From 56a032beb86aa5a13b0f073154da031d485ada36 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 27 Aug 2023 19:14:29 +0100 Subject: [PATCH] feat: set up flake This Closes #1 --- .gitignore | 2 + flake.lock | 93 +++++++++++++++++++++++++++++++++++++ flake.nix | 134 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 229 insertions(+) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/.gitignore b/.gitignore index 4efd331..bfe328e 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ .env +result +/result diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..ff915f7 --- /dev/null +++ b/flake.lock @@ -0,0 +1,93 @@ +{ + "nodes": { + "naersk": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1692351612, + "narHash": "sha256-KTGonidcdaLadRnv9KFgwSMh1ZbXoR/OBmPjeNMhFwU=", + "owner": "nix-community", + "repo": "naersk", + "rev": "78789c30d64dea2396c9da516bbcc8db3a475207", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1693060755, + "narHash": "sha256-KNsbfqewEziFJEpPR0qvVz4rx0x6QXxw1CcunRhlFdk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c66ccfa00c643751da2fd9290e096ceaa30493fc", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1693087214, + "narHash": "sha256-Kn1SSqRfPpqcI1MDy82JXrPT1WI8c03TA2F0xu6kS+4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f155f0cf4ea43c4e3c8918d2d327d44777b6cad4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "root": { + "inputs": { + "naersk": "naersk", + "nixpkgs": "nixpkgs_2", + "utils": "utils" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1692799911, + "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..11021b8 --- /dev/null +++ b/flake.nix @@ -0,0 +1,134 @@ +{ + description = "Skynet Discord Bot"; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-23.05"; + naersk.url = "github:nix-community/naersk"; + utils.url = "github:numtide/flake-utils"; + }; + + outputs = { self, nixpkgs, utils, naersk }: utils.lib.eachDefaultSystem (system: + let + pkgs = nixpkgs.legacyPackages."${system}"; + naersk-lib = naersk.lib."${system}"; + package_name = "skynet_discord_bot"; + desc = "Skynet Discord Bot"; + in rec { + + # `nix build` + packages."${package_name}" = naersk-lib.buildPackage { + pname = "${package_name}"; + root = ./.; + + buildInputs = [ + pkgs.openssl + pkgs.pkg-config + ]; + }; + + defaultPackage = packages."${package_name}"; + + # `nix run` + apps."${package_name}" = utils.lib.mkApp { + drv = packages."${package_name}"; + }; + + defaultApp = apps."${package_name}"; + + # `nix develop` + devShell = pkgs.mkShell { + nativeBuildInputs = with pkgs; [ rustc cargo pkg-config openssl]; + }; + + nixosModule = { lib, pkgs, config, ... }: + with lib; + let + cfg = config.services."${package_name}"; + # secret options are in the env file(s) loaded separately + environment_config = { + DISCORD_SERVER = cfg.discord.server; + DISCORD_ROLE_CURRENT = cfg.discord.role.current; + DISCORD_ROLE_PAST = cfg.discord.role.past; + LDAP_API = cfg.ldap; + DISCORD_TIMING_UPDATE = cfg.discord.timing.update; + DISCORD_TIMING_FETCH = cfg.discord.timing.fetch; + }; + in { + options.services."${package_name}" = { + enable = mkEnableOption "enable ${package_name}"; + + env = { + ldap = mkOption rec { + type = types.str; + description = "ENV file with LDAP_DISCORD_AUTH"; + }; + discord = mkOption rec { + type = types.str; + description = "ENV file with DISCORD_TOKEN"; + }; + }; + + discord = { + server = mkOption rec { + type = types.int; + description = "ID of the server the bot runs on"; + }; + role = { + past = mkOption rec { + type = types.int; + description = "ID of the role to apply to all members"; + }; + current = mkOption rec { + type = types.int; + description = "ID of the role to applt to only current members"; + }; + }; + timing = { + update = mkOption rec { + type = types.int; + default = 600; + description = "Time in seconds to update member roles"; + }; + fetch = mkOption rec { + type = types.int; + default = 300; + description = "Time in seconds to get current users"; + }; + }; + }; + + ldap = mkOption rec { + type = types.str; + default = "https://api.account.skynet.ie"; + description = "Location of the ldap api"; + }; + }; + + config = mkIf cfg.enable { + + systemd.services = { + # main service + "${package_name}" = { + description = desc; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + wants = [ ]; + environment = environment_config; + + serviceConfig = { + DynamicUser = "yes"; + Restart = "always"; + ExecStart = "${self.defaultPackage."${system}"}/bin/${package_name}"; + # can have multiple env files + EnvironmentFile = [ + "${cfg.env.ldap}" + "${cfg.env.discord}" + ]; + }; + }; + }; + }; + }; + } + ); +}