adding nornsight.nix #7
@@ -3,7 +3,10 @@ let
|
||||
vars = import ../vars.nix;
|
||||
in
|
||||
{
|
||||
services.audiobookshelf.enable = true;
|
||||
services.audiobookshelf = {
|
||||
enable = true;
|
||||
port = 8000;
|
||||
};
|
||||
systemd.services.audiobookshelf.serviceConfig.WorkingDirectory =
|
||||
lib.mkForce "${vars.docker_configs}/audiobookshelf";
|
||||
users.users.audiobookshelf.home = lib.mkForce "${vars.docker_configs}/audiobookshelf";
|
||||
|
||||
@@ -0,0 +1,107 @@
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
vars = import ../vars.nix;
|
||||
stateDir = "${vars.services}/nornsight";
|
||||
appDir = "${stateDir}/app";
|
||||
binPath = pkgs.lib.makeBinPath [
|
||||
pkgs.binutils
|
||||
pkgs.libpq
|
||||
pkgs.postgresql
|
||||
pkgs.stdenv.cc
|
||||
];
|
||||
libraryPath = pkgs.lib.makeLibraryPath [
|
||||
pkgs.libpq
|
||||
pkgs.postgresql.lib
|
||||
];
|
||||
in
|
||||
{
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${stateDir} 0750 nornsight nornsight - -"
|
||||
];
|
||||
|
||||
users.users.nornsight = {
|
||||
isSystemUser = true;
|
||||
group = "nornsight";
|
||||
home = stateDir;
|
||||
};
|
||||
|
||||
systemd.services.nornsight = {
|
||||
description = "Norn Sight";
|
||||
after = [ "network-online.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment = {
|
||||
HOME = stateDir;
|
||||
UV_CACHE_DIR = "${stateDir}/.cache/uv";
|
||||
UV_PROJECT_ENVIRONMENT = "${appDir}/.venv";
|
||||
UV_PYTHON = "${pkgs.python313}/bin/python3.13";
|
||||
UV_PYTHON_DOWNLOADS = "never";
|
||||
LD_LIBRARY_PATH = libraryPath;
|
||||
LIBRARY_PATH = libraryPath;
|
||||
PSYCOPG_IMPL = "python";
|
||||
};
|
||||
|
||||
path = with pkgs; [
|
||||
bash
|
||||
coreutils
|
||||
git
|
||||
uv
|
||||
];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "nornsight";
|
||||
Group = "nornsight";
|
||||
EnvironmentFile = "-${vars.secrets}/services/nornsight";
|
||||
WorkingDirectory = stateDir;
|
||||
Restart = "on-failure";
|
||||
RestartSec = "5s";
|
||||
StandardOutput = "journal";
|
||||
StandardError = "journal";
|
||||
NoNewPrivileges = true;
|
||||
PrivateTmp = true;
|
||||
ProtectHome = true;
|
||||
ProtectSystem = "strict";
|
||||
ReadWritePaths = [ stateDir ];
|
||||
};
|
||||
|
||||
script = ''
|
||||
set -eu
|
||||
export PATH="${binPath}:$PATH"
|
||||
export LD_LIBRARY_PATH="${libraryPath}:''${LD_LIBRARY_PATH:-}"
|
||||
export LIBRARY_PATH="${libraryPath}:''${LIBRARY_PATH:-}"
|
||||
|
||||
: "''${NORN_SIGHT_REPO_URL:?NORN_SIGHT_REPO_URL is required}"
|
||||
branch="''${NORN_SIGHT_BRANCH:-main}"
|
||||
|
||||
if [ -d "${appDir}/.git" ]; then
|
||||
current_origin="$(git -C "${appDir}" remote get-url origin)"
|
||||
if [ "$current_origin" != "$NORN_SIGHT_REPO_URL" ]; then
|
||||
rm -rf "${appDir}"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ ! -d "${appDir}/.git" ]; then
|
||||
git clone --branch "$branch" "$NORN_SIGHT_REPO_URL" "${appDir}"
|
||||
else
|
||||
cd "${appDir}"
|
||||
git fetch origin "$branch"
|
||||
git checkout "$branch"
|
||||
git pull --ff-only origin "$branch"
|
||||
fi
|
||||
|
||||
cd "${appDir}"
|
||||
uv sync --upgrade
|
||||
uv run python - <<'PY'
|
||||
import ctypes.util
|
||||
import os
|
||||
|
||||
print(f"LD_LIBRARY_PATH={os.environ.get('LD_LIBRARY_PATH')}")
|
||||
print(f"LIBRARY_PATH={os.environ.get('LIBRARY_PATH')}")
|
||||
print(f"libpq={ctypes.util.find_library('pq')}")
|
||||
PY
|
||||
exec uv run uvicorn pipelines.web.main:app --host 0.0.0.0 --port 8001
|
||||
'';
|
||||
};
|
||||
}
|
||||
@@ -81,4 +81,4 @@ backend gitea
|
||||
|
||||
backend norn_sight
|
||||
mode http
|
||||
server server 192.168.90.49:8000
|
||||
server server 127.0.0.1:8001
|
||||
|
||||
Reference in New Issue
Block a user