Commit e044f009 authored by Profpatsch's avatar Profpatsch

containers/postgres: document module

parent 7cee78fc
{ lib, pkgs, config, ... }:
let
cfg = config.org.techcultivation.deploy.database;
# set database connection values
connectionData = {
Host = "";
Port = 5432;
......@@ -11,6 +11,7 @@ let
SslMode = "disable";
};
# locale used by the database
sanghaDatabaseLocale = "en_US.UTF-8";
# TODO: use pgtune(1) for full deployment setup
......@@ -18,6 +19,8 @@ let
# set by initdb, should be modifiable
# see https://www.postgresql.org/docs/9.1/static/runtime-config-resource.html
# and https://www.postgresql.org/docs/9.1/static/runtime-config-connection.html
# generated postgresql.conf string
sanghaPostgresConfig =
let
l = sanghaDatabaseLocale;
......@@ -38,11 +41,14 @@ let
lc_time = l;
};
# localedb, only contains locale used by the database
# used to build the database and added to containers
localeFiles = pkgs.glibcLocales.override {
locales = [ (sanghaDatabaseLocale + "/UTF-8") ];
allLocales = false;
};
# small helper to prepend folders to a derivation’s contents
prependPrefix = prefix: drv: pkgs.runCommand "${drv.name}-prefixed" {} ''
new="$out/${prefix}"
mkdir -p $(dirname "$new")
......@@ -51,24 +57,30 @@ let
cp -r $new/nix-support $out/
'';
postgresInitDatabase =
let sanghaConfig = pkgs.runCommand "sangha.conf" {} ''
# copy sangha configuration with correct connection data
${lib.getBin pkgs.jq}/bin/jq '.Connections.PostgreSQLConnection *= ${
lib.generators.toJSON {} connectionData
}' \
${pkgs.sangha.src}/config.example.json \
> $out
# creates a postgres database folder, complete with sangha
# databases and mock data
sanghaInitDatabase =
let
# sangha config, using database connection values from above
sanghaConfig = pkgs.runCommand "sangha.conf" {} ''
# copy sangha configuration with correct connection data
${lib.getBin pkgs.jq}/bin/jq '.Connections.PostgreSQLConnection *= ${
lib.generators.toJSON {} connectionData
}' \
${pkgs.sangha.src}/config.example.json \
> $out
'';
# sangha db SQL initialization code
sanghaCreateDb = with connectionData;
pkgs.writeText "sangha-create-db.sql" ''
CREATE DATABASE ${DbName};
CREATE USER ${User} WITH PASSWORD '${Password}';
GRANT ALL PRIVILEGES ON DATABASE ${DbName} TO ${User};
'';
sanghaCreateDb = with connectionData;
pkgs.writeText "sangha-create-db.sql" ''
CREATE DATABASE ${DbName};
CREATE USER ${User} WITH PASSWORD '${Password}';
GRANT ALL PRIVILEGES ON DATABASE ${DbName} TO ${User};
'';
in pkgs.runCommand "sangha-db-template" {
nativeBuildInputs = [ pkgs.postgresql localeFiles ];
# pass through the sangha configfile used
passthru = { inherit sanghaConfig; };
} ''
mkdir $out
......@@ -101,12 +113,17 @@ let
'';
in {
## module options for database deployment
# TODO: might need to change the namespace name
options.org.techcultivation.deploy.database = {
enable = lib.mkEnableOption "database container";
buildDockerImage = lib.mkEnableOption "database container docker image";
};
# generic option on where to put generated docker images
# TODO: should be moved to a nicer file
options.generated.dockerImages = lib.mkOption {
type = with lib.types; attrsOf package;
default = {};
......@@ -115,24 +132,38 @@ in {
'';
};
## option implementation
config =
let
# configuration for usage on NixOS / with nspawn containers
nixosConfig = {
# TODO
passthru = postgresInitDatabase;
# TODO temporary
passthru = sanghaInitDatabase;
};
# configuration for generating a docker image
dockerConfig = {
generated.dockerImages.sangha = with pkgs.dockerTools;
generated.dockerImages.sangha =
let dbDir = "/database";
uidGid = 999;
uidGidStr = toString uidGid;
in (buildImage {
in pkgs.dockerTools.buildImage {
name = "sangha";
tag = "unstable";
contents = [ pkgs.postgresql (prependPrefix "/usr" localeFiles) ];
# contents of the docker image
contents = [
# the complete postgresql closure with all deps
pkgs.postgresql
# needed locales (localdb)
(prependPrefix "/usr" localeFiles)
];
# docker config (see docker image spec)
config = {
User = "postgres";
Cmd = [ "/bin/postgres" ];
......@@ -140,12 +171,13 @@ in {
"PGDATA=${dbDir}"
];
ExposedPorts."${toString connectionData.Port}/tcp" = {};
# we create a volume so the db is persistent over restarts
Volumes."${dbDir}" = {};
};
runAsRoot = ''
${pkgs.stdenv.shell}
${shadowSetup}
${pkgs.dockerTools.shadowSetup}
# some needed system structure
umask 000
......@@ -155,16 +187,20 @@ in {
echo "hosts: files" > /etc/nsswitch.conf
# postgres setup
cp -r "${postgresInitDatabase}" "./${dbDir}"
cp -r "${sanghaInitDatabase}" "./${dbDir}"
chmod --recursive u=rwX,go= "./${dbDir}"
chown --recursive ${uidGidStr}:${uidGidStr} "./${dbDir}"
'';
});
};
};
in
lib.mkMerge [
(lib.mkIf cfg.enable nixosConfig)
(lib.mkIf cfg.buildDockerImage dockerConfig)
];
let
cfg = config.org.techcultivation.deploy.database;
in
lib.mkMerge [
(lib.mkIf cfg.enable nixosConfig)
(lib.mkIf cfg.buildDockerImage dockerConfig)
];
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment