Add config from text-vm

2024-10-22 14:09:08 +02:00 · 2024-10-22 14:09:08 +02:00 · d22a2d8028
commit d22a2d8028
parent ffb2f7235d
1 changed files with 90 additions and 0 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -37,6 +37,96 @@
      vim
      wget
      curl
      htop
    ];
  };
  openproject = pkgs.fetchFromGithub {
    owner = "bendlas";
    repo = "openproject-nix";
    rev = "";
    sha256 = "";
  };
  services = {
    openssh = {
      enable = true;
      settings.PermitRootLogin = "yes";
    };
    redis = {
      servers = {
        # Queue, naming it "" makes it use default values.
        "".enable = true;
        socketio = {
          enable = true;
          port = 12311;
        };
      };
    };
  };
  networking = {
    firewall = {
      enable = false;
    };
  };
  users = {
    mutableUsers = false;
    extraUsers = {
      root = {
        password = "root";
      };
    };
    users = {
      root = {
      };
      openproject = {
        description = "User to run openproject";
        group = "openproject";
        isSystemUser = true;
        home = "/var/lib/openproject";
        createHome = true;
      }
    };
  };
  systemd = {
    services = {
      openproject = {
        enable = true;
        wantedBy = [ "multi-user.target" ];
        after = [ "mysql.service" "redis.service" "redis-socketio.service" ];
        description = "ERPNext";
        confinement = {
          enable = true;
          packages = [ pkgs.mariadb-client pkgs.nodejs penv ];
        };
        script = ''
          export PYTHON_PATH=${penv}/${pkgs.python3.sitePackages}
          export PATH="${pkgs.mariadb-client}/bin:${pkgs.nodejs}/bin:${penv}/bin:$PATH"
          # Initialize the DB
          # Start the server
        '';
        serviceConfig = {
          User = "erpnext";
          NoNewPrivileges = true;
          Type = "simple";
          BindReadOnlyPaths = [
            "/etc/hosts:/etc/hosts"
            "${pkgs.openproject}:${pkgs.openproject}"
          ];
          BindPaths = [
            "/var/lib/openproject:/var/libopenproject"
          ];
        };
      };
    };
  };
 }