From 93506862ec8dac190edd0bb45edef37d96ac76ae Mon Sep 17 00:00:00 2001 From: Philip Peterson Date: Thu, 14 May 2026 14:23:42 -0800 Subject: [PATCH] Move riverside to arion with postgres companion service riverside needs a postgres sidecar which oci-containers can't express. Also adds docker to arion PATH (fixes forgejo-arion) and creates /var/riverside/{files,postgres} state directories. Co-Authored-By: Claude Sonnet 4.6 --- nixos/arion-riverside/arion-compose.nix | 52 +++++++++++++++++++++++++ nixos/arion-riverside/arion-pkgs.nix | 3 ++ nixos/linux.nix | 31 +++++++++++---- 3 files changed, 78 insertions(+), 8 deletions(-) create mode 100644 nixos/arion-riverside/arion-compose.nix create mode 100644 nixos/arion-riverside/arion-pkgs.nix diff --git a/nixos/arion-riverside/arion-compose.nix b/nixos/arion-riverside/arion-compose.nix new file mode 100644 index 0000000..1d9c4ee --- /dev/null +++ b/nixos/arion-riverside/arion-compose.nix @@ -0,0 +1,52 @@ +{ pkgs, ... }: +{ + project.name = "riverside"; + + networks.riverside.external = false; + + services = { + app = { + service = { + image = "forge.quinefoundation.com/ironmagma/riverside@sha256:23c17a769f001c0c41eb78119183549f884555e5604f017b1e03858dc5888d60"; + container_name = "riverside"; + restart = "unless-stopped"; + networks = [ "riverside" ]; + environment = { + DB_HOST = "postgres"; + DB_NAME = "drupal"; + DB_USER = "drupal"; + DB_PASS = "drupal"; + SITE_NAME = "Portfolio"; + }; + volumes = [ + "/var/riverside/files:/var/www/html/web/sites/default/files" + ]; + ports = [ "3011:8080" ]; + depends_on = [ "postgres" ]; + }; + }; + + postgres = { + service = { + image = "postgres:18-alpine"; + container_name = "riverside-postgres"; + restart = "unless-stopped"; + networks = [ "riverside" ]; + environment = { + POSTGRES_DB = "drupal"; + POSTGRES_USER = "drupal"; + POSTGRES_PASSWORD = "drupal"; + }; + volumes = [ + "/var/riverside/postgres:/var/lib/postgresql/data" + ]; + healthcheck = { + test = [ "CMD-SHELL" "pg_isready -U drupal -d drupal" ]; + interval = "5s"; + timeout = "5s"; + retries = 20; + }; + }; + }; + }; +} diff --git a/nixos/arion-riverside/arion-pkgs.nix b/nixos/arion-riverside/arion-pkgs.nix new file mode 100644 index 0000000..1d16305 --- /dev/null +++ b/nixos/arion-riverside/arion-pkgs.nix @@ -0,0 +1,3 @@ +import { + system = "x86_64-linux"; +} diff --git a/nixos/linux.nix b/nixos/linux.nix index 70644ac..f6b3f59 100644 --- a/nixos/linux.nix +++ b/nixos/linux.nix @@ -39,6 +39,15 @@ ${pkgs.arion}/bin/arion down 2>> /var/log/start-arion-run.log >> /var/log/start-arion-run.log ${pkgs.arion}/bin/arion up -d 2>> /var/log/start-arion-run.log >> /var/log/start-arion-run.log ''; + + start-arion-riverside-run = pkgs.writeShellScriptBin "start-arion-riverside-run" '' + set -e + export PATH="${pkgs.nixVersions.stable}/bin:${pkgs.docker}/bin:$PATH" + export NIX_PATH="nixpkgs=${pkgs.path}:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels" + cd /root/petersweb-infra/nixos/arion-riverside + ${pkgs.arion}/bin/arion down 2>> /var/log/start-arion-riverside-run.log >> /var/log/start-arion-riverside-run.log + ${pkgs.arion}/bin/arion up -d 2>> /var/log/start-arion-riverside-run.log >> /var/log/start-arion-riverside-run.log + ''; in { imports = [ (import ./cloned_repos {inherit pkgs pullomatic lib;}) @@ -83,6 +92,7 @@ in { # For docker-compose like setups pkgs.arion start-arion-run + start-arion-riverside-run ]; swapDevices = [ @@ -103,9 +113,22 @@ in { }; }; + systemd.services.riverside-arion = { + description = "Riverside via Arion"; + after = [ "network.target" "docker.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${start-arion-riverside-run}/bin/start-arion-riverside-run"; + }; + }; + systemd.tmpfiles.rules = [ "d /home/ironmagma/.config 0755 ${username} users" "d /root/.config 0755 ${username} users" + "d /var/riverside/files 0755 root root" + "d /var/riverside/postgres 0755 root root" ]; networking.hostName = "${hostname}"; @@ -209,14 +232,6 @@ in { ports = ["3010:8080"]; }; - "riverside" = { - autoStart = true; - image = "forge.quinefoundation.com/ironmagma/riverside@sha256:23c17a769f001c0c41eb78119183549f884555e5604f017b1e03858dc5888d60"; - volumes = []; - environment = {}; - ports = ["3011:8080"]; - }; - }; };