diff --git a/newinfra/nix/apps/uptime/default.nix b/newinfra/nix/apps/uptime/default.nix new file mode 100644 index 0000000..963a61b --- /dev/null +++ b/newinfra/nix/apps/uptime/default.nix @@ -0,0 +1,35 @@ +{ lib, config, ... }: { + virtualisation.oci-containers.containers.uptime = { + /* + uptime: + container_name: uptime + image: "docker.noratrieb.dev/uptime:50d15bc4" + restart: always + volumes: + - "/apps/uptime:/app/config" + environment: + UPTIME_CONFIG_PATH: /app/config/uptime.json + ports: + - "5010:3000" + */ + + image = "docker.noratrieb.dev/uptime:50d15bc4"; + volumes = [ + "${./uptime.json}:/uptime.json" + "/var/lib/uptime:/data" + ]; + environment = { + UPTIME_CONFIG_PATH = "/uptime.json"; + }; + ports = [ "5010:3000" ]; + login = { + registry = "docker.noratrieb.dev"; + username = "nils"; + passwordFile = config.age.secrets.docker_registry_password.path; + }; + }; + + system.activationScripts.makeUptimeDir = lib.stringAfter [ "var" ] '' + mkdir -p /var/lib/uptime/ + ''; +} diff --git a/apps/uptime/uptime.json b/newinfra/nix/apps/uptime/uptime.json similarity index 90% rename from apps/uptime/uptime.json rename to newinfra/nix/apps/uptime/uptime.json index d63fd85..df43ab9 100644 --- a/apps/uptime/uptime.json +++ b/newinfra/nix/apps/uptime/uptime.json @@ -1,7 +1,11 @@ { "interval_seconds": 30, - "db_url": "/app/config/uptime.db", + "db_url": "/data/uptime.db", "websites": [ + { + "name": "noratrieb.dev", + "url": "https://noratrieb.dev" + }, { "name": "nilstrieb.dev", "url": "https://nilstrieb.dev" diff --git a/newinfra/nix/deploy/smoke-tests.sh b/newinfra/nix/deploy/smoke-tests.sh index fd76cdb..78e5e50 100755 --- a/newinfra/nix/deploy/smoke-tests.sh +++ b/newinfra/nix/deploy/smoke-tests.sh @@ -11,6 +11,10 @@ dig @dns2.infra.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154 dig @dns1.infra.noratrieb.dev nilstrieb.dev +noall +answer | grep 161.97.165.1 dig @dns2.infra.noratrieb.dev nilstrieb.dev +noall +answer | grep 161.97.165.1 +# Check the NS records. The trailing dot matters! +dig @dns1.infra.noratrieb.dev NS noratrieb.dev | grep "noratrieb.dev..*86400.*IN.*NS.*ns1.noratrieb.dev." +dig @dns2.infra.noratrieb.dev NS noratrieb.dev | grep "noratrieb.dev..*86400.*IN.*NS.*ns1.noratrieb.dev." + # Check HTTP responses curl --fail -s https://vps1.infra.noratrieb.dev -o /dev/null curl --fail -s https://vps3.infra.noratrieb.dev -o /dev/null diff --git a/newinfra/nix/hive.nix b/newinfra/nix/hive.nix index 4e2c418..5fa79a3 100644 --- a/newinfra/nix/hive.nix +++ b/newinfra/nix/hive.nix @@ -142,6 +142,7 @@ ./modules/ingress ./apps/widetom ./apps/hugo-chat + ./apps/uptime ]; age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age; diff --git a/newinfra/nix/modules/dns/nilstrieb.dev.nix b/newinfra/nix/modules/dns/nilstrieb.dev.nix index fe288c9..d401a23 100644 --- a/newinfra/nix/modules/dns/nilstrieb.dev.nix +++ b/newinfra/nix/modules/dns/nilstrieb.dev.nix @@ -14,11 +14,11 @@ let }; in with hostsToDns; - # point nilstrieb.dev to vps1 + # point nilstrieb.dev to vps1 (retired) vps1 // { SOA = { - nameServer = "ns1.nilstrieb.dev"; - adminEmail = "void@noratrieb.dev"; + nameServer = "ns1.nilstrieb.dev."; + adminEmail = "void@nilstrieb.dev"; serial = 2024072601; }; @@ -41,34 +41,33 @@ let ns1 = dns1; ns2 = dns2; - www = vps2; - blog = vps1; - # apps bisect-rustc = vps2; cors-school = vps2 // { subdomains.api = vps2; }; docker = vps2; - hugo-chat = vps2 // { - subdomains.api = vps2; - }; olat = vps2; - uptime = vps2; localhost.A = [ (a "127.0.0.1") ]; + # --- retired: + blog = vps1; + www = vps1; + uptime = vps1; + hugo-chat = vps1 // { + subdomains.api = vps1; + }; + # --- + # infra (legacy) inherit vps1; inherit vps2; - inherit dns1; - inherit dns2; pronouns.TXT = [ "TODO" ]; - newtest.TXT = [ "uwu it works" ]; bsky.subdomains.atproto.TXT = [ "did=did:plc:pqyzoyxk7gfcbxk65mjyncyl" ]; }; }; diff --git a/newinfra/nix/modules/dns/noratrieb.dev.nix b/newinfra/nix/modules/dns/noratrieb.dev.nix index 30b7a53..9e02111 100644 --- a/newinfra/nix/modules/dns/noratrieb.dev.nix +++ b/newinfra/nix/modules/dns/noratrieb.dev.nix @@ -17,7 +17,7 @@ let # vps1 contains root noratrieb.dev vps1 // { SOA = { - nameServer = "ns1.noratrieb.dev"; + nameServer = "ns1.noratrieb.dev."; adminEmail = "void@noratrieb.dev"; serial = 2024072601; }; @@ -28,28 +28,32 @@ let ]; subdomains = { + # --- NS records ns1 = dns1; ns2 = dns2; + # --- website stuff blog.CNAME = map (ttl hour1) [ (cname "noratrieb.github.io") ]; + www = vps1; - www.CNAME = [ (cname "noratrieb.dev") ]; - pronouns.TXT = [ - "she/her" - ]; + # --- legacy crap + vps2 = vps2; # TODO REMOVE docker = vps2; - vps2 = vps2; # TODO REMOVE - + # --- apps + uptime = vps1; hugo-chat = vps1 // { subdomains.api = vps1; }; - test1.A = vps1.A ++ vps3.A; - + # --- fun shit localhost.A = [ (a "127.0.0.1") ]; newtest.TXT = [ "uwu it works" ]; + pronouns.TXT = [ + "she/her" + ]; + # --- infra infra.subdomains = hostsToDns; }; }; diff --git a/newinfra/nix/modules/ingress/Caddyfile b/newinfra/nix/modules/ingress/Caddyfile index 8797392..d24cdab 100644 --- a/newinfra/nix/modules/ingress/Caddyfile +++ b/newinfra/nix/modules/ingress/Caddyfile @@ -24,12 +24,20 @@ } } +www.noratrieb.dev { + redir https://noratrieb.dev{uri} permanent +} + +uptime.noratrieb.dev { + reverse_proxy * vps1.local:5010 +} + hugo-chat.noratrieb.dev { reverse_proxy * vps1.local:5002 } -api.cors-school.noratrieb.dev { - import cors https://cors-school.noratrieb.dev "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,token,refresh-token,Authorization" +api.hugo-chat.noratrieb.dev { + import cors https://hugo-chat.noratrieb.dev "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type" reverse_proxy * vps1.local:5001 } @@ -39,6 +47,10 @@ nilstrieb.dev { redir https://noratrieb.dev{uri} permanent } +www.nilstrieb.dev { + redir https://noratrieb.dev{uri} permanent +} + blog.nilstrieb.dev { redir https://blog.noratrieb.dev{uri} permanent } @@ -50,3 +62,7 @@ hugo-chat.nilstrieb.dev { api.hugo-chat.nilstrieb.dev { redir https://api.hugo-chat.noratrieb.dev{uri} permanent } + +uptime.nilstrieb.dev { + redir https://uptime.noratrieb.dev{uri} permanent +} diff --git a/playbooks/vps2.yml b/playbooks/vps2.yml index af68e51..af77643 100644 --- a/playbooks/vps2.yml +++ b/playbooks/vps2.yml @@ -149,19 +149,6 @@ state: directory mode: "u=rwx,g=rwx,o=rwx" ##### - # APP: uptime, /apps/uptime - ##### - - name: Create /apps/uptime - ansible.builtin.file: - path: /apps/uptime - state: directory - mode: "u=rwx,g=rx,o=rx" - - name: Copy uptime.json - ansible.builtin.copy: - dest: /apps/uptime/uptime.json - src: ../apps/uptime/uptime.json - mode: "u=r,g=r,o=r" - ##### # END: docker compose up! ##### # We want this to be last so that all app-specific config has been done. diff --git a/uptime.db b/uptime.db new file mode 100644 index 0000000..e48d1ff Binary files /dev/null and b/uptime.db differ diff --git a/vps2/Caddyfile b/vps2/Caddyfile index 72c6850..a578d0b 100644 --- a/vps2/Caddyfile +++ b/vps2/Caddyfile @@ -78,10 +78,6 @@ olat.nilstrieb.dev:8088 { reverse_proxy * localhost:5011 } -uptime.nilstrieb.dev { - reverse_proxy * localhost:5010 -} - noratrieb.dev { root * /var/www/html/nora file_server diff --git a/vps2/backup.sh b/vps2/backup.sh index 5e5bdcf..6779bbb 100755 --- a/vps2/backup.sh +++ b/vps2/backup.sh @@ -67,7 +67,7 @@ function upload_directory { upload_file "bisect-rustc-service/db.sqlite" upload_file "killua/trivia_questions.json" -upload_file "uptime/uptime.db" +#upload_file "uptime/uptime.db" upload_pg_dump "cors-school" "cors-school-db" "davinci" "postgres" upload_pg_dump "hugo-chat" "hugo-chat-db" "postgres" "postgres" diff --git a/vps2/docker-compose.yml b/vps2/docker-compose.yml index 5f206c6..321f42f 100644 --- a/vps2/docker-compose.yml +++ b/vps2/docker-compose.yml @@ -201,16 +201,6 @@ services: OLAT_HOST: olat.nilstrieb.dev networks: - openolat-network - uptime: - container_name: uptime - image: "docker.noratrieb.dev/uptime:50d15bc4" - restart: always - volumes: - - "/apps/uptime:/app/config" - environment: - UPTIME_CONFIG_PATH: /app/config/uptime.json - ports: - - "5010:3000" networks: cors-school: