make changes to semitamaps container

2025-02-14 19:14:32 +00:00 · 2025-02-14 19:14:32 +00:00 · 4552297c29
commit 4552297c29
parent c2b13f6908
1 changed files with 16 additions and 11 deletions
--- a/hosts/common/optional/nixos-containers/semitamaps.nix
+++ b/hosts/common/optional/nixos-containers/semitamaps.nix
@ -8,9 +8,10 @@
  pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
  hostAddress = configVars.networking.addresses.semitamaps.hostAddress;
  localAddress = configVars.networking.addresses.semitamaps.localAddress;
+  workingDirectory = "/var/www/semitamaps";
 in {
  systemd.tmpfiles.rules = [
-    "d /var/run/sockets 0770 root root -"
+    "d /var/run/sockets 0660 www-data www-data -"
  ];

  networking = {
@ -62,6 +63,12 @@ in {
        useHostResolvConf = lib.mkForce false;
      };

+      systemd.tmpfiles.rules = [
+        "d ${workingDirectory} 0750 www-data www-data"
+        "d ${workingDirectory}/.venv 0750 www-data www-data"
+        "d ${workingDirectory}/public/uploads 0775 www-data www-data"
+      ];
+
      services.resolved.enable = true;

      imports = [
@ -77,28 +84,26 @@ in {
        settings.PasswordAuthentication = false;
      };

-      systemd.services.semitamaps-api = {
+      systemd.services.semitamaps = {
        wantedBy = ["multi-user.target"];
        after = ["network.target"];
-        description = "Deploys and serves semitamaps api";
+        description = "Deploys and serves semitamaps";
        environment = {
        };
        serviceConfig = {
-          ExecStartPre = pkgs.writeShellScript "semitamaps-api-prestart" ''
+          WorkingDirectory = "${workingDirectory}";
+          ExecStartPre = pkgs.writeShellScript "semitamaps-prestart" ''
            set -e

            GITCMD="${pkgs.openssh}/bin/ssh -i /etc/ssh/ssh_host_ed25519_key"
-            if [ ! -d "/srv/semitamaps" ]; then
+            if [ ! -d ${workingDirectory}/.git ]; then
              export GIT_SSH_COMMAND=$GITCMD
-              ${pkgs.git}/bin/git clone git@git.bitlab21.com:sam/semitamaps.com.git /srv/semitamaps
-              mkdir /srv/semitamaps/.venv
+              ${pkgs.git}/bin/git clone git@git.bitlab21.com:sam/semitamaps.com.git ${workingDirectory}
            fi
-            cd /srv/semitamaps
            ${pkgs.poetry}/bin/poetry install
          '';
-          ExecStart = pkgs.writeShellScript "semitamaps-api-start" ''
-            cd /srv/semitamaps
-            .venv/bin/python .venv/bin/uvicorn --workers 4 --uds /var/run/sockets/baseddata.sock backend.app:app
+          ExecStart = pkgs.writeShellScript "semitamaps-start" ''
+            .venv/bin/python .venv/bin/uvicorn --workers 4 --uds /var/run/sockets/semitamaps.sock app:app
          '';
          Restart = "on-failure";
        };