deploy ente via a flake

I like ente! And I want it to live in my nixops-managed remote box without Docker. Their deployment story is simple enough that it seems worthwile to make a flake for them and try to upstream it. Here's a quick description of this little project.

Package the components

The ente repository has two projects in it of relevance to us:

  • web, which contains the yarn-managed nodejs frontend
  • server, which contains the go module that builds the backend binary

Each of these become ente-web and ente-server in the flake.

It mihgt be thecase that we want to package each of the ente-web compoenents separately! That way people don't need to even have the code for frontend components that they don't plan to use.

Write a nixos module to configure and run them

Create a systemd service to run the backend

Ente-server expects, according to the doc, to be available to the frontend components at a network address, which in the local default is "http://localhost:8080". We write a systemd service to run it there.

The only surprise is that currently the binary wants our configuration to be available in the working directory from which you run the command. It needs that working directory to contain both ./museum.yaml and ./configurations/${ENVIRONMENT}.yml.

I create a derivation that copies that directory from source into the right place, and also writes a museum.yaml from nix-managed options.

There's also an option to just use a museum.yaml file that you provide, which if set overrides the nix-tangled options entirely.

Create an nginx configuration that serves the frontend

This is relatively straightforward; I find their expectation of subdomains in productino a little weird, but don't deny that it must simplify their routes management significantly for each service to be able to expect that they're at root. I wish them whatever ease they can manage, beiung on next.js . My misadventures with rasendubi/braindump still have me salty around all the indirection involved in next.

The nginx config can be enabled via a switch, and is a sufficiently canonical format to be easy to adapt to whatever reverse proxy service someone might favor. I guess, since their docs give a Caddy config example, that a Caddy config might also be appropriate.

Create the nix options that tangle into museum.yaml

The defaults given in config/example.yaml and configurations/local.yaml need to be examined and populated into either the museumConfig local variable (these can be overriden with museumExtraConfig), or as options under config.services.ente.museum. Of particular note: external domain, db, secrets, storage bucket, smtp.

azan-n.com wants to try doing this part, since I've convverted him to the nix life. So this will be a coauthored PR! (: