322 lines
8.9 KiB
Nix
322 lines
8.9 KiB
Nix
{ pkgs, lib, ... }:
|
|
let
|
|
extraConfig = ''
|
|
if ($request_method = OPTIONS) {
|
|
return 204;
|
|
}
|
|
# this makes workadventure magically send CORS headers
|
|
add_header Access-Control-Allow-Headers Range;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
'';
|
|
|
|
workadventure-repository = pkgs.fetchgit {
|
|
url = "https://github.com/thecodingmachine/workadventure.git";
|
|
rev = "c2d0cda441dde6f4fed79aa742b11122b0bffd68";
|
|
sha256 = "1r1f80l07wk0jdmjyf4a4fq9mynjdmixivc4pf72ry4xx51hsv2y";
|
|
};
|
|
|
|
homeFolder = "/srv/workadventure";
|
|
|
|
debugMode = "true";
|
|
|
|
# If your Jitsi environment has authentication set up,
|
|
# you MUST set JITSI_PRIVATE_MODE to "true" and
|
|
# you MUST pass a SECRET_JITSI_KEY to generate the JWT secret
|
|
|
|
#JITSI_PRIVATE_MODE = "false";
|
|
jitsiPrivateMode = "false";
|
|
|
|
#SECRET_JITSI_KEY=
|
|
secretJitsiKey = "";
|
|
|
|
#JITSI_ISS=
|
|
jitsiISS = "";
|
|
|
|
#ADMIN_API_TOKEN = 123
|
|
adminAPIToken = "123";
|
|
|
|
domain = "workadventure.palovandalo.com";
|
|
|
|
#jitsiURL = "meet.palovandalo.com";
|
|
jitsiURL = "meet.jit.si";
|
|
|
|
mainURL = domain;
|
|
mainPort = 9000;
|
|
|
|
adminURL = "admin.${domain}";
|
|
adminPort = 9001;
|
|
|
|
apiURL = "api.${domain}";
|
|
apiPort = 9002;
|
|
|
|
mapsURL = "maps.${domain}";
|
|
mapsPort = 9003;
|
|
|
|
playURL = "play.${domain}";
|
|
#playPort = 9004;
|
|
playPort = 8080;
|
|
|
|
pusherURL = "pusher.${domain}";
|
|
pusherPort = 9005;
|
|
|
|
uploaderURL = "uploader.${domain}";
|
|
uploaderPort = 9006;
|
|
|
|
in {
|
|
|
|
# todo delete
|
|
networking.firewall = {
|
|
allowedTCPPorts = [ 80 443 8080 ];
|
|
allowedUDPPorts = [ 80 443 8080 ];
|
|
};
|
|
|
|
services.nginx.enable = true;
|
|
|
|
systemd.services.workadventureRepository = {
|
|
enable = true;
|
|
wantedBy = [ "multi-user.target" ];
|
|
script = ''
|
|
mkdir -p ${homeFolder}
|
|
cp -r "${workadventure-repository}"/* "${homeFolder}/"
|
|
chmod -R 777 "${homeFolder}"
|
|
'';
|
|
before = [
|
|
"docker-back.service"
|
|
"docker-maps.service"
|
|
"docker-messages.service"
|
|
"docker-prune.service"
|
|
"docker-uploader.service"
|
|
"docker-website.service"
|
|
];
|
|
};
|
|
|
|
systemd.services.workadventure-network = {
|
|
enable = true;
|
|
wantedBy = [ "multi-user.target" ];
|
|
script = ''
|
|
${pkgs.docker}/bin/docker network create --driver bridge workadventure
|
|
'';
|
|
after = [ "docker" ];
|
|
before = [
|
|
"docker-back.service"
|
|
"docker-maps.service"
|
|
"docker-messages.service"
|
|
"docker-prune.service"
|
|
"docker-uploader.service"
|
|
"docker-website.service"
|
|
];
|
|
};
|
|
|
|
virtualisation.oci-containers.backend = "docker";
|
|
|
|
virtualisation.oci-containers.containers.front = {
|
|
image = "thecodingmachine/nodejs:14";
|
|
environment = {
|
|
DEBUG_MODE = debugMode;
|
|
JITSI_URL = jitsiURL;
|
|
JITSI_PRIVATE_MODE = jitsiPrivateMode;
|
|
HOST = "0.0.0.0";
|
|
#HTTP_PORT = "80";
|
|
NODE_ENV = "development";
|
|
#NODE_ENV = "production";
|
|
API_URL = pusherURL;
|
|
UPLOADER_URL = uploaderURL;
|
|
ADMIN_URL = adminURL;
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
#TURN_SERVER = "turn:coturn.workadventu.re:443,turns:coturn.workadventu.re:443";
|
|
#TURN_USER = "workadventure";
|
|
#TURN_PASSWORD = "WorkAdventure123";
|
|
};
|
|
cmd = [ "yarn" "run" "start" ];
|
|
volumes = [ "${homeFolder}/front:/usr/src/app" ];
|
|
#ports = [ "${toString playPort}:8080" ];
|
|
ports = [ "0.0.0.0:${toString playPort}:8080" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-front.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${playURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString playPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
services.nginx.virtualHosts."${adminURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString mainPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.pusher = {
|
|
image = "thecodingmachine/nodejs:12";
|
|
cmd = [ "yarn" "dev" ];
|
|
environment = {
|
|
DEBUG = "*";
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
SECRET_JITSI_KEY = secretJitsiKey;
|
|
SECRET_KEY = "yourSecretKey";
|
|
ADMIN_API_TOKEN = adminAPIToken;
|
|
API_URL = "back:50051";
|
|
#API_URL = "back:8080";
|
|
JITSI_URL = jitsiURL;
|
|
JITSI_ISS = jitsiISS;
|
|
};
|
|
volumes = [ "${homeFolder}/pusher:/usr/src/app" ];
|
|
ports = [ "${toString pusherPort}:8080" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-pusher.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${pusherURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString pusherPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.maps = {
|
|
image = "thecodingmachine/nodejs:12-apache";
|
|
environment = {
|
|
DEBUG_MODE = debugMode;
|
|
HOST = "0.0.0.0";
|
|
NODE_ENV = "development";
|
|
STARTUP_COMMAND_0 = "sudo a2enmod headers";
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
STARTUP_COMMAND_2 = "yarn run dev &";
|
|
};
|
|
volumes = [ "${homeFolder}/maps:/var/www/html" ];
|
|
ports = [ "${toString mapsPort}:80" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-maps.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${mapsURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString mapsPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.back = {
|
|
image = "thecodingmachine/nodejs:12";
|
|
cmd = [ "yarn" "dev" ];
|
|
environment = {
|
|
DEBUG = "*";
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
SECRET_KEY = "yourSecretKey";
|
|
SECRET_JITSI_KEY = secretJitsiKey;
|
|
#HTTP_PORT = "80";
|
|
ALLOW_ARTILLERY = "true";
|
|
ADMIN_API_TOKEN = adminAPIToken;
|
|
JITSI_URL = jitsiURL;
|
|
JITSI_ISS = jitsiISS;
|
|
};
|
|
volumes = [ "${homeFolder}/back:/usr/src/app" ];
|
|
ports = [ "${toString apiPort}:8080" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-back.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${apiURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString apiPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.uploader = {
|
|
image = "thecodingmachine/nodejs:12";
|
|
cmd = [ "yarn" "dev" ];
|
|
environment = {
|
|
DEBUG = "*";
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
};
|
|
volumes = [ "${homeFolder}/uploader:/usr/src/app" ];
|
|
ports = [ "${toString uploaderPort}:8080" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-uploader.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${uploaderURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString uploaderPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.website = {
|
|
image = "thecodingmachine/nodejs:12-apache";
|
|
environment = {
|
|
STARTUP_COMMAND_1 = "npm install";
|
|
STARTUP_COMMAND_2 = "npm run watch &";
|
|
APACHE_DOCUMENT_ROOT = "dist/";
|
|
};
|
|
volumes = [ "${homeFolder}/website:/var/www/html" ];
|
|
ports = [ "${toString mainPort}:80" ];
|
|
extraOptions = [ "--network=workadventure" ];
|
|
};
|
|
systemd.services.docker-website.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
services.nginx.virtualHosts."${mainURL}" = {
|
|
#enableACME = true;
|
|
#forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${toString mainPort}";
|
|
proxyWebsockets = true;
|
|
extraConfig = extraConfig;
|
|
};
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.messages = {
|
|
image = "thecodingmachine/workadventure-back-base:latest";
|
|
environment = {
|
|
STARTUP_COMMAND_1 = "yarn install";
|
|
STARTUP_COMMAND_2 = "yarn run proto:watch";
|
|
};
|
|
volumes = [
|
|
"${homeFolder}/messages:/usr/src/app"
|
|
"${homeFolder}/back:/usr/src/back"
|
|
"${homeFolder}/front:/usr/src/front"
|
|
"${homeFolder}/pusher:/usr/src/pusher"
|
|
];
|
|
};
|
|
systemd.services.docker-messages.serviceConfig = {
|
|
StandardOutput = lib.mkForce "journal";
|
|
StandardError = lib.mkForce "journal";
|
|
};
|
|
|
|
}
|