try add arion example
This commit is contained in:
parent
4ce4742668
commit
0817c730c7
2 changed files with 60 additions and 0 deletions
50
nixos/arion/arion-compose.nix
Normal file
50
nixos/arion/arion-compose.nix
Normal file
|
|
@ -0,0 +1,50 @@
|
||||||
|
|
||||||
|
/*
|
||||||
|
|
||||||
|
DISCLAIMER
|
||||||
|
|
||||||
|
This uses a somewhat hidden feature in NixOS, which is the
|
||||||
|
"runner". It's a script that's available on systemd services
|
||||||
|
that lets you run the service independently from systemd.
|
||||||
|
However, it was clearly not intended for public consumption
|
||||||
|
so please use it with care.
|
||||||
|
It does not support all features of systemd so you are on
|
||||||
|
your own if you use it in production.
|
||||||
|
|
||||||
|
One known issue is that the script does not respond to docker's
|
||||||
|
SIGTERM shutdown signal.
|
||||||
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
{
|
||||||
|
project.name = "nixos-unit";
|
||||||
|
services.webserver = { config, pkgs, ... }: {
|
||||||
|
|
||||||
|
nixos.configuration = {config, lib, options, pkgs, ...}: {
|
||||||
|
boot.isContainer = true;
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.localhost.root = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||||
|
} // lib.optionalAttrs (options?services.nginx.stateDir) {
|
||||||
|
# Work around a problem in NixOS 20.03
|
||||||
|
stateDir = "/var/lib/nginx";
|
||||||
|
};
|
||||||
|
system.build.run-nginx = pkgs.writeScript "run-nginx" ''
|
||||||
|
#!${pkgs.bash}/bin/bash
|
||||||
|
PATH='${config.systemd.services.nginx.environment.PATH}'
|
||||||
|
echo nginx:x:${toString config.users.users.nginx.uid}:${toString config.users.groups.nginx.gid}:nginx web server user:/var/empty:/bin/sh >>/etc/passwd
|
||||||
|
echo nginx:x:${toString config.users.groups.nginx.gid}:nginx >>/etc/group
|
||||||
|
echo 'nobody:x:65534:65534:Unprivileged account do not use:/var/empty:/run/current-system/sw/bin/nologin' >>/etc/passwd
|
||||||
|
echo 'nogroup:x:65534:' >>/etc/group
|
||||||
|
mkdir -p /var/log/nginx /run/nginx/ /var/cache/nginx /var/lib/nginx/{,logs,proxy_temp,client_body_temp,fastcgi_temp,scgi_temp,uwsgi_temp} /tmp/nginx_client_body
|
||||||
|
chown nginx /var/log/nginx /run/nginx/ /var/cache/nginx /var/lib/nginx/{,logs,proxy_temp,client_body_temp,fastcgi_temp,scgi_temp,uwsgi_temp} /tmp/nginx_client_body
|
||||||
|
${config.systemd.services.nginx.runner}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
service.command = [ config.nixos.build.run-nginx ];
|
||||||
|
service.useHostStore = true;
|
||||||
|
service.ports = [
|
||||||
|
"8000:80" # host:container
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
10
nixos/arion/arion-pkgs.nix
Normal file
10
nixos/arion/arion-pkgs.nix
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
## This file is the default location for Arion to look for Nixpkgs when
|
||||||
|
## bootstrapping a deployment configuration.
|
||||||
|
#import ../ {}
|
||||||
|
|
||||||
|
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
|
||||||
|
import <nixpkgs> {
|
||||||
|
# We specify the architecture explicitly. Use a Linux remote builder when
|
||||||
|
# calling arion from other platforms.
|
||||||
|
system = "x86_64-linux";
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue