My Server Setup with NixOS

This little server here runs gemserv on a NixOS machine. I'm far from an expert NixOS user and often resort to searching the web when trying to achieve some goals. Hence, the solution below might be far from optimal. I hope it's nevertheless useful for some. Since most gemini software is developing quite rapidly right now, I don't see much value in upstreaming this into nixpkgs.

The Gemserv Server

The Configuration

In my configuration.nix I have a custom expression for gemserv, a systemd service configuration, an acme configuration to get the certificates, and a `pkgs.writeText` call to generate the configuration. The relevant parts are:

	security.acme = {
			acceptTerms = true;
			certs."otrn.org" = {
    		user = "gemserv";
    		domain = "otrn.org";
				dnsProvider = [Add your own];
				credentialsFile = [Add your own];
				dnsPropagationCheck = true;
			};
	};
	systemd.services.gemserv = {
    enable = true;
		wantedBy = [ "multi-user.target" ];
		after = [ "network.target" ];
		description = "The gemserv gemini server.";
		serviceConfig = {
			Type = "simple";
			User = "gemserv";
			Restart = "always";
			RestartSec = 5;
			ExecStart = ''${gemserv}/bin/gemserv ${gemserv_conf}'';
		};
	};
	users.extraUsers.gemserv = {
		isSystemUser = true;
	};

The variable `gemserv_conf` is defined in the `let ... in` block ontop of the `configuration.nix` file.

	gemserv_conf = pkgs.writeText "config.toml" ''
port = 1965
host = "::"
log = "info"

[[server]]
hostname = "otrn.org"
dir = "/var/gemini"
cert = "${config.security.acme.certs."otrn.org".directory}/fullchain.pem"
key = "${config.security.acme.certs."otrn.org".directory}/key.pem"
index = "index.gmi"
cgi = true
usrdir = false
	'';

The gemserv Expression

In the `let` block at the top of my `configuration.nix` file I have the

following expression:

	gemserv = pkgs.rustPlatform.buildRustPackage rec {
		name = "gemserv";
		src = pkgs.fetchgit {
				url = "git://80h.dev/gemserv.git";
				rev = "fcaf3f7c7ec6db48782932fd6ec025d12b79a40";
				sha256 = "17qsklk90bwyldh574m6liyxk9qn40rxgz92f2fnlcd7ww811zyp";
		};

		cargoPatches = [ ./gemserv-add-Cargo.lock.patch ];
		cargoSha256 = "1vqyvqbq3nblzs4gh5mncgzgyg9wzzz6ravjfmfzrsl1qwisn7k7";
		buildInputs = with pkgs; [ pkg-config openssl ];
	};

then I just added gemserv in the `systemPackages` list.

This uses the `buildRustPackage` builder and seems to work well. The gemserv git repository does not contain a `Cargo.lock` file. I had to create a patch to add this. To do so run `cargo update`, commit the file, and then run

git diff HEAD^1 HEAD > gemserv-add-Cargo.lock.patch

The resulting file must be in the same directory as the `configuration.nix` file.