From 9ca8866f57037339937cc40473aa47d8632bc3f2 Mon Sep 17 00:00:00 2001
From: Ashelyn Rose <rose@tempest.dev>
Date: Mon, 29 May 2023 20:13:11 -0600
Subject: [PATCH] Nix flake config

---
 .dockerignore  |   2 -
 .gitlab-ci.yml |  12 ----
 Dockerfile     |   8 ---
 flake.nix      | 155 +++++++++++++++++++++++++++++++++++++++++++++++++
 index.js       |   2 +-
 5 files changed, 156 insertions(+), 23 deletions(-)
 delete mode 100644 .dockerignore
 delete mode 100644 .gitlab-ci.yml
 delete mode 100644 Dockerfile
 create mode 100644 flake.nix

diff --git a/.dockerignore b/.dockerignore
deleted file mode 100644
index 1687d79..0000000
--- a/.dockerignore
+++ /dev/null
@@ -1,2 +0,0 @@
-node_modules/
-config.json
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index 81bc33c..0000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-build:
-  stage: build
-  only:
-    - master
-    - static
-  image:
-    name: gcr.io/kaniko-project/executor:debug
-    entrypoint: [""]
-  script:
-    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
-    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
-
diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index 58c243e..0000000
--- a/Dockerfile
+++ /dev/null
@@ -1,8 +0,0 @@
-from node:latest
-
-workdir /app
-copy . /app
-
-run npm i
-
-cmd node index.js
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..908ae96
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,155 @@
+{
+  inputs = {
+    utils.url = "github:numtide/flake-utils";
+    nixpkgs.url = "github:NixOS/nixpkgs/master";
+    nix-filter.url = "github:numtide/nix-filter";
+  };
+
+  outputs = {
+    self,
+    nixpkgs,
+    utils,
+    nix-filter,
+  }:
+    utils.lib.eachDefaultSystem
+    (system: let
+      pkgs = import nixpkgs {
+        inherit system;
+      };
+
+      filter = nix-filter.lib;
+
+      nodejs = pkgs.nodejs-18_x;
+
+      node_modules = pkgs.stdenv.mkDerivation {
+        name = "node_modules";
+
+        src = filter {
+          root = ./.;
+          include = [
+            ./package.json
+            ./package-lock.json
+          ];
+        };
+
+        __noChroot = true;
+
+        configurePhase = ''
+          export HOME=$TMP
+        '';
+
+        buildInputs = [ nodejs ];
+
+        buildPhase = ''
+          ${nodejs}/bin/npm ci
+        '';
+
+        installPhase = ''
+          mkdir $out
+          mv node_modules $out/node_modules
+        '';
+      };
+    in {
+      packages = {
+
+        default = pkgs.stdenv.mkDerivation {
+          name = "tempest-api-contact";
+
+          src = filter {
+            root = ./.;
+            exclude = [
+              ./node_modules
+            ];
+          };
+
+          nativeBuildInputs = [ nodejs ];
+
+          buildPhase = "true";
+
+          configurePhase = ''
+            ln -sf ${node_modules}/node_modules node_modules
+            export HOME=$TMP
+          '';
+
+          installPhase = ''
+            mkdir -p $out
+            mv index.js $out/
+
+            # Re-link the node_modules
+            mv node_modules $out/node_modules
+
+            # Wrap the script
+            cat <<ENTRYPOINT > $out/entrypoint
+            #!${pkgs.stdenv.shell}
+            exec "$(type -p node)" "$out/index.js" "$$@"
+            ENTRYPOINT
+            chmod +x $out/entrypoint
+          '';
+        };
+      };
+    }) // {
+      nixosModule = {config, lib, pkgs, ...}:
+        with lib;
+        let cfg = config.ashe.services.tempest-api-contact;
+
+        in {
+          options.ashe.services.tempest-api-contact = {
+            enable = mkEnableOption "Enables the service";
+
+            port = mkOption rec {
+              type = types.int;
+              default = 8000;
+              example = default;
+              description = "The port for this service to listen on";
+
+            };
+
+            domain = mkOption rec {
+              type = types.str;
+              default = "tempest.dev";
+              example = default;
+              description = "The domain name for the service";
+            };
+
+            path = mkOption rec {
+              type = types.str;
+              default = "/";
+              example = default;
+              description = "The path for the service";
+            };
+
+            configFile = mkOption rec {
+              type = types.str;
+              default = "./config.json";
+              example = default;
+              description = "The config file for the service";
+            };
+          };
+
+          config = mkIf cfg.enable {
+            systemd.services."ashe.contact-api" = {
+              wantedBy = [ "multi-user.target" ];
+
+              serviceConfig = let pkg = self.packages.${pkgs.system}.default;
+              in {
+                Restart = "on-failure";
+                ExecStart = "${pkg}/entrypoint";
+                DynamicUser = "yes";
+                PrivateTmp = "yes";
+                Environment = [
+                  "PORT=${toString cfg.port}"
+                  "CONTACT_CONFIG=${cfg.configFile}"
+                ];
+              };
+            };
+
+            services.nginx.virtualHosts.${cfg.domain} = {
+              locations."${cfg.path}" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };
+              forceSSL = true;
+              enableACME = true;
+            };
+          };
+        };
+
+    };
+}
diff --git a/index.js b/index.js
index 80dc65d..7d8bb97 100644
--- a/index.js
+++ b/index.js
@@ -10,7 +10,7 @@ app.use(bodyParser())
 
 const router = new koaRouter()
 
-const {contacts, config} = require('./config.json')
+const {contacts, config} = require(process.env.CONTACT_CONFIG || './config.json')
 const transport = nodemailer.createTransport(config)
 transport.verify()
   .then(() => console.log(`Email transport ready`))