From c80a5e9a872c834fbfd9a0610be94fff359dadf9 Mon Sep 17 00:00:00 2001
From: Antoine Martin <antoine@alarsyo.net>
Date: Sun, 12 Sep 2021 20:43:54 +0200
Subject: [PATCH] services: setup prololo test service

---
 hosts/poseidon/default.nix           |  13 +++++
 secrets/default.nix                  |   4 ++
 secrets/prololo-github-secret.secret | Bin 0 -> 30 bytes
 secrets/prololo-password.secret      | Bin 0 -> 87 bytes
 secrets/prololo-room.secret          | Bin 0 -> 54 bytes
 services/default.nix                 |   1 +
 services/prololo.nix                 |  80 +++++++++++++++++++++++++++
 7 files changed, 98 insertions(+)
 create mode 100644 secrets/prololo-github-secret.secret
 create mode 100644 secrets/prololo-password.secret
 create mode 100644 secrets/prololo-room.secret
 create mode 100644 services/prololo.nix

diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index fb55c25..2eee87c 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -134,6 +134,19 @@ in
       enable = true;
     };
 
+    prololo = {
+      enable = true;
+      port = 8089;
+      settings = {
+        matrix_username = "prololo";
+        matrix_password = config.my.secrets.prololo_password;
+        matrix_homeserver = "https://matrix.alarsyo.net";
+        matrix_room_id = config.my.secrets.prololo_room;
+        matrix_state_dir = "./prololo_state_dir";
+        github_secret = config.my.secrets.prololo_github_secret;
+      };
+    };
+
     tailscale = {
       enable = true;
       exitNode = true;
diff --git a/secrets/default.nix b/secrets/default.nix
index 59c9049..522b240 100644
--- a/secrets/default.nix
+++ b/secrets/default.nix
@@ -20,5 +20,9 @@ with lib;
     restic-backup = import ./restic-backup { inherit lib; };
 
     matrixEmailConfig = import ./matrix-email-config.nix;
+
+    prololo_password = lib.fileContents ./prololo-password.secret;
+    prololo_room = lib.fileContents ./prololo-room.secret;
+    prololo_github_secret = lib.fileContents ./prololo-github-secret.secret;
   };
 }
diff --git a/secrets/prololo-github-secret.secret b/secrets/prololo-github-secret.secret
new file mode 100644
index 0000000000000000000000000000000000000000..e63c13e69ab8d50a735a09a118e2df097ba2f3a3
GIT binary patch
literal 30
mcmZQ@_Y83kiVO&0ILonr-=P(`3e6Ic!TFn>ZSh=R+y(%uGYqo;

literal 0
HcmV?d00001

diff --git a/secrets/prololo-password.secret b/secrets/prololo-password.secret
new file mode 100644
index 0000000000000000000000000000000000000000..039626324fcbe7bc98d49ace35c7202ace55bd76
GIT binary patch
literal 87
zcmV-d0I2@}M@dveQdv+`06EM>cs|n{{q8*Dh4T2LFo{mSL~`*klK9pKMMTR-V6-{<
tI`~l04U#fPuH&`P$KfTJM7t>VdPOdi<HIh`S6`m9o<|$tq%=k+w80zED=z>5

literal 0
HcmV?d00001

diff --git a/secrets/prololo-room.secret b/secrets/prololo-room.secret
new file mode 100644
index 0000000000000000000000000000000000000000..3ce60010f52ea0e4c84d70ce09320471b32ec005
GIT binary patch
literal 54
zcmZQ@_Y83kiVO&0V9QCVHLus(bwlJ!N^N0I7{{wjql~>XwD&6d@CmGw55IIn+|d2i
KqEH6zOZ5O0f)uj=

literal 0
HcmV?d00001

diff --git a/services/default.nix b/services/default.nix
index 9412e57..1522988 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -21,6 +21,7 @@
     ./pipewire.nix
     ./postgresql-backup.nix
     ./postgresql.nix
+    ./prololo.nix
     ./restic-backup.nix
     ./tailscale.nix
     ./tgv.nix
diff --git a/services/prololo.nix b/services/prololo.nix
new file mode 100644
index 0000000..8976551
--- /dev/null
+++ b/services/prololo.nix
@@ -0,0 +1,80 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.my.services.prololo;
+  my = config.my;
+  domain = config.networking.domain;
+  prololoPkg =
+    let
+      flake = builtins.getFlake "github:alarsyo/prololo-reborn?rev=40da010f5782bc760c83ac9883716970fcee40ff";
+    in
+      flake.defaultPackage."x86_64-linux"; # FIXME: use correct system
+  settingsFormat = pkgs.formats.yaml {};
+in
+{
+  options.my.services.prololo = {
+    enable = lib.mkEnableOption "Prololo Matrix bot";
+
+    home = mkOption {
+      type = types.str;
+      default = "/var/lib/prololo";
+      example = "/var/lib/prololo";
+      description = "Home for the prololo service, where data will be stored";
+    };
+
+    port = mkOption {
+      type = types.port;
+      default = 8080;
+      example = 8080;
+      description = "Internal port for Prololo Rocket server";
+    };
+
+    settings = mkOption {
+      type = settingsFormat.type;
+      default = {};
+    };
+  };
+
+  config =
+    let
+      configFile = settingsFormat.generate "config.yaml" cfg.settings;
+    in mkIf cfg.enable
+      {
+        systemd.services.prololo = {
+          wantedBy = [ "multi-user.target" ];
+          serviceConfig = {
+            Environment = [
+              "ROCKET_PORT=${toString cfg.port}"
+              "ROCKET_LOG_LEVEL=normal"
+              "RUST_LOG=rocket=info,prololo_reborn=trace"
+            ];
+            ExecStart = "${prololoPkg}/bin/prololo-reborn --config ${configFile}";
+            StateDirectory = "prololo";
+            WorkingDirectory = cfg.home;
+            User = "prololo";
+            Group = "prololo";
+          };
+        };
+
+        users.users.prololo = {
+          isSystemUser = true;
+          home = cfg.home;
+          createHome = true;
+          group = "prololo";
+        };
+        users.groups.prololo = { };
+
+        services.nginx.virtualHosts = {
+          "prololo.${domain}" = {
+            forceSSL = true;
+            useACMEHost = domain;
+
+            locations."/" = {
+              proxyPass = "http://127.0.0.1:${toString cfg.port}";
+            };
+          };
+        };
+      };
+}