From eedd909059efd2e231eb689735d53e203982e6f2 Mon Sep 17 00:00:00 2001 From: Noratrieb <48135649+Noratrieb@users.noreply.github.com> Date: Sat, 7 Sep 2024 23:30:21 +0200 Subject: [PATCH] add does-it-build --- newinfra/nix/apps/does-it-build/default.nix | 36 +++++++++++++++++++++ newinfra/nix/hive.nix | 8 ++++- newinfra/nix/modules/dns/noratrieb.dev.nix | 1 + newinfra/nix/modules/ingress/default.nix | 2 +- newinfra/nix/modules/ingress/vps4.Caddyfile | 5 +++ 5 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 newinfra/nix/apps/does-it-build/default.nix create mode 100644 newinfra/nix/modules/ingress/vps4.Caddyfile diff --git a/newinfra/nix/apps/does-it-build/default.nix b/newinfra/nix/apps/does-it-build/default.nix new file mode 100644 index 0000000..284d553 --- /dev/null +++ b/newinfra/nix/apps/does-it-build/default.nix @@ -0,0 +1,36 @@ +{ pkgs, lib, does-it-build, ... }: { + systemd.services.does-it-build = { + description = "https://github.com/Noratrieb/does-it-build"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + path = with pkgs; [ rustup gcc bash ]; + + serviceConfig = { + User = "does-it-build"; + Group = "does-it-build"; + ExecStart = "${lib.getExe' (does-it-build {inherit pkgs;}) "does-it-build" }"; + Environment = "DB_PATH=/var/lib/does-it-build/db.sqlite"; + }; + }; + + services.custom-backup.jobs = [ + { + app = "does-it-build"; + file = "/var/lib/does-it-build/db.sqlite"; + } + ]; + + users.users.does-it-build = { + isSystemUser = true; + home = "/var/lib/does-it-build"; + description = "does-it-build builder account"; + group = "does-it-build"; + }; + users.groups.does-it-build = { }; + + # TODO: i feel like there's gotta be a better way to do the chown.. + system.activationScripts.makeDoesItBuildDir = lib.stringAfter [ "var" ] '' + mkdir -p /var/lib/does-it-build/ + chown does-it-build:does-it-build /var/lib/does-it-build/ + ''; +} diff --git a/newinfra/nix/hive.nix b/newinfra/nix/hive.nix index c2378ea..dd0f9dd 100644 --- a/newinfra/nix/hive.nix +++ b/newinfra/nix/hive.nix @@ -17,6 +17,8 @@ pretense = import (fetchTarball "https://github.com/Noratrieb/pretense/archive/270b01fc1118dfd713c1c41530d1a7d98f04527d.tar.gz"); quotdd = import (fetchTarball "https://github.com/Noratrieb/quotdd/archive/9c37b3e2093020771ee7c9da6200f95d4269b4e4.tar.gz"); + does-it-build = import (fetchTarball "https://github.com/Noratrieb/does-it-build/archive/d5167446f2fbeedb4c92964fc477d5bf1b8a0dbb.tar.gz"); + networkingConfig = { dns1 = { publicIPv4 = "154.38.163.74"; @@ -192,13 +194,17 @@ deployment.tags = [ "eu" "apps" "website" ]; system.stateVersion = "23.11"; }; - # VPS4 exists. It's useful for garage replication but not much more. + # VPS4 exists. It's useful for garage replication and runs does-it-build which uses some CPU. vps4 = { lib, modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ./modules/ingress ./modules/wg-mesh ./modules/garage + ./modules/backup + + # apps + ./apps/does-it-build ]; deployment.tags = [ "eu" "apps" "hetzner" "website" ]; diff --git a/newinfra/nix/modules/dns/noratrieb.dev.nix b/newinfra/nix/modules/dns/noratrieb.dev.nix index 02e094e..82a67a2 100644 --- a/newinfra/nix/modules/dns/noratrieb.dev.nix +++ b/newinfra/nix/modules/dns/noratrieb.dev.nix @@ -56,6 +56,7 @@ let subdomains.api = vps1; }; uptime = vps1; + does-it-build = vps4; # --- fun shit localhost.A = [ (a "127.0.0.1") ]; diff --git a/newinfra/nix/modules/ingress/default.nix b/newinfra/nix/modules/ingress/default.nix index 9b48b2a..7acf0a2 100644 --- a/newinfra/nix/modules/ingress/default.nix +++ b/newinfra/nix/modules/ingress/default.nix @@ -73,7 +73,7 @@ in } ${ - if name == "vps1" || name == "vps3" then + if name == "vps1" || name == "vps3" || name == "vps4" then builtins.readFile ./${name}.Caddyfile else "" } '' diff --git a/newinfra/nix/modules/ingress/vps4.Caddyfile b/newinfra/nix/modules/ingress/vps4.Caddyfile new file mode 100644 index 0000000..325daca --- /dev/null +++ b/newinfra/nix/modules/ingress/vps4.Caddyfile @@ -0,0 +1,5 @@ +does-it-build.noratrieb.dev { + log + encode zstd gzip + reverse_proxy * localhost:3000 +}