newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mob next [ci-skip] [ci skip] [skip ci]

Browse Source 
lastFile:machines/rigel/configuration.nix
This commit is contained in:
kurogeek
2025-10-09 16:40:44 +07:00
parent 6e554510e4
commit 6611b8f7b9
3 changed files with 95 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
machines/rigel/configuration.nix
View File

@@ -1,4 +1,9 @@
{ inputs, config, ... }:
{
inputs,
config,
pkgs,
...
}:
{
imports = [
(import ../../lib/auto-accept-zerotier-members.nix {
@@ -15,9 +20,32 @@
inputs.self.overlays.default
];
clan.core.vars.generators.inventree = {
files = {
secret-key = {
owner = "inventree";
group = "inventree";
secret = true;
};
oidc-key = {
owner = "inventree";
group = "inventree";
secret = true;
};
};
runtimeInputs = [ pkgs.pwgen ];
script = ''
pwgen -s 32 1 > $out/secret-key
pwgen -s 32 1 > $out/oidc-key
'';
};
services.inventree = {
enable = true;
hostName = "localhost";
hostName = "rigel.local";
config.site_url = "http://${config.services.inventree.hostName}";
secretKeyFile = config.clan.core.vars.generators.inventree.files.secret-key.path;
config.oidc_private_key_file = config.clan.core.vars.generators.inventree.files.oidc-key.path;
};
system.stateVersion = "25.11";

69
modules/nixos/inventree/default.nix
View File

@@ -13,9 +13,9 @@ let
;
configFormat = pkgs.formats.json { };
configFile = "/run/inventree/config.json";
cfg = config.services.inventree;
pkg = cfg.package;
configFile = "${cfg.dataDir}/config.json";
inventree-invoke = pkgs.writeShellApplication {
name = "inventree-invoke";
@@ -125,6 +125,15 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ inventree-invoke ];
systemd.tmpfiles.rules = (
map (dir: "d ${dir} 0755 inventree inventree") [
"${cfg.dataDir}"
"${cfg.dataDir}/static"
"${cfg.dataDir}/media_root"
"${cfg.dataDir}/backups"
]
);
services.inventree.config = {
plugins_enabled = false;
plugin_file = "${cfg.dataDir}/plugins.txt";
@@ -155,6 +164,8 @@ in
users.groups.inventree = { };
services.nginx.enable = true;
services.nginx.virtualHosts.${cfg.hostName} = {
locations =
let
@@ -205,18 +216,41 @@ in
"inventree-qcluster.service"
];
serviceConfig = {
User = "root";
Group = "root";
# User = "root";
# Group = "root";
User = "inventree";
Group = "inventree";
Type = "oneshot";
RemainAfterExit = true;
PrivateTmp = true;
};
environment = {
INVENTREE_CONFIG_FILE = configFile;
INVENTREE_SECRET_KEY_FILE = cfg.secretKeyFile;
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "1";
INVENTREE_STATIC_ROOT = cfg.config.static_root;
INVENTREE_MEDIA_ROOT = cfg.config.media_root;
INVENTREE_BACKUP_DIR = cfg.config.backup_dir;
INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file;
INVENTREE_DB_ENGINE = cfg.config.database.ENGINE;
INVENTREE_DB_NAME = cfg.config.database.NAME;
INVENTREE_DB_HOST = cfg.config.database.HOST;
INVENTREE_DB_USER = "inventree";
INVENTREE_SITE_URL = cfg.config.site_url;
PYTHONPATH = pkg.pythonPath;
};
script = ''
set -euo pipefail
umask u=rwx,g=,o=
chown inventree:inventree ${configFile}
# chown inventree:inventree ${configFile}
${pkg}/opt/inventree/src/backend/InvenTree/manage.py migrate
'';
};
@@ -231,6 +265,15 @@ in
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "1";
INVENTREE_STATIC_ROOT = cfg.config.static_root;
INVENTREE_MEDIA_ROOT = cfg.config.media_root;
INVENTREE_BACKUP_DIR = cfg.config.backup_dir;
INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file;
INVENTREE_DB_ENGINE = cfg.config.database.ENGINE;
INVENTREE_DB_NAME = cfg.config.database.NAME;
INVENTREE_DB_HOST = cfg.config.database.HOST;
INVENTREE_DB_USER = "inventree";
INVENTREE_SITE_URL = cfg.config.site_url;
PYTHONPATH = pkg.pythonPath;
};
@@ -257,6 +300,15 @@ in
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "1";
INVENTREE_PLUGIN_NOINSTALL = "1";
INVENTREE_STATIC_ROOT = cfg.config.static_root;
INVENTREE_MEDIA_ROOT = cfg.config.media_root;
INVENTREE_BACKUP_DIR = cfg.config.backup_dir;
INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file;
INVENTREE_DB_ENGINE = cfg.config.database.ENGINE;
INVENTREE_DB_NAME = cfg.config.database.NAME;
INVENTREE_DB_HOST = cfg.config.database.HOST;
INVENTREE_DB_USER = "inventree";
INVENTREE_SITE_URL = cfg.config.site_url;
PYTHONPATH = pkg.pythonPath;
};
@@ -290,6 +342,15 @@ in
INVENTREE_AUTO_UPDATE = "1";
INVENTREE_PLUGINS_ENABLED = "0";
INVENTREE_PLUGIN_NOINSTALL = "1";
INVENTREE_STATIC_ROOT = cfg.config.static_root;
INVENTREE_MEDIA_ROOT = cfg.config.media_root;
INVENTREE_BACKUP_DIR = cfg.config.backup_dir;
INVENTREE_OIDC_PRIVATE_KEY_FILE = cfg.config.oidc_private_key_file;
INVENTREE_DB_ENGINE = cfg.config.database.ENGINE;
INVENTREE_DB_NAME = cfg.config.database.NAME;
INVENTREE_DB_HOST = cfg.config.database.HOST;
INVENTREE_DB_USER = "inventree";
INVENTREE_SITE_URL = cfg.config.site_url;
PYTHONPATH = pkg.pythonPath;
};

9
overlays/default.nix
View File

@@ -4,13 +4,4 @@
default = final: prev: import (../pkgs/overlay.nix) inputs final prev;
};
# perSystem =
# { system, ... }:
# {
# _module.args.pkgs = import inputs.nixpkgs {
# inherit system;
# overlays = [ inputs.self.overlays.default ];
# config = { };
# };
# };
}