellScriptBin "s" '' + exec systemctl status thulani $@ + '') + ]; + users = { mutableUsers = false; @@ -148,6 +158,8 @@ groups.test = {}; }; + security.sudo.wheelNeedsPassword = false; + virtualisation = { cores = 8; graphics = false; @@ -159,6 +171,17 @@ services.thulani = { enable = true; + environment = { + STEAM_API_KEY = ""; + SHEETS_API_KEY = ""; + SPREADSHEET_ID = ""; + THULANI_CLIENT_ID = "1"; + THULANI_TOKEN = ""; + VOICE_CHANNEL = "1"; + OWNER_ID = "1"; + TARGET_GUILD = "1"; + }; + postgres = { enable = true; }; @@ -181,16 +204,7 @@ environment = mkOption { description = "literal environment to include"; - type = attrsOf str; - - default = { - RUST_BACKTRACE = "1"; - MAX_HIST = "30"; - DEFAULT_HIST = "5"; - MAX_SHEET_COLUMN = "ZZZ"; - } // (optionalAttrs cfg.postgres.enable { - DATABASE_URL = "postgres://${cfg.user}@/${cfg.postgres.db}"; - }); + type = attrs; }; envFiles = mkOption { @@ -211,6 +225,18 @@ default = "thulani"; }; + userIdMappingFile = mkOption { + description = "user id mapping file"; + type = nullOr path; + default = null; + }; + + restrictFile = mkOption { + description = "restrict file"; + type = nullOr path; + default = null; + }; + postgres = mkOption { description = "local postgres server with automatic setup"; @@ -229,6 +255,20 @@ }; config = lib.mkIf cfg.enable { + services.thulani.environment = { + RUST_BACKTRACE = lib.mkDefault "1"; + MAX_HIST = lib.mkDefault "30"; + DEFAULT_HIST = lib.mkDefault "5"; + MAX_SHEET_COLUMN = lib.mkDefault "ZZZ"; + YTDL = lib.mkDefault "${pkgs.yt-dlp}/bin/yt-dlp"; + FFMPEG = lib.mkDefault "${pkgs.ffmpeg_4}/bin/ffmpeg"; + + RESTRICT = lib.mkIf (cfg.restrictFile != null) "${cfg.restrictFile}"; + USER_ID_MAPPING = lib.mkIf (cfg.userIdMappingFile != null) "${cfg.userIdMappingFile}"; + + DATABASE_URL = lib.mkIf cfg.postgres.enable "postgres://${cfg.user}@/${cfg.postgres.db}"; + }; + systemd.services.thulani = { description = "thulani bot"; @@ -255,35 +295,9 @@ Type = "exec"; ExecStart = "${cfg.package}/bin/thulani"; ExecStartPre = let - invokePsql = "${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} -- ${config.services.postgresql.package}/bin/psql"; - preStart = pkgs.writeShellScript "thulani-dbinit" '' - set -euo pipefail - - ${invokePsql} <<'EOF' - DO $$ - BEGIN - CREATE ROLE ${cfg.user} WITH LOGIN; - EXCEPTION WHEN duplicate_object THEN RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE; - END - $$; - - SELECT 'CREATE DATABASE ${cfg.postgres.db}' - WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '${cfg.postgres.db}')\gexec - - ALTER DATABASE ${cfg.postgres.db} OWNER TO ${cfg.user}; - EOF - - echo 'CREATE EXTENSION IF NOT EXISTS pgcrypto' | ${invokePsql} ${cfg.postgres.db} - - for tbl in $(${invokePsql} -qAt -c "select tablename from pg_tables where schemaname = 'public';" ${cfg.postgres.db}) \ - $(${invokePsql} -qAt -c "select sequence_name from information_schema.sequences where sequence_schema = 'public';" ${cfg.postgres.db}) \ - $(${invokePsql} -qAt -c "select table_name from information_schema.views where table_schema = 'public';" ${cfg.postgres.db}) ; - do - ${invokePsql} -c "alter table \"$tbl\" owner to ${cfg.user}" ${cfg.postgres.db}; - done - ''; + preStart = pkgs.writeShellScript "thulani-dbinit" (builtins.readFile ./nix/dbinit.sh); - in "+${preStart}"; + in lib.mkIf cfg.postgres.enable "+${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} -- ${preStart} ${config.services.postgresql.package}/bin/psql ${cfg.postgres.db} ${cfg.user}"; EnvironmentFile = cfg.envFiles; diff --git a/nix/dbinit.sh b/nix/dbinit.sh new file mode 100755 index 0000000..9ca7481 --- /dev/null +++ b/nix/dbinit.sh @@ -0,0 +1,49 @@ +#!/usr/bin/env bash + +set -euo pipefail + +PSQL=$1 +DB=$2 +DB_USER=$3 + +echo 'creating role, database, assigning owner...' + +"$PSQL" <<EOF +DO \$\$ +BEGIN +CREATE ROLE $DB_USER WITH LOGIN; +EXCEPTION WHEN duplicate_object THEN RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE; +END +\$$; + +SELECT 'CREATE DATABASE $DB' +WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = '$DB')\gexec + +ALTER DATABASE $DB OWNER TO $DB_USER; +EOF + +echo 'echo creating pgcrypto extension...' + +"$PSQL" -c "CREATE EXTENSION IF NOT EXISTS pgcrypto;" "$DB" + +readarray -t TABLES < <("$PSQL" -qAt -c "SELECT tablename FROM pg_tables WHERE schemaname = 'public';" "$DB") +readarray -t SEQUENCES < <("$PSQL" -qAt -c "SELECT sequence_name FROM information_schema.sequences WHERE sequence_schema = 'public';" "$DB") +readarray -t VIEWS < <("$PSQL" -qAt -c "SELECT table_name FROM information_schema.views WHERE table_schema = 'public';" "$DB") + +cat <<EOF >&2 +patching owner: + tables: ${TABLES[*]} + sequences: ${SEQUENCES[*]} + views: ${VIEWS[*]} +EOF + +STMT="" + +for tbl in "${TABLES[@]}" "${SEQUENCES[@]}" "${VIEWS[@]}"; do + STMT+="ALTER TABLE \"$tbl\" OWNER TO $DB_USER;" + STMT+=$'\n' +done + +"$PSQL" -c "$STMT" "$DB" + +echo "success" |