robin/palantir
1
0
Fork 0
mirror of https://codeberg.org/icewind/palantir.git synced 2026-06-03 18:24:08 +02:00
Code Issues Projects Releases Wiki Activity

fmt flake

Browse source
This commit is contained in:
Robin Appelman 2022-06-25 15:40:12 +02:00
commit df88fd2102
1 changed files with 57 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

102
flake.nix
View file

@ -4,7 +4,12 @@
naersk.url = "github:nix-community/naersk";
};
outputs = { self, nixpkgs, utils, naersk }:
outputs = {
self,
nixpkgs,
utils,
naersk,
}:
utils.lib.eachDefaultSystem (system: let
pkgs = nixpkgs.legacyPackages."${system}";
naersk-lib = naersk.lib."${system}";
@ -13,11 +18,11 @@
packages.palantir = naersk-lib.buildPackage {
pname = "palantir";
root = ./.;
postInstall = ''
mkdir -p $out/lib/udev/rules.d/
echo 'SUBSYSTEM=="powercap", ACTION=="add", RUN+="${pkgs.coreutils-full}/bin/chgrp -R powermonitoring /sys%p", RUN+="${pkgs.coreutils-full}/bin/chmod -R g=u /sys%p"' >> $out/lib/udev/rules.d/51-palantir.rules
echo 'SUBSYSTEM=="powercap", ACTION=="change", ENV{TRIGGER}!="none", RUN+="${pkgs.coreutils-full}/bin/chgrp -R powermonitoring /sys%p", RUN+="${pkgs.coreutils-full}/bin/chmod -R g=u /sys%p"' >> $out/lib/udev/rules.d/51-palantir.rules
'';
postInstall = ''
mkdir -p $out/lib/udev/rules.d/
echo 'SUBSYSTEM=="powercap", ACTION=="add", RUN+="${pkgs.coreutils-full}/bin/chgrp -R powermonitoring /sys%p", RUN+="${pkgs.coreutils-full}/bin/chmod -R g=u /sys%p"' >> $out/lib/udev/rules.d/51-palantir.rules
echo 'SUBSYSTEM=="powercap", ACTION=="change", ENV{TRIGGER}!="none", RUN+="${pkgs.coreutils-full}/bin/chgrp -R powermonitoring /sys%p", RUN+="${pkgs.coreutils-full}/bin/chmod -R g=u /sys%p"' >> $out/lib/udev/rules.d/51-palantir.rules
'';
};
defaultPackage = packages.palantir;
@ -29,53 +34,60 @@
# `nix develop`
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [ rustc cargo ];
nativeBuildInputs = with pkgs; [rustc cargo];
};
}) // {
nixosModule = { config, lib, pkgs, ... }:
with lib;
let cfg = config.palantir.services.palantir;
in {
options.palantir.services.palantir = {
enable = mkEnableOption "Enables the palantir service";
})
// {
nixosModule = {
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.palantir.services.palantir;
in {
options.palantir.services.palantir = {
enable = mkEnableOption "Enables the palantir service";
port = mkOption rec {
type = types.int;
default = 5665;
example = default;
description = "The port to listen on";
};
};
port = mkOption rec {
type = types.int;
default = 5665;
example = default;
description = "The port to listen on";
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ cfg.port ];
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [cfg.port];
users.groups.palantir = {};
users.groups.powermonitoring = {};
users.users.palantir = {
isSystemUser = true;
group = "palantir";
extraGroups = [ "powermonitoring" ];
};
users.groups.palantir = {};
users.groups.powermonitoring = {};
users.users.palantir = {
isSystemUser = true;
group = "palantir";
extraGroups = ["powermonitoring"];
};
services.udev.packages = [ self.defaultPackage.${pkgs.system} ];
services.udev.packages = [self.defaultPackage.${pkgs.system}];
systemd.services."palantir" = {
wantedBy = [ "multi-user.target" ];
systemd.services."palantir" = {
wantedBy = ["multi-user.target"];
serviceConfig = let pkg = self.defaultPackage.${pkgs.system};
in {
Restart = "on-failure";
ExecStart = "${pkg}/bin/palantir";
User = "palantir";
Environment = "PORT=${toString cfg.port}";
PrivateTmp = true;
ProtectSystem = "full";
ProtectHome = true;
NoNewPrivileges = true;
serviceConfig = let
pkg = self.defaultPackage.${pkgs.system};
in {
Restart = "on-failure";
ExecStart = "${pkg}/bin/palantir";
User = "palantir";
Environment = "PORT=${toString cfg.port}";
PrivateTmp = true;
ProtectSystem = "full";
ProtectHome = true;
NoNewPrivileges = true;
};
};
};
};
};
};
};
}