add does-it-build

2026-01-14 16:55:00 +01:00 · 2024-09-07 23:30:21 +02:00 · 2024-09-07 23:30:21 +02:00 · eedd909059
commit eedd909059
parent 439ebe4062
5 changed files with 50 additions and 2 deletions
--- a/newinfra/nix/apps/does-it-build/default.nix
+++ b/newinfra/nix/apps/does-it-build/default.nix
@ -0,0 +1,36 @@
+{ pkgs, lib, does-it-build, ... }: {
+  systemd.services.does-it-build = {
+    description = "https://github.com/Noratrieb/does-it-build";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    path = with pkgs; [ rustup gcc bash ];
+
+    serviceConfig = {
+      User = "does-it-build";
+      Group = "does-it-build";
+      ExecStart = "${lib.getExe' (does-it-build {inherit pkgs;}) "does-it-build" }";
+      Environment = "DB_PATH=/var/lib/does-it-build/db.sqlite";
+    };
+  };
+
+  services.custom-backup.jobs = [
+    {
+      app = "does-it-build";
+      file = "/var/lib/does-it-build/db.sqlite";
+    }
+  ];
+
+  users.users.does-it-build = {
+    isSystemUser = true;
+    home = "/var/lib/does-it-build";
+    description = "does-it-build builder account";
+    group = "does-it-build";
+  };
+  users.groups.does-it-build = { };
+
+  # TODO: i feel like there's gotta be a better way to do the chown..
+  system.activationScripts.makeDoesItBuildDir = lib.stringAfter [ "var" ] ''
+    mkdir -p /var/lib/does-it-build/
+    chown does-it-build:does-it-build /var/lib/does-it-build/
+  '';
+}
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@ -17,6 +17,8 @@
      pretense = import (fetchTarball "https://github.com/Noratrieb/pretense/archive/270b01fc1118dfd713c1c41530d1a7d98f04527d.tar.gz");
      quotdd = import (fetchTarball "https://github.com/Noratrieb/quotdd/archive/9c37b3e2093020771ee7c9da6200f95d4269b4e4.tar.gz");

+      does-it-build = import (fetchTarball "https://github.com/Noratrieb/does-it-build/archive/d5167446f2fbeedb4c92964fc477d5bf1b8a0dbb.tar.gz");
+
      networkingConfig = {
        dns1 = {
          publicIPv4 = "154.38.163.74";
@ -192,13 +194,17 @@
    deployment.tags = [ "eu" "apps" "website" ];
    system.stateVersion = "23.11";
  };
-  # VPS4 exists. It's useful for garage replication but not much more.
+  # VPS4 exists. It's useful for garage replication and runs does-it-build which uses some CPU.
  vps4 = { lib, modulesPath, ... }: {
    imports = [
      (modulesPath + "/profiles/qemu-guest.nix")
      ./modules/ingress
      ./modules/wg-mesh
      ./modules/garage
+      ./modules/backup
+
+      # apps
+      ./apps/does-it-build
    ];

    deployment.tags = [ "eu" "apps" "hetzner" "website" ];
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@ -56,6 +56,7 @@ let
          subdomains.api = vps1;
        };
        uptime = vps1;
+        does-it-build = vps4;

        # --- fun shit
        localhost.A = [ (a "127.0.0.1") ];
--- a/newinfra/nix/modules/ingress/default.nix
+++ b/newinfra/nix/modules/ingress/default.nix
@ -73,7 +73,7 @@ in
          }

          ${
-            if name == "vps1" || name == "vps3" then
+            if name == "vps1" || name == "vps3" || name == "vps4" then
            builtins.readFile ./${name}.Caddyfile else ""
          }
        ''
--- a/newinfra/nix/modules/ingress/vps4.Caddyfile
+++ b/newinfra/nix/modules/ingress/vps4.Caddyfile
@ -0,0 +1,5 @@
+does-it-build.noratrieb.dev {
+	log
+	encode zstd gzip
+	reverse_proxy * localhost:3000
+}