sid/synix
1
0
Fork 0
Code Issues 7 Pull requests 1 Projects Activity Actions

initial commit
All checks were successful
Deploy docs / build-and-deploy (push) Successful in 3s
Details

Browse source
This commit is contained in:
sid 2026-02-23 20:34:35 +01:00
commit 95a533c876
451 changed files with 18255 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

132
templates/dev/flask-hello/nix/module.nix Normal file
View file

@ -0,0 +1,132 @@
{
inputs,
config,
lib,
pkgs,
...
}:
let
cfg = config.services.flask_hello;
domain = config.networking.domain;
fqdn = if (cfg.nginx.subdomain != "") then "${cfg.nginx.subdomain}.${domain}" else domain;
python-with-packages = pkgs.python3.withPackages (
p: with p; [
flask
]
);
inherit (lib)
concatStringsSep
getExe
mkDefault
mkEnableOption
mkIf
mkOption
mkPackageOption
types
;
in
{
options.services.flask_hello = {
enable = mkEnableOption "Flask Hello World service.";
package = mkPackageOption pkgs "flask_hello" { };
port = mkOption {
type = types.port;
default = 5000;
description = "The port to listen on.";
};
user = mkOption {
type = types.str;
description = "The user the Flask service will run as.";
default = "flaskapp";
};
group = mkOption {
type = types.str;
description = "The group the Flask service will run as.";
default = "flaskapp";
};
nginx = {
enable = mkOption {
type = types.bool;
default = true;
description = "Enable Nginx as a reverse proxy for the Flask application.";
};
subdomain = mkOption {
type = types.str;
default = "flask_hello";
description = "Subdomain for the Nginx virtual host. Leave empty for root domain.";
};
ssl = mkOption {
type = types.bool;
default = true;
description = "Enable SSL for the Nginx virtual host using ACME.";
};
};
gunicorn.extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
description = "Extra arguments for gunicorn.";
};
};
config = mkIf cfg.enable {
nixpkgs.overlays = [ inputs.flask_hello.overlays.default ];
networking.firewall.allowedTCPPorts = [
80 # ACME challenge
443
];
systemd.services.flask_hello = {
description = "Flask Hello World";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
PYTHONPATH = "${python-with-packages}/${python-with-packages.sitePackages}";
};
serviceConfig = {
ExecStart = ''
${getExe pkgs.python3Packages.gunicorn} \
--bind=127.0.0.1:${toString cfg.port} \
${concatStringsSep " " cfg.gunicorn.extraArgs} \
app:app
'';
WorkingDirectory = "${cfg.package}";
Restart = "on-failure";
User = cfg.user;
Group = cfg.group;
};
};
users.users."${cfg.user}" = {
home = "/var/lib/${cfg.user}";
isSystemUser = true;
group = cfg.group;
};
users.groups."${cfg.group}" = { };
services.nginx = mkIf cfg.nginx.enable {
enable = mkDefault true;
virtualHosts."${fqdn}" = {
enableACME = cfg.nginx.ssl;
forceSSL = cfg.nginx.ssl;
locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}";
};
};
security.acme = mkIf (cfg.nginx.enable && cfg.nginx.ssl) {
acceptTerms = true;
defaults.email = mkDefault "postmaster@${domain}";
defaults.webroot = mkDefault "/var/lib/acme/acme-challenge";
certs."${domain}".postRun = "systemctl reload nginx.service";
};
};
}

31
templates/dev/flask-hello/nix/package.nix Normal file
View file

@ -0,0 +1,31 @@
{
python3,
...
}:
python3.pkgs.buildPythonApplication rec {
pname = "flask_hello";
version = "0.1.0";
pyproject = true;
build-system = [ python3.pkgs.setuptools ];
dependencies = with python3.pkgs; [
flask
];
src = ../.;
installPhase = ''
runHook preInstall
mkdir -p $out
cp -r $src/${pname} $out/
cp $src/app.py $out/
chmod +x $out/app.py
runHook postInstall
'';
doCheck = false;
}

17
templates/dev/flask-hello/nix/shell.nix Normal file
View file

@ -0,0 +1,17 @@
{
pkgs ? import <nixpkgs> { },
...
}:
pkgs.mkShell {
buildInputs = [
(pkgs.python3.withPackages (
p: with p; [
flask
gunicorn
]
))
pkgs.nixfmt-tree
pkgs.black
];
}