Fix nixosConfigurations.pretalx-*.

Co-authored-by: Andres Navarro <git@andresnav.com>
ngi-nix · Aug 23, 2023 · d77172a · d77172a
1 parent 0b258c4
commit d77172a
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 34 deletions.
diff --git a/all-packages.nix b/all-packages.nix
@@ -9,9 +9,15 @@
     liberaforms-env = callPackage ./pkgs/liberaforms/env.nix {};
     libgnunetchat = callPackage ./pkgs/libgnunetchat {};
     librecast = callPackage ./pkgs/librecast {inherit lcrq;};
-    pretalx-mysql = callPackage ./pkgs/pretalx { withMysql = true; withRedis=true;};
-    pretalx-postgresql = callPackage ./pkgs/pretalx { withPostgresql = true; withRedis=true;};
-    pretalx = callPackage ./pkgs/pretalx { 
+    pretalx-mysql = callPackage ./pkgs/pretalx {
+      withMysql = true;
+      withRedis = true;
+    };
+    pretalx-postgresql = callPackage ./pkgs/pretalx {
+      withPostgresql = true;
+      withRedis = true;
+    };
+    pretalx = callPackage ./pkgs/pretalx {
       withMysql = true;
       withPostgresql = true;
       withRedis = true;

diff --git a/configs/pretalx/pretalx.nix b/configs/pretalx/pretalx.nix
@@ -3,23 +3,33 @@
   pkgs,
   ...
 }: {
+  imports = [
+    ./vm.nix
+  ];
+
   nixpkgs.hostPlatform = "x86_64-linux";
 
-  networking.firewall.allowedTCPPorts = [config.services.nginx.defaultHTTPListenPort];
+  networking = {
+    firewall.allowedTCPPorts = [config.services.nginx.defaultHTTPListenPort];
+    hostName = "server";
+    domain = "example.com";
+  };
 
-  sops.secrets = let
-    pretalxSecret = {
-      # For a production configuration also `sopsFile` is required.
-      # See <https://github.com/Mic92/sops-nix>.
-      owner = config.services.pretalx.user;
-      group = config.services.pretalx.group;
+  sops = {
+    secrets = let
+      pretalxSecret = {
+        # For a production configuration also `sopsFile` is required.
+        # See <https://github.com/Mic92/sops-nix>.
+        owner = config.services.pretalx.user;
+        group = config.services.pretalx.group;
+      };
+    in {
+      "pretalx/database/password" = pretalxSecret;
+      "pretalx/redis/location" = pretalxSecret;
+      "pretalx/init/admin/password" = pretalxSecret;
+      "pretalx/celery/backend" = pretalxSecret;
+      "pretalx/celery/broker" = pretalxSecret;
     };
-  in {
-    "pretalx/database/password" = pretalxSecret;
-    "pretalx/redis/location" = pretalxSecret;
-    "pretalx/init/admin/password" = pretalxSecret;
-    "pretalx/celery/backend" = pretalxSecret;
-    "pretalx/celery/broker" = pretalxSecret;
   };
 
   services = {
@@ -69,4 +79,6 @@
       recommendedProxySettings = true;
     };
   };
+
+  system.stateVersion = "22.11";
 }
diff --git a/configs/pretalx/vm.nix b/configs/pretalx/vm.nix
@@ -0,0 +1,10 @@
+{modulesPath, ...}: {
+  imports = [
+    "${modulesPath}/virtualisation/qemu-vm.nix"
+  ];
+
+  sops = {
+    age.keyFile = ./postgresql.nix;
+    defaultSopsFile = ./postgresql.nix;
+  };
+}
diff --git a/modules/pretalx.nix b/modules/pretalx.nix
@@ -485,10 +485,9 @@ in {
           script = ''
             ${exportPasswordEnv}
 
-            # ${cfg.package}/bin/pretalx compilemessages
+            # ${cfg.package}/bin/pretalx compilemessages # FIXME: when run, pretalx-web hangs
             ${cfg.package}/bin/pretalx collectstatic --noinput
-            # FIXME: Remove `--force`, was only added for PRETALX_DEBUG=true not to crash.
-            ${cfg.package}/bin/pretalx compress --force
+            ${cfg.package}/bin/pretalx compress
 
             exec ${gunicorn}/bin/gunicorn pretalx.wsgi --name=${pretalxWebServiceName} --bind=${gunicornSocket} ${cfg.gunicorn.extraArgs}
           '';

diff --git a/tests/pretalx/default.nix b/tests/pretalx/default.nix
@@ -7,22 +7,9 @@
         configurations.server
       ];
 
-      networking.hostName = "server";
-      networking.domain = "example.com";
-
-      sops = {
+      sops = pkgs.lib.mkForce {
         age.keyFile = ./sops/keys.txt;
-        secrets = let
-          pretalxSecret = {
-            sopsFile = ./sops/pretalx.yaml;
-          };
-        in {
-          "pretalx/database/password" = pretalxSecret;
-          "pretalx/redis/location" = pretalxSecret;
-          "pretalx/init/admin/password" = pretalxSecret;
-          "pretalx/celery/backend" = pretalxSecret;
-          "pretalx/celery/broker" = pretalxSecret;
-        };
+        defaultSopsFile = ./sops/pretalx.yaml;
       };
 
       # Use kmscon <https://www.freedesktop.org/wiki/Software/kmscon/>