nixos-config/terranix/jitsi-cloud/plops/configs/nixserver-host/workadventure.nix
Ingolf Wagner 723be1c799
jitsi wip
2020-12-31 02:51:13 +01:00

232 lines
8 KiB
Nix

{ pkgs, lib, ... }:
let
workadventure-repository = pkgs.fetchgit {
url = "https://github.com/thecodingmachine/workadventure.git";
rev = "284846e8a59ec0d921189ac3a46e0eb5d1e14818";
sha256 = "1f1vi226kas7x9y8zw810q5vg1ikn4bb6ha9vnzvqk9y7jlc1n8q";
};
homeFolder = "/srv/workadventure";
debugMode = "true";
jitsiURL = "meet.palovandalo.com";
# If your Jitsi environment has authentication set up,
# you MUST set JITSI_PRIVATE_MODE to "true" and
# you MUST pass a SECRET_JITSI_KEY to generate the JWT secret
#JITSI_PRIVATE_MODE = "false";
jitsiPrivateMode = "false";
#SECRET_JITSI_KEY=
secretJitsiKey = "";
#JITSI_ISS=
jitsiISS = "";
#ADMIN_API_TOKEN = 123
adminAPIToken = 123;
# note: container logs can be viewed by using
# journalctrl CONTAINER_NAME=front
# journalctrl CONTAINER_NAME=back
domain = "workadventure.palovandalo.com";
in {
systemd.services.workadventureRepository = {
enable = true;
wantedBy = [ "multi-user.target" ];
script = ''
mkdir -p ${homeFolder}
cp -r "${workadventure-repository}"/* "${homeFolder}/"
chmod -R 777 "${homeFolder}"
'';
before = [
"docker-back.service"
"docker-maps.service"
"docker-messages.service"
"docker-prune.service"
"docker-uploader.service"
"docker-website.service"
];
};
virtualisation.oci-containers = {
backend = "docker";
containers = {
front = {
image = "thecodingmachine/nodejs:14";
environment = {
DEBUG_MODE = debugMode;
JITSI_URL = jitsiURL;
JITSI_PRIVATE_MODE = jitsiPrivateMode;
HOST = "0.0.0.0";
NODE_ENV = "development";
API_URL = "pusher.${domain}";
UPLOADER_URL = "uploader.${domain}";
ADMIN_URL = "admin.${domain}";
STARTUP_COMMAND_1 = "yarn install";
# udp packet foobar
TURN_SERVER =
"turn:coturn.workadventu.re:443,turns:coturn.workadventu.re:443";
TURN_USER = "workadventure";
TURN_PASSWORD = "WorkAdventure123";
};
cmd = [ "yarn run start" ];
volumes = [ "$homeFolder}/front:/usr/src/app" ];
extraOptions = let
labelFile = pkgs.writeText "front-labels" ''
traefik.http.routers.front.rule=Host(`play.${domain}`)
traefik.http.routers.front.entryPoints=web,traefik
traefik.http.services.front.loadbalancer.server.port=8080
traefik.http.routers.front-ssl.rule=Host(`play.${domain}`)
traefik.http.routers.front-ssl.entryPoints=websecure
traefik.http.routers.front-ssl.tls=true
traefik.http.routers.front-ssl.service=front
'';
in [ "--label-file" (toString labelFile) ];
};
pusher = {
image = "thecodingmachine/nodejs:12";
cmd = [ "yarn dev" ];
environment = {
DEBUG = "*";
STARTUP_COMMAND_1 = "yarn install";
SECRET_JITSI_KEY = secretJitsiKey;
SECRET_KEY = "yourSecretKey";
ADMIN_API_TOKEN = "$ADMIN_API_TOKEN";
API_URL = "back:50051";
JITSI_URL = jitsiURL;
JITSI_ISS = jitsiISS;
};
volumes = [ "${homeFolder}/pusher:/usr/src/app" ];
extraOptions = let
labelFile = pkgs.writeText "pusher-labels" ''
traefik.http.routers.pusher.rule=Host(`pusher.${domain}`)
traefik.http.routers.pusher.entryPoints=web
traefik.http.services.pusher.loadbalancer.server.port=8080
traefik.http.routers.pusher-ssl.rule=Host(`pusher.${domain}`)
traefik.http.routers.pusher-ssl.entryPoints=websecure
traefik.http.routers.pusher-ssl.tls=true
traefik.http.routers.pusher-ssl.service=pusher
'';
in [ "--label-file" (toString labelFile) ];
};
maps = {
image = "thecodingmachine/nodejs:12-apache";
environment = {
DEBUG_MODE = debugMode;
HOST = "0.0.0.0";
NODE_ENV = "development";
STARTUP_COMMAND_0 = "sudo a2enmod headers";
STARTUP_COMMAND_1 = "yarn install";
STARTUP_COMMAND_2 = "yarn run dev &";
};
volumes = [ "${homeFolder}/maps:/var/www/html" ];
extraOptions = let
labelFile = pkgs.writeText "maps-labels" ''
traefik.http.routers.maps.rule=Host(`maps.${domain}`)
traefik.http.routers.maps.entryPoints=web,traefik
traefik.http.services.maps.loadbalancer.server.port=80
traefik.http.routers.maps-ssl.rule=Host(`maps.${domain}`)
traefik.http.routers.maps-ssl.entryPoints=websecure
traefik.http.routers.maps-ssl.tls=true
traefik.http.routers.maps-ssl.service=maps
'';
in [ "--label-file" (toString labelFile) ];
};
back = {
image = "thecodingmachine/nodejs:12";
cmd = [ "yarn dev" ];
environment = {
DEBUG = "*";
STARTUP_COMMAND_1 = "yarn install";
SECRET_KEY = "yourSecretKey";
SECRET_JITSI_KEY = secretJitsiKey;
ALLOW_ARTILLERY = "true";
ADMIN_API_TOKEN = "$ADMIN_API_TOKEN";
JITSI_URL = jitsiURL;
JITSI_ISS = jitsiISS;
};
volumes = [ "${homeFolder}/back:/usr/src/app" ];
extraOptions = let
labelFile = pkgs.writeText "back-labels" ''
traefik.http.routers.back.rule=Host(`api.${domain}`)
traefik.http.routers.back.entryPoints=web
traefik.http.services.back.loadbalancer.server.port=8080
traefik.http.routers.back-ssl.rule=Host(`api.${domain}`)
traefik.http.routers.back-ssl.entryPoints=websecure
traefik.http.routers.back-ssl.tls=true
traefik.http.routers.back-ssl.service=back
'';
in [ "--label-file" (toString labelFile) ];
};
uploader = {
image = "thecodingmachine/nodejs:12";
cmd = [ "yarn dev" ];
environment = {
DEBUG = "*";
STARTUP_COMMAND_1 = "yarn install";
};
volumes = [ "${homeFolder}/uploader:/usr/src/app" ];
extraOptions = let
labelFile = pkgs.writeText "uploader-labels" ''
traefik.http.routers.uploader.rule=Host(`uploader.${domain}`)
traefik.http.routers.uploader.entryPoints=web
traefik.http.services.uploader.loadbalancer.server.port=8080
traefik.http.routers.uploader-ssl.rule=Host(`uploader.${domain}`)
traefik.http.routers.uploader-ssl.entryPoints=websecure
traefik.http.routers.uploader-ssl.tls=true
traefik.http.routers.uploader-ssl.service=uploader
'';
in [ "--label-file" (toString labelFile) ];
};
website = {
image = "thecodingmachine/nodejs:12-apache";
environment = {
STARTUP_COMMAND_1 = "npm install";
STARTUP_COMMAND_2 = "npm run watch &";
APACHE_DOCUMENT_ROOT = "dist/";
};
volumes = [ "${homeFolder}/website:/var/www/html" ];
extraOptions = let
labelFile = pkgs.writeText "website-labels" ''
traefik.http.routers.website.rule=Host(`${domain}`)
traefik.http.routers.website.entryPoints=web
traefik.http.services.website.loadbalancer.server.port=8080
traefik.http.routers.website-ssl.rule=Host(`${domain}`)
traefik.http.routers.website-ssl.entryPoints=websecure
traefik.http.routers.website-ssl.tls=true
traefik.http.routers.website-ssl.service=website
'';
in [ "--label-file" (toString labelFile) ];
};
messages = {
image = "thecodingmachine/workadventure-back-base:latest";
environment = {
STARTUP_COMMAND_1 = "yarn install";
STARTUP_COMMAND_2 = "yarn run proto:watch";
};
volumes = [
"${homeFolder}/messages:/usr/src/app"
"${homeFolder}/back:/usr/src/back"
"${homeFolder}/front:/usr/src/front"
"${homeFolder}/pusher:/usr/src/pusher"
];
};
};
};
}