server-configs/machines/gerd/services/wger/default.nix

{ config, pkgs, ... }:

let
  svc_domain = "wger.${config.mine.shared.settings.domain}";
  port = 8000;
  wger_user = "wger";
  statedir = config.mine.zfsMounts."rpool/safe/svcs/wger";

  wgerpkgs = pkgs.callPackage ./wgerpkg/default.nix {};

# # Application settings
# WGER_SETTINGS['EMAIL_FROM'] = 'wger Workout Manager <wger@example.com>'
# WGER_SETTINGS["ALLOW_REGISTRATION"] = True
# WGER_SETTINGS["ALLOW_GUEST_USERS"] = True
# WGER_SETTINGS["ALLOW_UPLOAD_VIDEOS"] = False
# WGER_SETTINGS["MIN_ACCOUNT_AGE_TO_TRUST"] = 21  # in days
# WGER_SETTINGS["EXERCISE_CACHE_TTL"] = 3600  # in seconds
  wger_settings = {
    EMAIL_FROM = "wger Workout Manager <wger@example.com>";
    ALLOW_REGISTRATION = true;
    ALLOW_GUEST_USERS = true;
    ALLOW_UPLOAD_VIDEOS = false;
    MIN_ACCOUNT_AGE_TO_TRUST = 21;
    EXERCISE_CACHE_TTL = 3600;
  };

  django_settings = rec {
    DEBUG = true;
    DATABASES.default = {
        # ENGINE = "django.db.backends.sqlite3";
        # NAME = "${statedir}/database.sqlite";
        # USER = "";
        # PASSWORD = "";
        # HOST = "";
        # PORT = "";
        ENGINE = "django.db.backends.postgresql";
        NAME = "wger";
        USER = "wger";
        PASSWORD = "";
        HOST = "/run/postgresql";
        PORT = "";
    };

    ADMINS = [["Your Name" "test@test.dk"]];
    MANAGERS = ADMINS;

    TIME_ZONE = "Europe/Berlin";

    SECRET_KEY = "2w!yl6ausb-$05#mjnec)g_h#nc9pzzw0c(kvaskocvyyg1oqc";

    SITE_URL = "http://localhost:8100";

    MEDIA_ROOT = "${statedir}/media";
    MEDIA_URL = "/media/";

    EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend";

# DEFAULT_FROM_EMAIL = WGER_SETTINGS['EMAIL_FROM']

    EMAIL_PAGE_DOMAIN = SITE_URL;

    CSRF_TRUSTED_ORIGINS = [ "https://${svc_domain}" ];
    ALLOWED_HOSTS = [ svc_domain ];

    RECAPTCHA_PUBLIC_KEY = "";
    RECAPTCHA_PRIVATE_KEY = "";
    USE_RECAPTCHA = false;

  };

  wger_settings_file = pkgs.writeText "settings.json" (builtins.toJSON wger_settings);
  django_settings_file = pkgs.writeText "settings.json" (builtins.toJSON django_settings);
  settingsFile = pkgs.writeText "settings.py" ''
    from wger.settings_global import *
    import json
    
    with open("${django_settings_file}") as f:
        globals().update(json.load(f))
    
    with open("${wger_settings_file}") as f:
        WGER_SETTINGS.update(json.load(f))
  '';
in {

  systemd.services.wger = {
    description = "wger fitness";
    wantedBy = [ "multi-user.target" ];
    after = [ "networking.target" ];
    script = ''
      # general wger things
      ${wgerpkgs}/bin/wger migrate-db -s ${settingsFile} || true
      # ${wgerpkgs}/bin/wger load-fixtures -s ${settingsFile} || true
      # ${wgerpkgs}/bin/wger load-online-fixtures -s ${settingsFile} || true

      # manage things
      # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-images || true
      # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-videos || true
      # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-ingredient-images || true
      WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-exercises || true
      # WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-ingredients || true
      WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage exercises-health-check || true

      # run server
      ${wgerpkgs}/bin/wger start -s ${settingsFile}
    '';

    serviceConfig = {
      User = "wger";
      Group = "wger";
      
    };
  };
  users.users."${wger_user}"= {
    uid = 738;
    isSystemUser = true;
    group = wger_user;
    
  };
  users.groups."${wger_user}".gid = 738;

  services.postgresql = {
    ensureDatabases = [ wger_user ];
    ensureUsers = [{
      name = wger_user;
      ensureDBOwnership = true;
    }];
  };


  services.nginx.virtualHosts."${svc_domain}" = {
    forceSSL = true;
    enableACME = true;

    extraConfig = ''
      include ${config.mine.shared.lib.authelia.autheliaLocation};
    '';
    
    locations."/" = config.mine.shared.lib.authelia.mkProtectedLocation {
      proxyPass = "http://localhost:${builtins.toString port}";
    };
    locations."/api/v2/register" = config.mine.shared.lib.authelia.mkProtectedLocation {
      proxyPass = "http://localhost:${builtins.toString port}";
    };

    locations."/static".proxyPass = "http://localhost:${builtins.toString port}";
    locations."/media".proxyPass = "http://localhost:${builtins.toString port}";
    locations."/api".proxyPass = "http://localhost:${builtins.toString port}";
  };
}
gerd.wger: init 2024-12-03 07:45:11 +00:00			`{ config, pkgs, ... }:`

			`let`
			`svc_domain = "wger.${config.mine.shared.settings.domain}";`
			`port = 8000;`
			`wger_user = "wger";`
			`statedir = config.mine.zfsMounts."rpool/safe/svcs/wger";`

			`wgerpkgs = pkgs.callPackage ./wgerpkg/default.nix {};`

			`# # Application settings`
			`# WGER_SETTINGS['EMAIL_FROM'] = 'wger Workout Manager <wger@example.com>'`
			`# WGER_SETTINGS["ALLOW_REGISTRATION"] = True`
			`# WGER_SETTINGS["ALLOW_GUEST_USERS"] = True`
			`# WGER_SETTINGS["ALLOW_UPLOAD_VIDEOS"] = False`
			`# WGER_SETTINGS["MIN_ACCOUNT_AGE_TO_TRUST"] = 21 # in days`
			`# WGER_SETTINGS["EXERCISE_CACHE_TTL"] = 3600 # in seconds`
			`wger_settings = {`
			`EMAIL_FROM = "wger Workout Manager <wger@example.com>";`
			`ALLOW_REGISTRATION = true;`
			`ALLOW_GUEST_USERS = true;`
			`ALLOW_UPLOAD_VIDEOS = false;`
			`MIN_ACCOUNT_AGE_TO_TRUST = 21;`
			`EXERCISE_CACHE_TTL = 3600;`
			`};`

			`django_settings = rec {`
			`DEBUG = true;`
			`DATABASES.default = {`
			`# ENGINE = "django.db.backends.sqlite3";`
			`# NAME = "${statedir}/database.sqlite";`
			`# USER = "";`
			`# PASSWORD = "";`
			`# HOST = "";`
			`# PORT = "";`
			`ENGINE = "django.db.backends.postgresql";`
			`NAME = "wger";`
			`USER = "wger";`
			`PASSWORD = "";`
			`HOST = "/run/postgresql";`
			`PORT = "";`
			`};`

			`ADMINS = [["Your Name" "test@test.dk"]];`
			`MANAGERS = ADMINS;`

			`TIME_ZONE = "Europe/Berlin";`

			`SECRET_KEY = "2w!yl6ausb-$05#mjnec)g_h#nc9pzzw0c(kvaskocvyyg1oqc";`

			`SITE_URL = "http://localhost:8100";`

			`MEDIA_ROOT = "${statedir}/media";`
			`MEDIA_URL = "/media/";`

			`EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend";`

			`# DEFAULT_FROM_EMAIL = WGER_SETTINGS['EMAIL_FROM']`

			`EMAIL_PAGE_DOMAIN = SITE_URL;`

			`CSRF_TRUSTED_ORIGINS = [ "https://${svc_domain}" ];`
			`ALLOWED_HOSTS = [ svc_domain ];`

			`RECAPTCHA_PUBLIC_KEY = "";`
			`RECAPTCHA_PRIVATE_KEY = "";`
			`USE_RECAPTCHA = false;`

			`};`

			`wger_settings_file = pkgs.writeText "settings.json" (builtins.toJSON wger_settings);`
			`django_settings_file = pkgs.writeText "settings.json" (builtins.toJSON django_settings);`
			`settingsFile = pkgs.writeText "settings.py" ''`
			`from wger.settings_global import *`
			`import json`

			`with open("${django_settings_file}") as f:`
			`globals().update(json.load(f))`

			`with open("${wger_settings_file}") as f:`
			`WGER_SETTINGS.update(json.load(f))`
			`'';`
			`in {`

			`systemd.services.wger = {`
			`description = "wger fitness";`
			`wantedBy = [ "multi-user.target" ];`
			`after = [ "networking.target" ];`
			`script = ''`
			`# general wger things`
			`${wgerpkgs}/bin/wger migrate-db -s ${settingsFile} \|\| true`
			`# ${wgerpkgs}/bin/wger load-fixtures -s ${settingsFile} \|\| true`
			`# ${wgerpkgs}/bin/wger load-online-fixtures -s ${settingsFile} \|\| true`

			`# manage things`
			`# WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-images \|\| true`
			`# WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-exercise-videos \|\| true`
			`# WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage download-ingredient-images \|\| true`
			`WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-exercises \|\| true`
			`# WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage sync-ingredients \|\| true`
			`WGER_SETTINGS=${settingsFile} ${wgerpkgs}/bin/manage exercises-health-check \|\| true`

			`# run server`
			`${wgerpkgs}/bin/wger start -s ${settingsFile}`
			`'';`

			`serviceConfig = {`
			`User = "wger";`
			`Group = "wger";`

			`};`
			`};`
			`users.users."${wger_user}"= {`
			`uid = 738;`
			`isSystemUser = true;`
			`group = wger_user;`

			`};`
			`users.groups."${wger_user}".gid = 738;`

			`services.postgresql = {`
			`ensureDatabases = [ wger_user ];`
			`ensureUsers = [{`
			`name = wger_user;`
			`ensureDBOwnership = true;`
			`}];`
			`};`


			`services.nginx.virtualHosts."${svc_domain}" = {`
			`forceSSL = true;`
			`enableACME = true;`

			`extraConfig = ''`
			`include ${config.mine.shared.lib.authelia.autheliaLocation};`
			`'';`

			`locations."/" = config.mine.shared.lib.authelia.mkProtectedLocation {`
			`proxyPass = "http://localhost:${builtins.toString port}";`
			`};`
			`locations."/api/v2/register" = config.mine.shared.lib.authelia.mkProtectedLocation {`
			`proxyPass = "http://localhost:${builtins.toString port}";`
			`};`

			`locations."/static".proxyPass = "http://localhost:${builtins.toString port}";`
			`locations."/media".proxyPass = "http://localhost:${builtins.toString port}";`
			`locations."/api".proxyPass = "http://localhost:${builtins.toString port}";`
			`};`
			`}`