From 00decb5f926d67393c78246c52992c92036e592d Mon Sep 17 00:00:00 2001
From: Andrey Golovizin <ag@sologoc.com>
Date: Tue, 10 Mar 2020 16:18:48 +0100
Subject: [PATCH] Use systemd socket activation

---
 module.nix | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/module.nix b/module.nix
index 70c4119..f0e289e 100644
--- a/module.nix
+++ b/module.nix
@@ -29,19 +29,15 @@ in
           Whether to enable Strojnadzor
         ";
       };
-      hostname = mkOption {
-        default = "localhost";
-        description = "Listen to this hostname or ip.";
-      };
-      port = mkOption {
-        type = types.port;
-        default = 9000;
-        description = "Listen on this port.";
-      };
       stateDir = mkOption {
         default = "/var/lib/strojnadzor";
         type = types.str;
-        description = "Strojnadzor data directory.";
+        description = "Data directory.";
+      };
+      socketPath = mkOption {
+        default = "/run/strojnadzor.sock";
+        type = types.str;
+        description = "UNIX socket path.";
       };
     };
   };
@@ -65,15 +61,27 @@ in
       "d '${cfg.stateDir}/data' - strojnadzor strojnadzor - -"
     ];
 
+    systemd.sockets.strojnadzor = {
+      description = "Strojnadzor HTTP socket.";
+      wantedBy = [ "sockets.target" ];
+      socketConfig = {
+        User = "nginx";
+        Group = "nginx";
+        ListenStream = "${cfg.socketPath}";
+      };
+    };
+
     systemd.services.strojnadzor = {
       description = "Strojnadzor HTTP server.";
       after = [ "network.target" ];
       wantedBy = [ "multi-user.target" ];
+      requires = [ "strojnadzor.socket" ];
       serviceConfig = {
+        Type = "notify";
         User = "strojnadzor";
         Group = "strojnadzor";
         ExecStartPre = "${strojnadzor}/bin/strojnadzor-admin migrate";
-        ExecStart = "${strojnadzor}/bin/strojnadzor-admin runserver-gunicorn --bind ${cfg.hostname}:${toString cfg.port}";
+        ExecStart = "${strojnadzor}/bin/strojnadzor-admin runserver-gunicorn";
       };
       environment.STROJNADZOR_DATA_DIR = "${cfg.stateDir}/data";
       environment.STROJNADZOR_STATIC_DIR = "${static}/static";
@@ -91,7 +99,7 @@ in
           '';
           locations."/static/".alias = "${static}/";
           locations."/" = {
-            proxyPass = "http://127.0.0.1:${toString cfg.port}";
+            proxyPass = "http://unix:/${cfg.socketPath}";
             extraConfig = ''
               proxy_set_header Host $host;
               proxy_set_header X-Forwarded-For $remote_addr;