138 lines
3.2 KiB
Nix
138 lines
3.2 KiB
Nix
{
|
|
lib,
|
|
clanLib,
|
|
exports,
|
|
...
|
|
}: let
|
|
inherit (builtins) toString;
|
|
in {
|
|
_class = "clan.service";
|
|
manifest = {
|
|
name = "arda/identity";
|
|
description = ''
|
|
'';
|
|
readme = builtins.readFile ./README.md;
|
|
exports = {
|
|
inputs = ["persistence"];
|
|
out = ["gateway"];
|
|
};
|
|
};
|
|
|
|
roles.default = {
|
|
description = '''';
|
|
|
|
interface = {lib, ...}: let
|
|
inherit (lib) mkOption types;
|
|
in {
|
|
options = {
|
|
driver = mkOption {
|
|
type = types.enum ["zitadel"];
|
|
default = "zitadel";
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 9092;
|
|
};
|
|
};
|
|
};
|
|
|
|
perInstance = {
|
|
mkExports,
|
|
settings,
|
|
...
|
|
}: let
|
|
database =
|
|
exports
|
|
|> clanLib.getExport {
|
|
serviceName = "arda/persistence";
|
|
roleName = "default";
|
|
machineName = machine.name;
|
|
instanceName = settings.persistence_instance;
|
|
}
|
|
|> (v: v.persistence.driver.postgresql);
|
|
in {
|
|
exports = mkExports {
|
|
gateway.services.identity = {port = settings.port;};
|
|
};
|
|
|
|
nixosModule = {
|
|
lib,
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: let
|
|
inherit (lib) mkMerge mkIf;
|
|
in {
|
|
config = mkMerge [
|
|
(lib.mkIf (settings.driver == "zitadel") {
|
|
clan.core.vars.generators.zitadel = {
|
|
dependencies = ["persistence"];
|
|
|
|
files = {
|
|
masterKey = {
|
|
deploy = true;
|
|
owner = "zitadel";
|
|
group = "zitadel";
|
|
restartUnits = ["zitadel.service"];
|
|
};
|
|
|
|
settings = {
|
|
deploy = true;
|
|
owner = "zitadel";
|
|
group = "zitadel";
|
|
restartUnits = ["zitadel.service"];
|
|
};
|
|
};
|
|
|
|
runtimeInputs = with pkgs; [pwgen];
|
|
script = ''
|
|
pwgen -s 32 1 > $out/masterKey
|
|
|
|
cat << EOL > $out/settings
|
|
Database:
|
|
postgres:
|
|
User:
|
|
Password: $(cat $in/persistence/zitadel_password)
|
|
Admin:
|
|
Password: $(cat $in/persistence/zitadel_password)
|
|
EOL
|
|
'';
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
zitadel
|
|
];
|
|
|
|
services.zitadel = {
|
|
enable = true;
|
|
masterKeyFile = config.clan.core.vars.generators.zitadel.files.masterKey.path;
|
|
|
|
tlsMode = "external";
|
|
|
|
extraSettingsPaths = [
|
|
config.clan.core.vars.generators.zitadel.files.settings.path
|
|
];
|
|
|
|
settings = {
|
|
Port = settings.port;
|
|
|
|
Database.postgres = {
|
|
Host = database.host;
|
|
Port = database.port;
|
|
Databae = "zitadel";
|
|
User = {
|
|
Username = "zitadel";
|
|
};
|
|
Admin = {
|
|
Username = "zitadel";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
})
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|