blog time
This commit is contained in:
parent
d8a6cb79cd
commit
1380f1500f
|
@ -164,7 +164,7 @@ in {
|
|||
sshKey = "/var/lib/syncoid/.ssh/id_ed25519";
|
||||
commands."system" = {
|
||||
source = "system";
|
||||
target = "backup@home.rhelmot.io:main/backup/daisy/system";
|
||||
target = "backup@home.rhelmot.io:main/backup/${config.networking.hostName}/system";
|
||||
# xeni note - option w is weeeeeeeird but the only consequnce is a lack of encryption
|
||||
#sendOptions = "w";
|
||||
recursive = true;
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
{
|
||||
flakeInputs,
|
||||
platform,
|
||||
site,
|
||||
}:
|
||||
let
|
||||
pkgs = flakeInputs.nixpkgs.legacyPackages.${platform};
|
||||
lib = pkgs.lib;
|
||||
mkDeploy = { site, targetPkg, profileName, extraCommands ? "" }: pkgs.substituteAll {
|
||||
name = "deploy-${profileName}";
|
||||
src = builtins.toFile "deploy-template" ''
|
||||
#!@runtimeShell@
|
||||
set -ex
|
||||
nix-copy-closure --to @site@ @targetPkg@
|
||||
ssh @site@ sudo nix-env --set -p /nix/var/nix/profiles/@profileName@ @targetPkg@
|
||||
@extraCommands@
|
||||
'';
|
||||
env = {
|
||||
inherit site targetPkg profileName extraCommands;
|
||||
inherit (pkgs) runtimeShell;
|
||||
};
|
||||
isExecutable = true;
|
||||
passthru.site = site;
|
||||
};
|
||||
deployments = builtins.map mkDeploy [
|
||||
{
|
||||
profileName = "blog-rhelmot-io";
|
||||
site = "sunflower";
|
||||
targetPkg = flakeInputs."blog-rhelmot-io".packages.${platform}.blog;
|
||||
}
|
||||
];
|
||||
filteredDeployments = builtins.filter (deployment: deployment.site == site) deployments;
|
||||
filteredDeploymentsAttrs = builtins.listToAttrs (builtins.map (value: { name = value.profileName; inherit value; }) filteredDeployments);
|
||||
targetSystem = flakeInputs.self.packages.${platform}.${site}.system;
|
||||
deployAll = pkgs.writeShellScriptBin "deploy-all-${site}" (''
|
||||
set -ex
|
||||
# TODO take advantage of the nixos-rebuild infrastructure
|
||||
nix-copy-closure --to ${site} ${targetSystem}
|
||||
ssh ${site} 'sudo nix-env --set -p /nix/var/nix/profiles/system ${targetSystem} && sudo ${targetSystem}/bin/switch-to-configuration switch'
|
||||
set +e
|
||||
'' + lib.concatStringsSep "\n" filteredDeployments);
|
||||
in deployAll // filteredDeploymentsAttrs
|
85
flake.lock
85
flake.lock
|
@ -15,6 +15,49 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"blog-rhelmot-io": {
|
||||
"inputs": {
|
||||
"coricamu": "coricamu",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1745178146,
|
||||
"narHash": "sha256-O+i/U/cWdhsO0xIjd3EgWJooI7+CsIMPxAhuNKluzso=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "eb251b99807f1b5ee041755cb313b4880315eff6",
|
||||
"revCount": 5,
|
||||
"type": "git",
|
||||
"url": "https://git.lain.faith/rhelmot/blog.rhelmot.io"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.lain.faith/rhelmot/blog.rhelmot.io"
|
||||
}
|
||||
},
|
||||
"coricamu": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"blog-rhelmot-io",
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1745178120,
|
||||
"narHash": "sha256-2CQDWkN475WFzYXvUciYhzEn7+UcmR2iLoqZxJq9pcM=",
|
||||
"owner": "rhelmot",
|
||||
"repo": "coricamu",
|
||||
"rev": "b6440b4763a202d727e7a89d8fc3e503c55329f1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "rhelmot",
|
||||
"repo": "coricamu",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"locked": {
|
||||
"lastModified": 1733328505,
|
||||
|
@ -47,7 +90,7 @@
|
|||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
|
@ -219,11 +262,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1743367904,
|
||||
"narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=",
|
||||
"lastModified": 1744440957,
|
||||
"narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c",
|
||||
"rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -252,6 +295,7 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"bingosync": "bingosync",
|
||||
"blog-rhelmot-io": "blog-rhelmot-io",
|
||||
"lix-module": "lix-module",
|
||||
"nixbsd": "nixbsd",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
|
@ -271,6 +315,39 @@
|
|||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1731533236,
|
||||
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
|
@ -8,8 +8,10 @@
|
|||
};
|
||||
|
||||
bingosync.url = "github:rhelmot/bingosync";
|
||||
blog-rhelmot-io.url = "git+https://git.lain.faith/rhelmot/blog.rhelmot.io";
|
||||
blog-rhelmot-io.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
outputs = { self, nixpkgs, nixbsd, lix-module, bingosync, ... }: let
|
||||
outputs = { self, nixpkgs, nixbsd, lix-module, bingosync, ... }@flakeInputs: let
|
||||
sitesFiles = builtins.readDir ./sites;
|
||||
sitesNames = builtins.filter (name: builtins.pathExists ./sites/${name}/configuration.nix) (builtins.attrNames sitesFiles);
|
||||
systemTypes = {
|
||||
|
@ -31,6 +33,7 @@
|
|||
}; in {
|
||||
inherit (evaluated) config options;
|
||||
system = evaluated.config.system.build.toplevel;
|
||||
deploy = import ./deploy.nix { inherit flakeInputs platform; site = name; };
|
||||
};
|
||||
}) sitesNames);
|
||||
in {
|
||||
|
|
|
@ -45,60 +45,73 @@
|
|||
recommendedProxySettings = true;
|
||||
recommendedTlsSettings = true;
|
||||
|
||||
virtualHosts."rhelmot.io" = {
|
||||
default = true;
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/var/www/rhelmot.io/";
|
||||
virtualHosts = {
|
||||
"rhelmot.io" = {
|
||||
default = true;
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/var/www/rhelmot.io/";
|
||||
};
|
||||
locations."/secret/" = {
|
||||
basicAuthFile = "/var/lib/rhelmot.io/secret";
|
||||
root = "/var/www/rhelmot.io/";
|
||||
};
|
||||
};
|
||||
locations."/secret/" = {
|
||||
basicAuthFile = "/var/lib/rhelmot.io/secret";
|
||||
root = "/var/www/rhelmot.io/";
|
||||
"www.rhelmot.io" = {
|
||||
globalRedirect = "rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
"blog.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/nix/var/nix/profiles/blog-rhelmot-io";
|
||||
};
|
||||
};
|
||||
"www.blog.rhelmot.io" = {
|
||||
globalRedirect = "blog.rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
};
|
||||
virtualHosts."www.rhelmot.io" = {
|
||||
globalRedirect = "rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
|
||||
virtualHosts."bingosync.rhelmot.io" = {
|
||||
locations."/" = {
|
||||
proxyPass = "https://bingosync.com/";
|
||||
proxyWebsockets = true;
|
||||
"bingosync.rhelmot.io" = {
|
||||
locations."/" = {
|
||||
proxyPass = "https://bingosync.com/";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
# proxy conf generated by services.bingosync
|
||||
"celestebingo.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
"sockets-celestebingo.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
"www.celestebingo.rhelmot.io" = {
|
||||
globalRedirect = "celestebingo.rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
};
|
||||
# proxy conf generated by services.bingosync
|
||||
virtualHosts."celestebingo.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
virtualHosts."sockets-celestebingo.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
virtualHosts."www.celestebingo.rhelmot.io" = {
|
||||
globalRedirect = "celestebingo.rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
|
||||
virtualHosts."minal.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".root = "/var/www/minal.rhelmot.io/";
|
||||
};
|
||||
virtualHosts."www.minal.rhelmot.io" = {
|
||||
globalRedirect = "minal.rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
virtualHosts."mimispastrypost.com" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".root = "/var/www/mimispastrypost.com/";
|
||||
};
|
||||
virtualHosts."www.mimispastrypost.com" = {
|
||||
globalRedirect = "mimispastrypost.com";
|
||||
enableACME = true;
|
||||
"minal.rhelmot.io" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".root = "/var/www/minal.rhelmot.io/";
|
||||
};
|
||||
"www.minal.rhelmot.io" = {
|
||||
globalRedirect = "minal.rhelmot.io";
|
||||
enableACME = true;
|
||||
};
|
||||
"mimispastrypost.com" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".root = "/var/www/mimispastrypost.com/";
|
||||
};
|
||||
"www.mimispastrypost.com" = {
|
||||
globalRedirect = "mimispastrypost.com";
|
||||
enableACME = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue