move uptime

newinfra/nix/apps/uptime/default.nix

@@ -0,0 +1,35 @@
+{ lib, config, ... }: {
+  virtualisation.oci-containers.containers.uptime = {
+    /*
+      uptime:
+      container_name: uptime
+      image: "docker.noratrieb.dev/uptime:50d15bc4"
+      restart: always
+      volumes:
+        - "/apps/uptime:/app/config"
+      environment:
+        UPTIME_CONFIG_PATH: /app/config/uptime.json
+      ports:
+        - "5010:3000"
+    */
+
+    image = "docker.noratrieb.dev/uptime:50d15bc4";
+    volumes = [
+      "${./uptime.json}:/uptime.json"
+      "/var/lib/uptime:/data"
+    ];
+    environment = {
+      UPTIME_CONFIG_PATH = "/uptime.json";
+    };
+    ports = [ "5010:3000" ];
+    login = {
+      registry = "docker.noratrieb.dev";
+      username = "nils";
+      passwordFile = config.age.secrets.docker_registry_password.path;
+    };
+  };
+
+  system.activationScripts.makeUptimeDir = lib.stringAfter [ "var" ] ''
+    mkdir -p /var/lib/uptime/
+  '';
+}

newinfra/nix/apps/uptime/uptime.json

@@ -1,7 +1,11 @@
 {
   "interval_seconds": 30,
-  "db_url": "/app/config/uptime.db",
+  "db_url": "/data/uptime.db",
   "websites": [
+    {
+      "name": "noratrieb.dev",
+      "url": "https://noratrieb.dev"
+    },
     {
       "name": "nilstrieb.dev",
       "url": "https://nilstrieb.dev"

newinfra/nix/deploy/smoke-tests.sh

@@ -11,6 +11,10 @@ dig @dns2.infra.noratrieb.dev dns1.infra.noratrieb.dev +noall +answer | grep 154
 dig @dns1.infra.noratrieb.dev nilstrieb.dev +noall +answer | grep 161.97.165.1
 dig @dns2.infra.noratrieb.dev nilstrieb.dev +noall +answer | grep 161.97.165.1
 
+# Check the NS records. The trailing dot matters!
+dig @dns1.infra.noratrieb.dev NS noratrieb.dev | grep "noratrieb.dev..*86400.*IN.*NS.*ns1.noratrieb.dev."
+dig @dns2.infra.noratrieb.dev NS noratrieb.dev | grep "noratrieb.dev..*86400.*IN.*NS.*ns1.noratrieb.dev."
+
 # Check HTTP responses
 curl --fail -s https://vps1.infra.noratrieb.dev -o /dev/null
 curl --fail -s https://vps3.infra.noratrieb.dev -o /dev/null

newinfra/nix/hive.nix

@@ -142,6 +142,7 @@
       ./modules/ingress
       ./apps/widetom
       ./apps/hugo-chat
+      ./apps/uptime
     ];
 
     age.secrets.docker_registry_password.file = ./secrets/docker_registry_password.age;

newinfra/nix/modules/dns/nilstrieb.dev.nix

@@ -14,11 +14,11 @@ let
       };
     in
     with hostsToDns;
-    # point nilstrieb.dev to vps1
+    # point nilstrieb.dev to vps1 (retired)
     vps1 // {
       SOA = {
-        nameServer = "ns1.nilstrieb.dev";
-        adminEmail = "void@noratrieb.dev";
+        nameServer = "ns1.nilstrieb.dev.";
+        adminEmail = "void@nilstrieb.dev";
         serial = 2024072601;
       };
 
@@ -41,34 +41,33 @@ let
         ns1 = dns1;
         ns2 = dns2;
 
-        www = vps2;
-        blog = vps1;
-
         # apps
         bisect-rustc = vps2;
         cors-school = vps2 // {
           subdomains.api = vps2;
         };
         docker = vps2;
-        hugo-chat = vps2 // {
-          subdomains.api = vps2;
-        };
         olat = vps2;
-        uptime = vps2;
 
         localhost.A = [ (a "127.0.0.1") ];
 
+        # --- retired:
+        blog = vps1;
+        www = vps1;
+        uptime = vps1;
+        hugo-chat = vps1 // {
+          subdomains.api = vps1;
+        };
+        # ---
+
         # infra (legacy)
         inherit vps1;
         inherit vps2;
-        inherit dns1;
-        inherit dns2;
 
         pronouns.TXT = [
           "TODO"
         ];
 
-        newtest.TXT = [ "uwu it works" ];
         bsky.subdomains.atproto.TXT = [ "did=did:plc:pqyzoyxk7gfcbxk65mjyncyl" ];
       };
     };

newinfra/nix/modules/dns/noratrieb.dev.nix

@@ -17,7 +17,7 @@ let
     # vps1 contains root noratrieb.dev
     vps1 // {
       SOA = {
-        nameServer = "ns1.noratrieb.dev";
+        nameServer = "ns1.noratrieb.dev.";
         adminEmail = "void@noratrieb.dev";
         serial = 2024072601;
       };
@@ -28,28 +28,32 @@ let
       ];
 
       subdomains = {
+        # --- NS records
         ns1 = dns1;
         ns2 = dns2;
 
+        # --- website stuff
         blog.CNAME = map (ttl hour1) [ (cname "noratrieb.github.io") ];
+        www = vps1;
 
-        www.CNAME = [ (cname "noratrieb.dev") ];
-        pronouns.TXT = [
-          "she/her"
-        ];
+        # --- legacy crap
+        vps2 = vps2; # TODO REMOVE
         docker = vps2;
 
-        vps2 = vps2; # TODO REMOVE
-
+        # --- apps
+        uptime = vps1;
         hugo-chat = vps1 // {
           subdomains.api = vps1;
         };
 
-        test1.A = vps1.A ++ vps3.A;
-
+        # --- fun shit
         localhost.A = [ (a "127.0.0.1") ];
         newtest.TXT = [ "uwu it works" ];
+        pronouns.TXT = [
+          "she/her"
+        ];
 
+        # --- infra
         infra.subdomains = hostsToDns;
       };
     };

newinfra/nix/modules/ingress/Caddyfile

@@ -24,12 +24,20 @@
 	}
 }
 
+www.noratrieb.dev {
+	redir https://noratrieb.dev{uri} permanent
+}
+
+uptime.noratrieb.dev {
+	reverse_proxy * vps1.local:5010
+}
+
 hugo-chat.noratrieb.dev {
 	reverse_proxy * vps1.local:5002
 }
 
-api.cors-school.noratrieb.dev {
-	import cors https://cors-school.noratrieb.dev "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,token,refresh-token,Authorization"
+api.hugo-chat.noratrieb.dev {
+	import cors https://hugo-chat.noratrieb.dev "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"
 	reverse_proxy * vps1.local:5001
 }
 
@@ -39,6 +47,10 @@ nilstrieb.dev {
 	redir https://noratrieb.dev{uri} permanent
 }
 
+www.nilstrieb.dev {
+	redir https://noratrieb.dev{uri} permanent
+}
+
 blog.nilstrieb.dev {
 	redir https://blog.noratrieb.dev{uri} permanent
 }
@@ -50,3 +62,7 @@ hugo-chat.nilstrieb.dev {
 api.hugo-chat.nilstrieb.dev {
 	redir https://api.hugo-chat.noratrieb.dev{uri} permanent
 }
+
+uptime.nilstrieb.dev {
+	redir https://uptime.noratrieb.dev{uri} permanent
+}

playbooks/vps2.yml

@@ -149,19 +149,6 @@
         state: directory
         mode: "u=rwx,g=rwx,o=rwx"
     #####
-    # APP: uptime, /apps/uptime
-    #####
-    - name: Create /apps/uptime
-      ansible.builtin.file:
-        path: /apps/uptime
-        state: directory
-        mode: "u=rwx,g=rx,o=rx"
-    - name: Copy uptime.json
-      ansible.builtin.copy:
-        dest: /apps/uptime/uptime.json
-        src: ../apps/uptime/uptime.json
-        mode: "u=r,g=r,o=r"
-    #####
     # END: docker compose up!
     #####
       # We want this to be last so that all app-specific config has been done.

vps2/Caddyfile

@@ -78,10 +78,6 @@ olat.nilstrieb.dev:8088 {
 	reverse_proxy * localhost:5011
 }
 
-uptime.nilstrieb.dev {
-	reverse_proxy * localhost:5010
-}
-
 noratrieb.dev {
 	root * /var/www/html/nora
 	file_server

vps2/backup.sh

@@ -67,7 +67,7 @@ function upload_directory {
 
 upload_file "bisect-rustc-service/db.sqlite"
 upload_file "killua/trivia_questions.json"
-upload_file "uptime/uptime.db"
+#upload_file "uptime/uptime.db"
 
 upload_pg_dump "cors-school" "cors-school-db" "davinci" "postgres"
 upload_pg_dump "hugo-chat" "hugo-chat-db" "postgres" "postgres"

vps2/docker-compose.yml

@@ -201,16 +201,6 @@ services:
       OLAT_HOST: olat.nilstrieb.dev
     networks:
       - openolat-network
-  uptime:
-    container_name: uptime
-    image: "docker.noratrieb.dev/uptime:50d15bc4"
-    restart: always
-    volumes:
-      - "/apps/uptime:/app/config"
-    environment:
-      UPTIME_CONFIG_PATH: /app/config/uptime.json
-    ports:
-      - "5010:3000"
 
 networks:
   cors-school: