webref/nixos/dev-services.nix

{ pkgs, lib, ... }:

{
  # Development services configuration for Reference Board Viewer
  # Can be used for: local dev, CI VMs, and testing
  # Reusable via nixos-generators

  # Networking
  networking.firewall.enable = false; # Open for development

  services.postgresql = {
    enable = true;
    package = pkgs.postgresql_16;

    # Listen on all interfaces (for VM access)
    settings = {
      listen_addresses = lib.mkForce "*";
      port = 5432;
    };

    # Initialize database and user
    ensureDatabases = [ "webref" ];
    ensureUsers = [
      {
        name = "webref";
        ensureDBOwnership = true;
      }
    ];

    # Development authentication (trust for development/testing)
    authentication = pkgs.lib.mkOverride 10 ''
      local all all trust
      host all all 0.0.0.0/0 trust
      host all all ::0/0 trust
    '';

    # Enable UUID extension
    initialScript = pkgs.writeText "init.sql" ''
      CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
    '';
  };

  # MinIO service for object storage
  services.minio = {
    enable = true;
    rootCredentialsFile = pkgs.writeText "minio-credentials" ''
      MINIO_ROOT_USER=minioadmin
      MINIO_ROOT_PASSWORD=minioadmin
    '';

    # Data directory
    dataDir = [ "/var/lib/minio/data" ];

    # Listen on all interfaces
    listenAddress = ":9000";
    consoleAddress = ":9001";
  };

  # Create webref bucket on startup
  systemd.services.minio-init = {
    description = "Initialize MinIO buckets";
    after = [ "minio.service" ];
    wantedBy = [ "multi-user.target" ];

    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };

    script = ''
      # Wait for MinIO to be ready
      until ${pkgs.curl}/bin/curl -sf http://localhost:9000/minio/health/live > /dev/null 2>&1; do
        echo "Waiting for MinIO..."
        sleep 1
      done

      # Configure mc alias and create bucket
      ${pkgs.minio-client}/bin/mc alias set local http://localhost:9000 minioadmin minioadmin || true
      ${pkgs.minio-client}/bin/mc mb local/webref || true
      ${pkgs.minio-client}/bin/mc anonymous set public local/webref || true

      echo "MinIO initialized with webref bucket"
    '';
  };

  # Optional: Redis for caching/background tasks (Phase 2)
  # Uncomment when needed:
  # services.redis.servers.webref = {
  #   enable = true;
  #   port = 6379;
  #   bind = "0.0.0.0";
  # };

  # Ensure services start automatically
  systemd.targets.multi-user.wants = [
    "postgresql.service"
    "minio.service"
  ];
}