try fix
This commit is contained in:
parent
2b0fdfa854
commit
e143cdfdf1
2 changed files with 16 additions and 48 deletions
|
|
@ -1,50 +1,20 @@
|
|||
|
||||
/*
|
||||
|
||||
DISCLAIMER
|
||||
|
||||
This uses a somewhat hidden feature in NixOS, which is the
|
||||
"runner". It's a script that's available on systemd services
|
||||
that lets you run the service independently from systemd.
|
||||
However, it was clearly not intended for public consumption
|
||||
so please use it with care.
|
||||
It does not support all features of systemd so you are on
|
||||
your own if you use it in production.
|
||||
|
||||
One known issue is that the script does not respond to docker's
|
||||
SIGTERM shutdown signal.
|
||||
|
||||
*/
|
||||
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
project.name = "nixos-unit";
|
||||
services.webserver = { config, pkgs, ... }: {
|
||||
project.name = "webapp";
|
||||
services = {
|
||||
|
||||
nixos.configuration = {config, lib, options, pkgs, ...}: {
|
||||
boot.isContainer = true;
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts.localhost.root = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||
} // lib.optionalAttrs (options?services.nginx.stateDir) {
|
||||
# Work around a problem in NixOS 20.03
|
||||
stateDir = "/var/lib/nginx";
|
||||
};
|
||||
system.build.run-nginx = pkgs.writeScript "run-nginx" ''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
PATH='${config.systemd.services.nginx.environment.PATH}'
|
||||
echo nginx:x:${toString config.users.users.nginx.uid}:${toString config.users.groups.nginx.gid}:nginx web server user:/var/empty:/bin/sh >>/etc/passwd
|
||||
echo nginx:x:${toString config.users.groups.nginx.gid}:nginx >>/etc/group
|
||||
echo 'nobody:x:65534:65534:Unprivileged account do not use:/var/empty:/run/current-system/sw/bin/nologin' >>/etc/passwd
|
||||
echo 'nogroup:x:65534:' >>/etc/group
|
||||
mkdir -p /var/log/nginx /run/nginx/ /var/cache/nginx /var/lib/nginx/{,logs,proxy_temp,client_body_temp,fastcgi_temp,scgi_temp,uwsgi_temp} /tmp/nginx_client_body
|
||||
chown nginx /var/log/nginx /run/nginx/ /var/cache/nginx /var/lib/nginx/{,logs,proxy_temp,client_body_temp,fastcgi_temp,scgi_temp,uwsgi_temp} /tmp/nginx_client_body
|
||||
${config.systemd.services.nginx.runner}
|
||||
'';
|
||||
};
|
||||
service.command = [ config.nixos.build.run-nginx ];
|
||||
webserver = {
|
||||
image.enableRecommendedContents = true;
|
||||
service.useHostStore = true;
|
||||
service.command = [ "sh" "-c" ''
|
||||
cd "$$WEB_ROOT"
|
||||
${pkgs.python3}/bin/python -m http.server
|
||||
'' ];
|
||||
service.ports = [
|
||||
"8009:80" # host:container
|
||||
"8009:8000" # host:container
|
||||
];
|
||||
service.environment.WEB_ROOT = "${pkgs.nix.doc}/share/doc/nix/manual";
|
||||
service.stop_signal = "SIGINT";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -110,8 +110,6 @@ in {
|
|||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
|
||||
virtualisation.arion.backend.type = "podman-socket";
|
||||
|
||||
virtualisation.oci-containers = {
|
||||
backend = "docker";
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue