update user logic
This commit is contained in:
parent
ddad66dda4
commit
c0d6ee9e8b
1 changed files with 13 additions and 14 deletions
27
flake.nix
27
flake.nix
|
|
@ -143,30 +143,27 @@
|
||||||
in {
|
in {
|
||||||
wantedBy = ["multi-user.target"];
|
wantedBy = ["multi-user.target"];
|
||||||
after = ["network.target" "postgresql.service"];
|
after = ["network.target" "postgresql.service"];
|
||||||
# note that if you are connecting to a postgres instance on a different host
|
|
||||||
# postgresql.service should not be included in the requires.
|
|
||||||
requires = ["network-online.target" "postgresql.service"];
|
requires = ["network-online.target" "postgresql.service"];
|
||||||
description = "zoey computer";
|
description = "zoey computer";
|
||||||
environment = {
|
environment = {
|
||||||
# RELEASE_TMP is used to write the state of the
|
|
||||||
# VM configuration when the system is running
|
|
||||||
# it needs to be a writable directory
|
|
||||||
RELEASE_TMP = working_directory;
|
RELEASE_TMP = working_directory;
|
||||||
# can be generated in an elixir console with
|
PORT = toString cfg.phx.port;
|
||||||
# Base.encode32(:crypto.strong_rand_bytes(32))
|
|
||||||
PORT = "${toString cfg.phx.port}";
|
|
||||||
PHX_HOST = cfg.domain;
|
PHX_HOST = cfg.domain;
|
||||||
PHX_SERVER = toString cfg.phx.enableServer;
|
PHX_SERVER = toString cfg.phx.enableServer;
|
||||||
};
|
};
|
||||||
|
preStart = optionalString (cfg.phx.database.passwordFile != null) ''
|
||||||
|
# Set the password for the database user
|
||||||
|
export PGPASSWORD=$(cat ${cfg.phx.database.passwordFile})
|
||||||
|
echo "ALTER USER ${cfg.phx.database.user} WITH PASSWORD '$PGPASSWORD'" | \
|
||||||
|
runuser -u ${config.services.postgresql.superUser} -- ${config.services.postgresql.package}/bin/psql
|
||||||
|
'';
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "exec";
|
Type = "exec";
|
||||||
DynamicUser = true;
|
DynamicUser = true;
|
||||||
WorkingDirectory = working_directory;
|
WorkingDirectory = working_directory;
|
||||||
# Implied by DynamicUser, but just to emphasize due to RELEASE_TMP
|
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
ExecStart = pkgs.writeShellScript "start-zoeycomputer" ''
|
ExecStart = pkgs.writeShellScript "start-zoeycomputer" ''
|
||||||
export SECRET_KEY_BASE=$(cat ${cfg.phx.secret_key_file})
|
# If a password file is specified, construct DATABASE_URL with password
|
||||||
|
|
||||||
${
|
${
|
||||||
if cfg.phx.database.passwordFile != null
|
if cfg.phx.database.passwordFile != null
|
||||||
then ''
|
then ''
|
||||||
|
|
@ -178,8 +175,11 @@
|
||||||
''
|
''
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Run migrations
|
||||||
${cfg.phx.package}/bin/${release_name} eval "ZoeysComputer.Release.migrate"
|
${cfg.phx.package}/bin/${release_name} eval "ZoeysComputer.Release.migrate"
|
||||||
${cfg.phx.package}/bin/${release_name} start
|
|
||||||
|
# Start the application
|
||||||
|
exec ${cfg.phx.package}/bin/${release_name} start
|
||||||
'';
|
'';
|
||||||
ExecStop = ''
|
ExecStop = ''
|
||||||
${cfg.phx.package}/bin/${release_name} stop
|
${cfg.phx.package}/bin/${release_name} stop
|
||||||
|
|
@ -192,8 +192,7 @@
|
||||||
StartLimitBurst = 3;
|
StartLimitBurst = 3;
|
||||||
StartLimitInterval = 10;
|
StartLimitInterval = 10;
|
||||||
};
|
};
|
||||||
# disksup requires bash
|
path = with pkgs; [bash util-linux];
|
||||||
path = [pkgs.bash pkgs.coreutils];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue