docker-healthchecks/flake.nix

309 lines
8.4 KiB
Nix
Raw Normal View History

2023-04-15 19:01:10 -05:00
{
description = "Healthchecks";
inputs = {
nixpkgs = {
url = "nixpkgs/nixos-unstable-small";
2023-04-15 19:01:10 -05:00
};
};
2023-11-26 09:00:03 -06:00
outputs = {
self,
nixpkgs,
2024-09-07 12:11:45 -05:00
}: let
2023-11-26 09:00:03 -06:00
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
};
py = pkgs.python312.override {
2023-11-26 09:00:03 -06:00
packageOverrides = final: prev: {
2024-06-20 11:10:53 -05:00
django = prev.django_5;
2023-04-15 19:01:10 -05:00
};
2023-11-26 09:00:03 -06:00
};
baseImage = {
tag = "latest";
maxLayers = 2;
contents = [
pkgs.bash
pkgs.coreutils-full
];
config = {
User = "5000:5000";
Volumes = {
"/tmp" = {};
2023-04-15 22:30:12 -05:00
};
2023-11-26 09:00:03 -06:00
WorkingDir = "${self.packages.${system}.healthchecks}/app";
Env = [
"LANG=en_US.UTF-8"
"PYTHONPATH=${self.packages.${system}.healthchecks.pythonPath}"
"PYTHONUNBUFFERED=1"
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
"STATIC_ROOT=${self.packages.${system}.healthchecks.static}"
2023-04-15 22:30:12 -05:00
];
};
2023-11-26 09:00:03 -06:00
};
in {
packages.${system} = {
healthchecks = let
pname = "healthchecks";
2024-12-09 08:58:48 -06:00
version = "3.8";
hash = "sha256-RVmIaobts6GT1I4pc5/kZblbo6CwwQ33m3xBruSXZss=";
2024-06-20 09:38:27 -05:00
secrets = [
"DB_PASSWORD"
"DISCORD_CLIENT_SECRET"
"EMAIL_HOST_PASSWORD"
"LINENOTIFY_CLIENT_SECRET"
"MATRIX_ACCESS_TOKEN"
"PD_APP_ID"
"PUSHBULLET_CLIENT_SECRET"
"PUSHOVER_API_TOKEN"
"S3_SECRET_KEY"
"SECRET_KEY"
"SLACK_CLIENT_SECRET"
"TELEGRAM_TOKEN"
"TRELLO_APP_KEY"
"TWILIO_AUTH"
];
2023-11-26 09:00:03 -06:00
localSettings = pkgs.writeText "local_settings.py" ''
import os
CSRF_TRUSTED_HOSTS = os.getenv("CSRF_TRUSTED_HOSTS", "").split(",")
STATIC_ROOT = os.getenv("STATIC_ROOT")
STATICFILES_DIRS = [ ]
2024-06-20 09:38:27 -05:00
${pkgs.lib.concatLines (map
(secret: ''
${secret}_FILE = os.getenv("${secret}_FILE")
if ${secret}_FILE:
with open(${secret}_FILE, "r") as file:
${secret} = file.readline()
'')
secrets)}
2023-11-26 09:00:03 -06:00
'';
propagatedBuildInputs = with py.pkgs; [
aiosmtpd
apprise
cronsim
django
django-compressor
django-stubs-ext
fido2
minio
2024-06-20 09:38:27 -05:00
oncalendar
2023-11-26 09:00:03 -06:00
psycopg2
pycurl
pydantic
pyotp
segno
statsd
whitenoise
];
in
py.pkgs.buildPythonApplication {
2024-06-20 09:38:27 -05:00
inherit pname version;
2023-11-26 09:00:03 -06:00
format = "other";
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
outputs = ["out" "static" "doc"];
2023-05-01 18:36:48 -05:00
2023-11-26 09:00:03 -06:00
src = pkgs.fetchFromGitHub {
owner = "healthchecks";
repo = pname;
2024-06-20 09:38:27 -05:00
rev = "refs/tags/v${version}";
hash = hash;
2023-11-26 09:00:03 -06:00
};
2023-04-15 22:30:12 -05:00
2024-06-20 09:38:27 -05:00
inherit propagatedBuildInputs;
2023-11-26 09:00:03 -06:00
dontPatch = true;
dontConfigure = true;
dontBuild = true;
doCheck = false;
2023-05-01 18:36:48 -05:00
2023-11-26 09:00:03 -06:00
installPhase = ''
mkdir -p $out/app
cp -r CHANGELOG.md hc manage.py templates $out/app
chmod +x $out/app/manage.py
2023-05-01 18:36:48 -05:00
2023-11-26 09:00:03 -06:00
mkdir -p $doc
cp -r *.md LICENSE $doc
2023-05-01 18:36:48 -05:00
2023-11-26 09:00:03 -06:00
mkdir -p $static
DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py collectstatic --noinput
DEBUG=False SECRET_KEY=build-key STATIC_ROOT=$static ${py}/bin/python ./manage.py compress
cp -r static-collected/* $static
2023-05-23 22:44:40 -05:00
2023-11-26 09:00:03 -06:00
cp ${localSettings} $out/app/hc/local_settings.py
'';
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
passthru = {
# PYTHONPATH of all dependencies used by the package
pythonPath = py.pkgs.makePythonPath propagatedBuildInputs;
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
tests = {
inherit (pkgs.nixosTests) healthchecks;
2023-04-15 22:30:12 -05:00
};
2023-11-26 09:00:03 -06:00
};
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
meta = with pkgs.lib; {
homepage = "https://github.com/healthchecks/healthchecks";
description = "A cron monitoring tool written in Python & Django ";
license = licenses.bsd3;
2023-04-15 19:01:10 -05:00
};
2023-11-26 09:00:03 -06:00
};
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
smtpd = pkgs.dockerTools.buildLayeredImage (
pkgs.lib.attrsets.recursiveUpdate baseImage {
name = "healthchecks-smtpd";
config = {
Cmd = [
"${self.packages.${system}.healthchecks}/app/manage.py"
"smtpd"
"--port"
"2525"
];
ExposedPorts = {
"2525/tcp" = {};
2023-04-16 22:39:23 -05:00
};
2023-11-26 09:00:03 -06:00
};
}
);
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
sendalerts = pkgs.dockerTools.buildLayeredImage (
pkgs.lib.attrsets.recursiveUpdate baseImage {
name = "healthchecks-sendalerts";
config = {
Cmd = [
"${self.packages.${system}.healthchecks}/app/manage.py"
"sendalerts"
];
ExposedPorts = {};
};
}
);
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
sendreports = pkgs.dockerTools.buildLayeredImage (
pkgs.lib.attrsets.recursiveUpdate baseImage {
name = "healthchecks-sendreports";
config = {
Cmd = [
"${self.packages.${system}.healthchecks}/app/manage.py"
"sendreports"
"--loop"
];
ExposedPorts = {};
};
}
);
maintenance = let
2024-09-07 12:11:45 -05:00
script = pkgs.writeTextFile {
name = "maintenance";
text = pkgs.lib.concatStringsSep "\n" [
2024-09-09 14:00:52 -05:00
"#!${pkgs.nushell}/bin/nu"
2024-09-07 12:11:45 -05:00
""
"alias manage = ${self.packages.${system}.healthchecks}/app/manage.py"
""
(builtins.readFile ./maintenance.nu)
];
executable = true;
destination = "/bin/maintenance";
};
2023-11-26 09:00:03 -06:00
in
pkgs.dockerTools.buildLayeredImage (
pkgs.lib.attrsets.recursiveUpdate baseImage {
2023-11-26 09:00:03 -06:00
name = "healthchecks-maintenance";
config = {
Cmd = [
2024-09-09 21:43:40 -05:00
"${script}/bin/maintenance"
];
2023-11-26 09:00:03 -06:00
ExposedPorts = {};
};
}
);
2023-11-26 09:00:03 -06:00
migrate = pkgs.dockerTools.buildLayeredImage (
pkgs.lib.attrsets.recursiveUpdate baseImage {
name = "healthchecks-migrate";
config = {
Cmd = [
"${self.packages.${system}.healthchecks}/app/manage.py"
"migrate"
];
ExposedPorts = {};
};
}
);
2023-04-15 22:30:12 -05:00
2023-11-26 09:00:03 -06:00
webserver = let
uwsgi = pkgs.uwsgi.override {
plugins = ["python3"];
};
uwsgi-ini = pkgs.writeTextFile {
name = "uwsgi.ini";
text = ''
[uwsgi]
buffer-size = 32768
chdir = ${self.packages.${system}.healthchecks}/app
die-on-term
disable-write-exception
enable-threads
harakiri = 10
http-socket = :8000
master
max-fd = 10000
mime-file = ${pkgs.mailcap}/etc/nginx/mime.types
module = hc.wsgi:application
plugins = python3
post-buffering = 16192
processes = 4
threads = 1
thunder-lock
'';
};
in
pkgs.dockerTools.buildLayeredImage (
2023-04-16 22:39:23 -05:00
pkgs.lib.attrsets.recursiveUpdate baseImage {
2023-11-26 09:00:03 -06:00
name = "healthchecks-webserver";
2024-06-20 09:38:27 -05:00
fakeRootCommands = ''
mkdir /tmp
chmod 0777 /tmp
2023-11-26 09:00:03 -06:00
'';
2023-04-16 22:39:23 -05:00
config = {
Cmd = [
2023-11-26 09:00:03 -06:00
"${uwsgi}/bin/uwsgi"
"${uwsgi-ini}"
2023-04-16 22:39:23 -05:00
];
2023-11-26 09:00:03 -06:00
ExposedPorts = {
"8000/tcp" = {};
};
2023-04-16 22:39:23 -05:00
};
}
);
2023-11-26 09:00:03 -06:00
static = pkgs.dockerTools.buildLayeredImage {
name = "healthchecks-static";
tag = "latest";
maxLayers = 2;
config = {
User = "5000:5000";
Cmd = [
"${pkgs.static-web-server}/bin/static-web-server"
"--port=8000"
"--root=${self.packages.${system}.healthchecks.static}"
];
ExposedPorts = {
"8000/tcp" = {};
2023-05-01 18:36:48 -05:00
};
};
2023-05-23 22:44:40 -05:00
};
2023-04-15 19:01:10 -05:00
};
2023-11-26 09:00:03 -06:00
checks.${system} = {
webserver = self.packages.${system}.webserver;
smtpd = self.packages.${system}.smtpd;
sendalerts = self.packages.${system}.sendalerts;
sendreports = self.packages.${system}.sendreports;
maintenance = self.packages.${system}.maintenance;
migrate = self.packages.${system}.migrate;
static = self.packages.${system}.static;
};
};
2023-04-15 19:01:10 -05:00
}