This repository has been archived by the owner on Jan 2, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathflake.nix
170 lines (155 loc) · 5.81 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
{
description = ''
banwebplus2, an NMT Banweb client.
This flake automatically configures a MariaDB server and an Apache
server, and should get the service up and running out of the box.
(TLS is not directly supported out of the box, but should be easy
to add; I do it by running this module inside a NixOS container,
then using an nginx virtual host with ACME.) It also configures a
systemd timer to run the scraping script on a regular basis.
'';
outputs = { self, nixpkgs }: {
nixosModules.default = { config, lib, pkgs, ... }: {
options = with lib; {
services.banwebplus2 = {
enable = mkOption {
description = ''
Enable banwebplus2, an NMT Banweb client.
'';
default = false;
};
domainName = mkOption {
description = ''
The domain name banwebplus2 is being hosted on; this is
used for configuring Apache httpd, and also for a few
on-site links and such.
'';
default = "localhost";
};
# don't really think it'll ever change, but the tool exposes
# this option and it doesn't seem *completely* useless.
timezone = mkOption {
description = ''
Time zone to display banwebplus2 dates and times in. For
NMT this should almost always be America/Denver.
'';
default = "America/Denver";
};
feedbackEmail = mkOption {
description = ''
E-mail address to direct feedback on the site to.
'';
default = "[email protected]";
};
# Note that the tool provides options for SQL database
# address and credentials; we're assuming here that the
# database is hosted on the server machine (I don't think
# there will ever be a reason not to do so). Given this
# fact, we use UNIX socket authentication instead and never
# set an SQL password.
};
};
config =
let
svcCfg = config.services.banwebplus2;
mysqlConfig = pkgs.writeTextDir "resources/mysql_config.ini" ''
host = localhost
user = wwwrun
password = this-string-does-not-matter
'';
serverConfig = pkgs.writeTextDir "resources/server_config.ini" ''
maindb=beanweb
global_path_to_jquery=/jquery/js/jquery-1.9.0.js
timezone=${svcCfg.timezone}
fqdn=${svcCfg.domainName}
feedback_email=${svcCfg.feedbackEmail}
'';
mergedRoot = pkgs.symlinkJoin {
name = "banwebplus2";
paths = [
./.
mysqlConfig
serverConfig
];
};
# PHP will try to resolve references inside those files
# relative to the real files, not the symlinks, which is
# hella annoying for us. Fix it by making a version without
# symlinks.
unSymlinkedRoot = pkgs.runCommand "banwebplus2" { } ''
cp -rL ${mergedRoot} $out
'';
in
lib.mkIf svcCfg.enable {
# The program's current design makes it *really* hard to run
# without writing data into the source code repository
# (specifically scraped course data). We'll fix it later;
# for now we'll just drop a complete copy of the source code
# into /var/lib/banwebplus2. Delete the old copy if there's
# one already there, but preserve the `scraping` directory.
system.activationScripts.banwebplus2-home = ''
if [ -e /var/lib/banwebplus2/scraping ]; then
scraping_tmp=$(mktemp -d)
mv /var/lib/banwebplus2/scraping $scraping_tmp/scraping
else
scraping_tmp=/nowhere
fi
rm -rf /var/lib/banwebplus2
cp -rL ${mergedRoot} /var/lib/banwebplus2
chmod -R u+w /var/lib/banwebplus2
if [ -e $scraping_tmp ]; then
rm -rf /var/lib/banwebplus2/scraping
mv $scraping_tmp/scraping /var/lib/banwebplus2/scraping
rm -rf $scraping_tmp
fi
chown -R wwwrun:wwwrun /var/lib/banwebplus2
'';
services.httpd = {
enable = true;
enablePHP = true;
virtualHosts.${svcCfg.domainName} = {
documentRoot = "/var/lib/banwebplus2";
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
ensureUsers = [{
# wwwrun is the default username used by httpd.
name = "wwwrun";
ensurePermissions = {
"beanweb.*" = "ALL PRIVILEGES";
};
}];
ensureDatabases = [ "beanweb" ];
};
systemd = {
services.banwebplus2-scrape = {
description = "Scraper for NMT Banweb";
serviceConfig.User = "wwwrun";
script = ''
set -x
cd /var/lib/banwebplus2/scraping
./new_mexico_tech_banweb.py -v
${pkgs.php}/bin/php ./php_to_mysql.php
'';
path = [
(pkgs.python3.withPackages (pkgs: [
pkgs.urllib3
pkgs.beautifulsoup4
]))
];
};
timers.banwebplus2-scrape = {
description = "Run banweb scrape every hour";
wantedBy = [ "timers.target" ];
timerConfig = {
# Run scrape job every hour, on the hour.
OnCalendar = "* *-*-* *:00:00";
};
};
};
};
};
};
}