From d22a2d8028793b2e8afce8d85d436cd07b33f92b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20H=C3=BCbner?= Date: Tue, 22 Oct 2024 14:09:08 +0200 Subject: [PATCH] Add config from text-vm --- configuration.nix | 90 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) diff --git a/configuration.nix b/configuration.nix index 692b0d4..e03c694 100644 --- a/configuration.nix +++ b/configuration.nix @@ -37,6 +37,96 @@ vim wget curl + htop ]; }; + + openproject = pkgs.fetchFromGithub { + owner = "bendlas"; + repo = "openproject-nix"; + rev = ""; + sha256 = ""; + }; + + services = { + openssh = { + enable = true; + settings.PermitRootLogin = "yes"; + }; + redis = { + servers = { + # Queue, naming it "" makes it use default values. + "".enable = true; + + socketio = { + enable = true; + port = 12311; + }; + }; + }; + }; + + networking = { + firewall = { + enable = false; + }; + }; + + users = { + mutableUsers = false; + + extraUsers = { + root = { + password = "root"; + }; + }; + + users = { + root = { + + }; + openproject = { + description = "User to run openproject"; + group = "openproject"; + isSystemUser = true; + home = "/var/lib/openproject"; + createHome = true; + } + }; + }; + + systemd = { + services = { + openproject = { + enable = true; + wantedBy = [ "multi-user.target" ]; + after = [ "mysql.service" "redis.service" "redis-socketio.service" ]; + description = "ERPNext"; + confinement = { + enable = true; + packages = [ pkgs.mariadb-client pkgs.nodejs penv ]; + }; + script = '' + export PYTHON_PATH=${penv}/${pkgs.python3.sitePackages} + export PATH="${pkgs.mariadb-client}/bin:${pkgs.nodejs}/bin:${penv}/bin:$PATH" + + # Initialize the DB + # Start the server + + ''; + serviceConfig = { + User = "erpnext"; + NoNewPrivileges = true; + Type = "simple"; + BindReadOnlyPaths = [ + "/etc/hosts:/etc/hosts" + "${pkgs.openproject}:${pkgs.openproject}" + ]; + BindPaths = [ + "/var/lib/openproject:/var/libopenproject" + ]; + }; + }; + }; + }; }