Skip to content

Instantly share code, notes, and snippets.

@ghuntley

ghuntley/README.md

Last active May 4, 2023 21:16
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ghuntley/f15b2cc14701a9322c21b8581dc7551b to your computer and use it in GitHub Desktop.
Save ghuntley/f15b2cc14701a9322c21b8581dc7551b to your computer and use it in GitHub Desktop.
Download ZIP
a rough prototype for running coder.com as a nixos system service
Raw
README.md

background

  1. Now that coder is in nixpkgs at https://search.nixos.org/packages?channel=22.11&show=coder&from=0&size=50&sort=relevance&type=packages&query=coder
  2. The next step is to enable running coder in NixOS via services.coder.enable = true;
  3. Thus design configuration options such as https://search.nixos.org/options?channel=22.11&show=services.znc.user&from=0&size=50&sort=relevance&type=packages&query=znc
  4. Refer to https://github.com/NixOS/nixpkgs/blob/nixos-22.11/nixos/modules/services/networking/znc/default.nix for an example of what is to be achieved.

next steps

  1. What configuration options should we expose vs encouraging usage of extraFlags?
  2. Is systemd configuration appropriate?
  3. Are we happy with stateDir location?
  4. Forcing accessUrl means Tunnel won't work but I don't think we want to encourage tunnel for systemd scenarios?
Raw
coder-service.nix
{ config, lib, pkgs, ... }:
with lib;
let
inherit (pkgs) coder;
cfg = config.services.coder;
stateDir = "/var/lib/coder";
coderFlags = [ "--global-config" "${stateDir}" "--access-url" "${accessUrl}" "--address" "${address}" ] ++ cfg.extraFlags;
in
{
###### interface
options = {
services.coder = {
enable = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
'';
};
address = mkOption {
type = types.str;
description = lib.mdDoc ''
Bind address of the server.
'';
example = literalExpression ''127.0.0.1:3000'';
default = "127.0.0.1:3000";
};
accessUrl = mkOption {
type = types.str;
description = lib.mdDoc ''
Set to the external URL that users and workspaces will use to
connect to Coder. This must be accessible by all provisioned
workspaces.
'';
example = literalExpression ''"https://coder.example.com"'';
default = [];
};
extraFlags = mkOption {
type = types.listOf types.str;
description = lib.mdDoc "Extra flags passed to the coder command.";
example = literalExpression ''[ "--experimental" ]'';
default = [];
};
};
};
###### implementation
config = mkIf config.services.coder.enable {
meta.maintainers = with lib.maintainers; [ ghuntley ];
# Make tools such as coder available in the system path.
environment.systemPackages = [ pkgs.coder ];
users.users.coder =
{ isSystemUser = true;
group = "coder";
description = "Coder daemon user";
home = stateDir;
};
users.groups.coder = {};
systemd.services.coder =
{ description = "Coder Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
preStart =
''
mkdir -m 0755 -p ${stateDir}
chown coder ${stateDir}
'';
serviceConfig = {
ExecStart = "@${coder}/bin/coder coder server ${builtins.toString coderFlags}";
Type = "forking";
};
};
};
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment