Move riverside to arion with postgres companion service

riverside needs a postgres sidecar which oci-containers can't express.
Also adds docker to arion PATH (fixes forgejo-arion) and creates
/var/riverside/{files,postgres} state directories.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Philip Peterson 2026-05-14 14:23:42 -08:00
parent d0a9b5337f
commit 93506862ec
3 changed files with 78 additions and 8 deletions

View file

@ -0,0 +1,52 @@
{ pkgs, ... }:
{
project.name = "riverside";
networks.riverside.external = false;
services = {
app = {
service = {
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:23c17a769f001c0c41eb78119183549f884555e5604f017b1e03858dc5888d60";
container_name = "riverside";
restart = "unless-stopped";
networks = [ "riverside" ];
environment = {
DB_HOST = "postgres";
DB_NAME = "drupal";
DB_USER = "drupal";
DB_PASS = "drupal";
SITE_NAME = "Portfolio";
};
volumes = [
"/var/riverside/files:/var/www/html/web/sites/default/files"
];
ports = [ "3011:8080" ];
depends_on = [ "postgres" ];
};
};
postgres = {
service = {
image = "postgres:18-alpine";
container_name = "riverside-postgres";
restart = "unless-stopped";
networks = [ "riverside" ];
environment = {
POSTGRES_DB = "drupal";
POSTGRES_USER = "drupal";
POSTGRES_PASSWORD = "drupal";
};
volumes = [
"/var/riverside/postgres:/var/lib/postgresql/data"
];
healthcheck = {
test = [ "CMD-SHELL" "pg_isready -U drupal -d drupal" ];
interval = "5s";
timeout = "5s";
retries = 20;
};
};
};
};
}

View file

@ -0,0 +1,3 @@
import <nixpkgs> {
system = "x86_64-linux";
}

View file

@ -39,6 +39,15 @@
${pkgs.arion}/bin/arion down 2>> /var/log/start-arion-run.log >> /var/log/start-arion-run.log
${pkgs.arion}/bin/arion up -d 2>> /var/log/start-arion-run.log >> /var/log/start-arion-run.log
'';
start-arion-riverside-run = pkgs.writeShellScriptBin "start-arion-riverside-run" ''
set -e
export PATH="${pkgs.nixVersions.stable}/bin:${pkgs.docker}/bin:$PATH"
export NIX_PATH="nixpkgs=${pkgs.path}:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels"
cd /root/petersweb-infra/nixos/arion-riverside
${pkgs.arion}/bin/arion down 2>> /var/log/start-arion-riverside-run.log >> /var/log/start-arion-riverside-run.log
${pkgs.arion}/bin/arion up -d 2>> /var/log/start-arion-riverside-run.log >> /var/log/start-arion-riverside-run.log
'';
in {
imports = [
(import ./cloned_repos {inherit pkgs pullomatic lib;})
@ -83,6 +92,7 @@ in {
# For docker-compose like setups
pkgs.arion
start-arion-run
start-arion-riverside-run
];
swapDevices = [
@ -103,9 +113,22 @@ in {
};
};
systemd.services.riverside-arion = {
description = "Riverside via Arion";
after = [ "network.target" "docker.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${start-arion-riverside-run}/bin/start-arion-riverside-run";
};
};
systemd.tmpfiles.rules = [
"d /home/ironmagma/.config 0755 ${username} users"
"d /root/.config 0755 ${username} users"
"d /var/riverside/files 0755 root root"
"d /var/riverside/postgres 0755 root root"
];
networking.hostName = "${hostname}";
@ -209,14 +232,6 @@ in {
ports = ["3010:8080"];
};
"riverside" = {
autoStart = true;
image = "forge.quinefoundation.com/ironmagma/riverside@sha256:23c17a769f001c0c41eb78119183549f884555e5604f017b1e03858dc5888d60";
volumes = [];
environment = {};
ports = ["3011:8080"];
};
};
};