From d85dacb6c27a09f3f3df88e555148d884701ee3c Mon Sep 17 00:00:00 2001
From: WilliButz <willibutz@posteo.de>
Date: Wed, 21 Feb 2024 21:59:49 +0100
Subject: [PATCH] components: drop celery, package manage.py instead

---
 components/celery.nix  | 13 -------------
 components/default.nix |  4 ++--
 components/manage.nix  | 16 ++++++++++++++++
 flake.nix              |  4 ++--
 module.nix             |  2 +-
 5 files changed, 21 insertions(+), 18 deletions(-)
 delete mode 100644 components/celery.nix
 create mode 100644 components/manage.nix

diff --git a/components/celery.nix b/components/celery.nix
deleted file mode 100644
index 2e7422c..0000000
--- a/components/celery.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ authentikComponents
-, makeWrapper
-, runCommandLocal
-}:
-
-runCommandLocal "authentik-celery" {
-  nativeBuildInputs = [ makeWrapper ];
-} ''
-  mkdir -vp $out/bin
-  ln -sv ${authentikComponents.pythonEnv}/bin/celery $out/bin/celery
-  wrapProgram $out/bin/celery \
-    --prefix PYTHONPATH : ${authentikComponents.staticWorkdirDeps}
-''
diff --git a/components/default.nix b/components/default.nix
index 0997543..a31301c 100644
--- a/components/default.nix
+++ b/components/default.nix
@@ -29,7 +29,7 @@ pkgs.lib.makeScope pkgs.newScope (final:
       inherit authentik-src;
     };
     # worker
-    celery = final.callPackage ./celery.nix {
+    manage = final.callPackage ./manage.nix {
     };
   in
   {
@@ -41,7 +41,7 @@ pkgs.lib.makeScope pkgs.newScope (final:
         gopkgs
         staticWorkdirDeps
         migrate
-        celery;
+        manage;
     };
     inherit authentik-src authentik-version;
   }
diff --git a/components/manage.nix b/components/manage.nix
new file mode 100644
index 0000000..ccf9b8c
--- /dev/null
+++ b/components/manage.nix
@@ -0,0 +1,16 @@
+{ authentik-src
+, authentikComponents
+, makeWrapper
+, runCommandLocal
+}:
+
+runCommandLocal "authentik-manage" {
+  nativeBuildInputs = [ makeWrapper ];
+} ''
+  mkdir -vp $out/bin
+  cp -v ${authentik-src}/manage.py $out/bin/manage.py
+
+  wrapProgram $out/bin/manage.py \
+    --prefix PATH : ${authentikComponents.pythonEnv}/bin \
+    --prefix PYTHONPATH : ${authentikComponents.staticWorkdirDeps}
+''
diff --git a/flake.nix b/flake.nix
index feec643..9b1c1a9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -58,7 +58,7 @@
           imports = [ ./module.nix ];
           services.authentik.authentikComponents = pkgs.lib.mkDefault (withSystem pkgs.stdenv.hostPlatform.system (
             { config, ... }:
-            { inherit (config.packages) celery staticWorkdirDeps migrate pythonEnv frontend gopkgs docs; }
+            { inherit (config.packages) manage staticWorkdirDeps migrate pythonEnv frontend gopkgs docs; }
           ));
         };
 
@@ -92,7 +92,7 @@
             gopkgs
             staticWorkdirDeps
             migrate
-            celery;
+            manage;
 
           # terraform provider
           terraform-provider-authentik = inputs.nixpkgs-23-05.legacyPackages.${system}.buildGo118Module rec {
diff --git a/module.nix b/module.nix
index 2445792..110b1af 100644
--- a/module.nix
+++ b/module.nix
@@ -165,7 +165,7 @@ in
             DynamicUser = true;
             User = "authentik";
             # TODO maybe make this configurable
-            ExecStart = "${cfg.authentikComponents.celery}/bin/celery -A authentik.root.celery worker -Ofair --max-tasks-per-child=1 --autoscale 3,1 -E -B -s /tmp/celerybeat-schedule -Q authentik,authentik_scheduled,authentik_events";
+            ExecStart = "${cfg.authentikComponents.manage}/bin/manage.py worker";
             EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];
             LoadCredential = mkIf (cfg.nginx.enable && cfg.nginx.enableACME) [
               "${cfg.nginx.host}.pem:${config.security.acme.certs.${cfg.nginx.host}.directory}/fullchain.pem"