nixos/windmill: add database.url option and defaults

2024-09-14 00:36:55 +03:00 · 2024-09-14 00:36:55 +03:00 · b44fdbfc11
commit b44fdbfc11
parent 7f114dae53
1 changed files with 26 additions and 7 deletions
--- a/nixos/modules/services/web-apps/windmill.nix
+++ b/nixos/modules/services/web-apps/windmill.nix
@ -34,13 +34,24 @@ in
        description = "Database user.";
      };

+      url = lib.mkOption {
+        type = lib.types.str;
+        default = "postgres://${config.services.windmill.database.name}?host=/var/run/postgresql";
+        defaultText = lib.literalExpression ''
+          "postgres://\$\{config.services.windmill.database.name}?host=/var/run/postgresql";
+        '';
+        description = "Database url. Note that any secret here would be world-readable. Use `services.windmill.database.urlPath` unstead to include secrets in the url.";
+      };
+
      urlPath = lib.mkOption {
-        type = lib.types.path;
+        type = lib.types.nullOr lib.types.path;
        description = ''
          Path to the file containing the database url windmill should connect to. This is not deducted from database user and name as it might contain a secret
        '';
+        default = null;
        example = "config.age.secrets.DATABASE_URL_FILE.path";
      };
+
      createLocally = lib.mkOption {
        type = lib.types.bool;
        default = true;
@ -50,6 +61,10 @@ in

    baseUrl = lib.mkOption {
      type = lib.types.str;
+      default = "https://localhost:${toString config.services.windmill.serverPort}";
+      defaultText = lib.literalExpression ''
+        "https://localhost:\$\{toString config.services.windmill.serverPort}";
+      '';
      description = ''
        The base url that windmill will be served on.
      '';
@ -79,6 +94,7 @@ in

   systemd.services =
    let
+      useUrlPath = (cfg.database.urlPath != null);
      serviceConfig = {
        DynamicUser = true;
        # using the same user to simplify db connection
@ -86,10 +102,16 @@ in
        ExecStart = "${pkgs.windmill}/bin/windmill";

        Restart = "always";
+      } // lib.optionalAttrs useUrlPath {
        LoadCredential = [
          "DATABASE_URL_FILE:${cfg.database.urlPath}"
        ];
      };
+      db_url_envs = lib.optionalAttrs useUrlPath {
+        DATABASE_URL_FILE = "%d/DATABASE_URL_FILE";
+      } // lib.optionalAttrs (!useUrlPath) {
+        DATABASE_URL = cfg.database.url;
+      };
    in
    {

@ -132,12 +154,11 @@ EOF
        serviceConfig = serviceConfig // { StateDirectory = "windmill";};

        environment = {
-          DATABASE_URL_FILE = "%d/DATABASE_URL_FILE";
          PORT = builtins.toString cfg.serverPort;
          WM_BASE_URL = cfg.baseUrl;
          RUST_LOG = cfg.logLevel;
          MODE = "server";
-        };
+        } // db_url_envs;
      };

     windmill-worker = {
@ -148,13 +169,12 @@ EOF
        serviceConfig = serviceConfig // { StateDirectory = "windmill-worker";};

        environment = {
-          DATABASE_URL_FILE = "%d/DATABASE_URL_FILE";
          WM_BASE_URL = cfg.baseUrl;
          RUST_LOG = cfg.logLevel;
          MODE = "worker";
          WORKER_GROUP = "default";
          KEEP_JOB_DIR = "false";
-        };
+        } // db_url_envs;
      };

     windmill-worker-native = {
@ -165,12 +185,11 @@ EOF
        serviceConfig = serviceConfig // { StateDirectory = "windmill-worker-native";};

        environment = {
-          DATABASE_URL_FILE = "%d/DATABASE_URL_FILE";
          WM_BASE_URL = cfg.baseUrl;
          RUST_LOG = cfg.logLevel;
          MODE = "worker";
          WORKER_GROUP = "native";
-        };
+        } // db_url_envs;
      };
    };
  };