diff --git a/fili/services/websites/money-is-fckn-gay.nix b/fili/services/websites/money-is-fckn-gay.nix new file mode 100644 index 0000000..9054eef --- /dev/null +++ b/fili/services/websites/money-is-fckn-gay.nix @@ -0,0 +1,136 @@ +# { pkgs, flakes, ... }: +# { +# # sops.secrets.reviewqueue = { +# # sopsFile = ../../../secrets/reviewqueue.env; +# # }; + +# services.nginx = { +# virtualHosts."api.money.is.fckn.gay" = { +# forceSSL = true; +# http2 = true; +# enableACME = true; + +# locations."/" = { +# proxyPass = "http://localhost:11009"; +# proxyWebsockets = true; +# }; +# }; +# virtualHosts."money.is.fckn.gay" = { +# forceSSL = true; +# http2 = true; +# enableACME = true; + +# locations."/" = { +# root = flakes.mifg.packages.${pkgs.system}.frontend.override { +# api_base_url = "https://api.money.is.fckn.gay"; +# }; +# tryFiles = "$uri $uri/ /index.html"; +# }; +# }; +# }; + +# systemd.services.money = { +# description = "money is fckn gay"; + +# wantedBy = [ "multi-user.target" ]; +# after = [ "network.target" ]; + +# restartIfChanged = true; + +# serviceConfig = { +# ExecStart = "${flakes.mifg.packages.${pkgs.system}.backend}/bin/mifg-backend"; +# Restart = "always"; +# # EnvironmentFile = "/run/secrets/reviewqueue"; +# StateDirectory = "money"; + +# }; + +# environment = { +# MIFG_DATABASE_LOCATION = "/var/lib/money/db.sqlite"; +# MIFG_FRONTEND_ORIGIN = "https://money.is.fckn.gay"; +# MIFG_PORT = "11009"; +# }; +# }; +# } + +{ + pkgs, + flakes, + config, + ... +}: +let + mifg-config = api-url: api-port: public-url: service-name: { + nginx = { + virtualHosts."${api-url}" = { + forceSSL = true; + http2 = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://localhost:${toString api-port}"; + proxyWebsockets = true; + }; + }; + virtualHosts."${public-url}" = { + forceSSL = true; + http2 = true; + enableACME = true; + + locations."/" = { + root = flakes.mifg.packages.${pkgs.system}.frontend.override { + api_base_url = "https://${api-url}"; + }; + tryFiles = "$uri $uri/ /index.html"; + }; + }; + }; + + service = { + description = "money is fckn gay"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + restartIfChanged = true; + + serviceConfig = { + ExecStart = "${flakes.mifg.packages.${pkgs.system}.backend}/bin/mifg-backend"; + Restart = "always"; + # EnvironmentFile = "/run/secrets/reviewqueue"; + StateDirectory = "${service-name}"; + }; + + environment = { + MIFG_DATABASE_LOCATION = "/var/lib/${service-name}/db.sqlite"; + MIFG_FRONTEND_ORIGIN = "https://${public-url}"; + MIFG_PORT = toString api-port; + }; + }; + }; + real = (mifg-config "api.money.is.fckn.gay" 11009 "money.is.fckn.gay" "money"); + staging = (mifg-config "api.money-staging.donsz.nl" 11010 "money-staging.donsz.nl" "money-staging"); + lib = pkgs.lib; +in +{ + services.nginx = lib.mkMerge [ + real.nginx + staging.nginx + ]; + systemd.services.money = real.service; + systemd.services.money-staging = lib.mkMerge [ + staging.service + { + serviceConfig.ExecStartPre = "${(pkgs.writeShellScriptBin "setup-staging" '' + REAL_DB_LOCATION="/var/lib/money/" + STAGING_DB_LOCATION="/var/lib/money-staging/" + + echo "$REAL_DB_LOCATION" + echo "$STAGING_DB_LOCATION" + + mkdir -p $STAGING_DB_LOCATION + cp -r $REAL_DB_LOCATION/* $STAGING_DB_LOCATION + '')}/bin/setup-staging"; + } + ]; +} diff --git a/flake.lock b/flake.lock index d74c1df..2970a0d 100644 --- a/flake.lock +++ b/flake.lock @@ -44,7 +44,7 @@ "fenix": { "inputs": { "nixpkgs": [ - "reviewqueue", + "mifg", "naersk", "nixpkgs" ], @@ -64,6 +64,29 @@ "type": "github" } }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "reviewqueue", + "naersk", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1752475459, + "narHash": "sha256-z6QEu4ZFuHiqdOPbYss4/Q8B0BFhacR8ts6jO/F/aOU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "bf0d6f70f4c9a9cf8845f992105652173f4b617f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -185,6 +208,24 @@ "type": "github" } }, + "flake-utils_7": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "harmonica": { "inputs": { "nixpkgs": "nixpkgs_3" @@ -209,11 +250,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1765318286, - "narHash": "sha256-2wPuRt8c/0DYgnWT7RvVPkrvUocrsgGE1Uxf4hxxU7Q=", + "lastModified": 1767006760, + "narHash": "sha256-OeaRlOEEWWGhoXyQlPFgdGsIIRazVi8/Y1B/vB45Xcs=", "owner": "jdonszelmann", "repo": "homepage", - "rev": "25bf0afe627e79896274450ff7d287d4c734bbad", + "rev": "f0af54274128437879400d4e353bb09c14d64921", "type": "github" }, "original": { @@ -241,10 +282,50 @@ "url": "ssh://git@github.com/jdonszelmann/mapf-server" } }, + "mifg": { + "inputs": { + "flake-utils": "flake-utils_6", + "naersk": "naersk", + "nixpkgs": "nixpkgs_7", + "nixpkgs-mozilla": "nixpkgs-mozilla" + }, + "locked": { + "lastModified": 1767125309, + "narHash": "sha256-/L20TewrRZfUTYPEeLG1UBducFeM7N/UVvcLb2Deypg=", + "ref": "refs/heads/main", + "rev": "603f69dbfc8d7acc91b6043420155f1f0660bb66", + "revCount": 52, + "type": "git", + "url": "ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git" + }, + "original": { + "type": "git", + "url": "ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git" + } + }, "naersk": { "inputs": { "fenix": "fenix", - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1763384566, + "narHash": "sha256-r+wgI+WvNaSdxQmqaM58lVNvJYJ16zoq+tKN20cLst4=", + "owner": "nix-community", + "repo": "naersk", + "rev": "d4155d6ebb70fbe2314959842f744aa7cabbbf6a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "naersk_2": { + "inputs": { + "fenix": "fenix_2", + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1752689277, @@ -298,6 +379,22 @@ } }, "nixpkgs-mozilla": { + "flake": false, + "locked": { + "lastModified": 1762256096, + "narHash": "sha256-Hzj/d8eRpfRfjHSRX6gGRf0jSg2zIJMXl6S5opuKsHc=", + "owner": "mozilla", + "repo": "nixpkgs-mozilla", + "rev": "80c058cf774c198fb838fc3549806b232dd3e320", + "type": "github" + }, + "original": { + "owner": "mozilla", + "repo": "nixpkgs-mozilla", + "type": "github" + } + }, + "nixpkgs-mozilla_2": { "flake": false, "locked": { "lastModified": 1744624473, @@ -314,6 +411,36 @@ } }, "nixpkgs_10": { + "locked": { + "lastModified": 1755020227, + "narHash": "sha256-gGmm+h0t6rY88RPTaIm3su95QvQIVjAJx558YUG4Id8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "695d5db1b8b20b73292501683a524e0bd79074fb", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_11": { + "locked": { + "lastModified": 1703499205, + "narHash": "sha256-lF9rK5mSUfIZJgZxC3ge40tp1gmyyOXZ+lRY3P8bfbg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e1fa12d4f6c6fe19ccb59cac54b5b3f25e160870", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_12": { "locked": { "lastModified": 1732014248, "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", @@ -394,6 +521,38 @@ } }, "nixpkgs_6": { + "locked": { + "lastModified": 1752077645, + "narHash": "sha256-HM791ZQtXV93xtCY+ZxG1REzhQenSQO020cu6rHtAPk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "be9e214982e20b8310878ac2baa063a961c1bdf6", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1766070988, + "narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c6245e83d836d0433170a16eb185cefe0572f8b8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_8": { "locked": { "lastModified": 1757345582, "narHash": "sha256-HnJYHM9zCVV5Avil6/IPw1m1s2vLd+fmFN7VR/UkidA=", @@ -409,7 +568,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_9": { "locked": { "lastModified": 1752077645, "narHash": "sha256-HM791ZQtXV93xtCY+ZxG1REzhQenSQO020cu6rHtAPk=", @@ -425,42 +584,12 @@ "type": "github" } }, - "nixpkgs_8": { - "locked": { - "lastModified": 1755020227, - "narHash": "sha256-gGmm+h0t6rY88RPTaIm3su95QvQIVjAJx558YUG4Id8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "695d5db1b8b20b73292501683a524e0bd79074fb", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_9": { - "locked": { - "lastModified": 1703499205, - "narHash": "sha256-lF9rK5mSUfIZJgZxC3ge40tp1gmyyOXZ+lRY3P8bfbg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e1fa12d4f6c6fe19ccb59cac54b5b3f25e160870", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "reviewqueue": { "inputs": { - "flake-utils": "flake-utils_6", - "naersk": "naersk", - "nixpkgs": "nixpkgs_8", - "nixpkgs-mozilla": "nixpkgs-mozilla" + "flake-utils": "flake-utils_7", + "naersk": "naersk_2", + "nixpkgs": "nixpkgs_10", + "nixpkgs-mozilla": "nixpkgs-mozilla_2" }, "locked": { "lastModified": 1765466675, @@ -484,7 +613,8 @@ "harmonica": "harmonica", "homepage": "homepage", "mapf": "mapf", - "nixpkgs": "nixpkgs_6", + "mifg": "mifg", + "nixpkgs": "nixpkgs_8", "reviewqueue": "reviewqueue", "sops-nix": "sops-nix", "totpal": "totpal", @@ -508,9 +638,26 @@ "type": "github" } }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1752428706, + "narHash": "sha256-EJcdxw3aXfP8Ex1Nm3s0awyH9egQvB2Gu+QEnJn2Sfg=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "591e3b7624be97e4443ea7b5542c191311aa141d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_9" + "nixpkgs": "nixpkgs_11" }, "locked": { "lastModified": 1758425756, @@ -617,9 +764,24 @@ "type": "github" } }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "totpal": { "inputs": { - "nixpkgs": "nixpkgs_10" + "nixpkgs": "nixpkgs_12" }, "locked": { "lastModified": 1737322813, diff --git a/flake.nix b/flake.nix index 44fe316..1faa0ea 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,7 @@ mapf.url = "git+ssh://git@github.com/jdonszelmann/mapf-server"; reviewqueue.url = "github:jdonszelmann/review-queue"; compiler-construction-2021.url = "git+ssh://forgejo@git.donsz.nl/jana/eelco-visser-compiler-construction.git"; + mifg.url = "git+ssh://forgejo@git.donsz.nl/jana/money.is.fckn.gay.git"; }; outputs = { diff --git a/server exited unexpectedly b/server exited unexpectedly deleted file mode 100644 index c29f9e9..0000000 --- a/server exited unexpectedly +++ /dev/null @@ -1 +0,0 @@ -Ptmux;_Ga=d,q=2,d=a\\ \ No newline at end of file