veryroundbird.house / core
forked from tangled.org/core
this repo has no description
fork atom
core / nix / modules / spindle.nix
at master 4.4 kB view raw
1{ 2 config, 3 lib, 4 ... 5}: let 6 cfg = config.services.tangled-spindle; 7in 8 with lib; { 9 options = { 10 services.tangled-spindle = { 11 enable = mkOption { 12 type = types.bool; 13 default = false; 14 description = "Enable a tangled spindle"; 15 }; 16 package = mkOption { 17 type = types.package; 18 description = "Package to use for the spindle"; 19 }; 20 21 server = { 22 listenAddr = mkOption { 23 type = types.str; 24 default = "0.0.0.0:6555"; 25 description = "Address to listen on"; 26 }; 27 28 dbPath = mkOption { 29 type = types.path; 30 default = "/var/lib/spindle/spindle.db"; 31 description = "Path to the database file"; 32 }; 33 34 hostname = mkOption { 35 type = types.str; 36 example = "spindle.tangled.sh"; 37 description = "Hostname for the server (required)"; 38 }; 39 40 jetstreamEndpoint = mkOption { 41 type = types.str; 42 default = "wss://jetstream1.us-west.bsky.network/subscribe"; 43 description = "Jetstream endpoint to subscribe to"; 44 }; 45 46 dev = mkOption { 47 type = types.bool; 48 default = false; 49 description = "Enable development mode (disables signature verification)"; 50 }; 51 52 owner = mkOption { 53 type = types.str; 54 example = "did:plc:qfpnj4og54vl56wngdriaxug"; 55 description = "DID of owner (required)"; 56 }; 57 58 maxJobCount = mkOption { 59 type = types.int; 60 default = 2; 61 example = 5; 62 description = "Maximum number of concurrent jobs to run"; 63 }; 64 65 queueSize = mkOption { 66 type = types.int; 67 default = 100; 68 example = 100; 69 description = "Maximum number of jobs queue up"; 70 }; 71 72 secrets = { 73 provider = mkOption { 74 type = types.str; 75 default = "sqlite"; 76 description = "Backend to use for secret management, valid options are 'sqlite', and 'openbao'."; 77 }; 78 79 openbao = { 80 proxyAddr = mkOption { 81 type = types.str; 82 default = "http://127.0.0.1:8200"; 83 }; 84 mount = mkOption { 85 type = types.str; 86 default = "spindle"; 87 }; 88 }; 89 }; 90 }; 91 92 pipelines = { 93 nixery = mkOption { 94 type = types.str; 95 default = "nixery.tangled.sh"; 96 description = "Nixery instance to use"; 97 }; 98 99 workflowTimeout = mkOption { 100 type = types.str; 101 default = "5m"; 102 description = "Timeout for each step of a pipeline"; 103 }; 104 }; 105 }; 106 }; 107 108 config = mkIf cfg.enable { 109 virtualisation.docker.enable = true; 110 111 systemd.services.spindle = { 112 description = "spindle service"; 113 after = ["network.target" "docker.service"]; 114 wantedBy = ["multi-user.target"]; 115 serviceConfig = { 116 LogsDirectory = "spindle"; 117 StateDirectory = "spindle"; 118 Environment = [ 119 "SPINDLE_SERVER_LISTEN_ADDR=${cfg.server.listenAddr}" 120 "SPINDLE_SERVER_DB_PATH=${cfg.server.dbPath}" 121 "SPINDLE_SERVER_HOSTNAME=${cfg.server.hostname}" 122 "SPINDLE_SERVER_JETSTREAM=${cfg.server.jetstreamEndpoint}" 123 "SPINDLE_SERVER_DEV=${lib.boolToString cfg.server.dev}" 124 "SPINDLE_SERVER_OWNER=${cfg.server.owner}" 125 "SPINDLE_SERVER_MAX_JOB_COUNT=${toString cfg.server.maxJobCount}" 126 "SPINDLE_SERVER_QUEUE_SIZE=${toString cfg.server.queueSize}" 127 "SPINDLE_SERVER_SECRETS_PROVIDER=${cfg.server.secrets.provider}" 128 "SPINDLE_SERVER_SECRETS_OPENBAO_PROXY_ADDR=${cfg.server.secrets.openbao.proxyAddr}" 129 "SPINDLE_SERVER_SECRETS_OPENBAO_MOUNT=${cfg.server.secrets.openbao.mount}" 130 "SPINDLE_NIXERY_PIPELINES_NIXERY=${cfg.pipelines.nixery}" 131 "SPINDLE_NIXERY_PIPELINES_WORKFLOW_TIMEOUT=${cfg.pipelines.workflowTimeout}" 132 ]; 133 ExecStart = "${cfg.package}/bin/spindle"; 134 Restart = "always"; 135 }; 136 }; 137 }; 138 }