Skip to content

Commit

Permalink
go back to proper flake.nix
Browse files Browse the repository at this point in the history
  • Loading branch information
@CSchank
CSchank authored Oct 1, 2024
1 parent 031ca4c commit 8a4d216
Showing 1 changed file with 144 additions and 27 deletions.
171 changes: 144 additions & 27 deletions flake.nix
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,146 @@
{
"image": "mcr.microsoft.com/devcontainers/base:alpine",
"features": {
"ghcr.io/devcontainers/features/nix:1": {
"multiUser": true,
"version": "latest",
// Needed for flakes & nix-direnv:
"extraNixConfig": "experimental-features = nix-command flakes,keep-outputs = true,keep-derivations = true"
}
},
"onCreateCommand": {
// Set up global gitignore for direnv.
"init-git": "mkdir -p ~/.config/git && printf '.direnv/\\n.envrc\\n' > ~/.config/git/ignore && git config --global core.excludesfile ~/.config/git/ignore",
// Install, set up and allow direnv in workspace.
"install-direnv": "nix profile install nixpkgs#direnv nixpkgs#nix-direnv && mkdir -p ~/.config/direnv && echo 'source $HOME/.nix-profile/share/nix-direnv/direnvrc' >> ~/.config/direnv/direnvrc && cp .envrc.recommended .envrc && direnv allow",
// Run `print-dev-env` to build `devShells.${system}.default`.
"build-dev-env": "nix print-dev-env > /dev/null"
},
"customizations": {
"vscode": {
"extensions": [
// Inject direnv variables into VS Code terminals and tasks:
"mkhl.direnv",
// Support for `.nix` files:
"jnoortheen.nix-ide"
]
}
}
inputs = {
ihp.url = "github:digitallyinduced/ihp/v1.3";
nixpkgs.follows = "ihp/nixpkgs";
flake-parts.follows = "ihp/flake-parts";
devenv.follows = "ihp/devenv";
systems.follows = "ihp/systems";
};

outputs = inputs@{ self, nixpkgs, ihp, flake-parts, systems, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {

systems = import systems;
imports = [ ihp.flakeModules.default ];

perSystem = { pkgs, ... }: {
ihp = {
# appName = "app"; # Available with v1.4 or latest master
enable = true;
projectPath = ./.;
packages = with pkgs; [
# Native dependencies, e.g. imagemagick
];
haskellPackages = p: with p; [
# Haskell dependencies go here
p.ihp
cabal-install
base
wai
text

# Uncomment on local development for testing
# hspec
];
};

# Custom configuration that will start with `devenv up`
devenv.shells.default = {
# Start Mailhog on local development to catch outgoing emails
# services.mailhog.enable = true;

# Custom processes that don't appear in https://devenv.sh/reference/options/
processes = {
# Uncomment if you use tailwindcss.
# tailwind.exec = "tailwindcss -c tailwind/tailwind.config.js -i ./tailwind/app.css -o static/app.css --watch=always";
};
};
};

# Adding the new NixOS configuration for "qa"
# See https://ihp.digitallyinduced.com/Guide/deployment.html#deploying-with-deploytonixos for more info
# Used to deploy the IHP application to AWS.
#
# Change the `CHANGE-ME` to your correct config.
flake.nixosConfigurations."qa" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = inputs;
modules = [
"${nixpkgs}/nixos/modules/virtualisation/amazon-image.nix"
ihp.nixosModules.appWithPostgres
({ lib, pkgs, ... }: {

networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 ];
};

# Enable the Let's encrypt certificate
security.acme.defaults.email = "[email protected]";

# Accept the terms of service of the Let's encrypt provider.
security.acme.acceptTerms = true;

services.nginx = {
virtualHosts."CHANGE-ME.com" = {
# Uncomment to have http auth with username `foo` and password `bar`.
# basicAuth = { foo = "bar"; };
};
};

# Logging to AWS CloudWatch
# services.vector = {
# enable = true;
# journaldAccess = true;
# settings = {
# sources.journald = {
# type = "journald";
# # Log only the services we care about
# include_units = ["app.service" "nginx.service" "worker.service"];
# };

# sinks.out = {
# group_name = "CHANGE-ME";
# stream_name = "CHANGE-ME";
# # Change the region to the correct one, e.g. `us-east-1`
# region = "CHANGE-ME";
# auth = {
# access_key_id = "CHANGE-ME";
# secret_access_key = "CHANGE-ME";
# };
# inputs = ["journald"];
# type = "aws_cloudwatch_logs";
# compression = "gzip";
# encoding.codec = "json";
# };
# };
# };

services.ihp = {
domain = "CHANGE-ME.com";
migrations = ./Application/Migration;
schema = ./Application/Schema.sql;
fixtures = ./Application/Fixtures.sql;
sessionSecret = "CHANGE-ME";
# Uncomment to use a custom database URL
# databaseUrl = lib.mkForce "postgresql://postgres:...CHANGE-ME";

additionalEnvVars = {
# Uncomment to use a custom session secret, ensuring sessions aren't invalidated
# on each deploy.
# Learn how to create the secret key in https://ihp.digitallyinduced.com/Guide/deployment.html#ihpsessionsecret
# IHP_SESSION_SECRET = "CHANGE-ME";

SMTP_HOST = "email-smtp.eu-west-1.amazonaws.com";
SMTP_PORT = "587";
SMTP_ENCRYPTION = "STARTTLS";

SMTP_USER = "CHANGE-ME";
SMTP_PASSWORD = "CHANGE-ME";

AWS_ACCESS_KEY_ID = "CHANGE-ME";
AWS_SECRET_ACCESS_KEY = "CHANGE-ME";
};
};
# As we use a pre-built AMI on AWS,
# it is essential to enable automatic updates.
# @see https://nixos.wiki/wiki/Automatic_system_upgrades
system.autoUpgrade.enable = true;
# Keep as is. See https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.05";
})
];
};

};
}

0 comments on commit 8a4d216

Please sign in to comment.