From fca0d6d3f4ee0ae77f75f4408eeffd27ae7de28c Mon Sep 17 00:00:00 2001
From: Noratrieb <48135649+Noratrieb@users.noreply.github.com>
Date: Mon, 5 Aug 2024 20:00:30 +0200
Subject: [PATCH] migrate cargo bisect rustc

---
 .../cargo-bisect-rustc-service/default.nix    | 28 +++++++++++++++++++
 newinfra/nix/hive.nix                         |  3 ++
 newinfra/nix/modules/dns/nilstrieb.dev.nix    |  2 +-
 newinfra/nix/modules/dns/noratrieb.dev.nix    |  3 +-
 newinfra/nix/modules/ingress/Caddyfile        | 23 +++++++++------
 newinfra/nix/modules/ingress/default.nix      | 21 ++++++++------
 playbooks/vps2.yml                            | 13 ---------
 vps2/Caddyfile                                | 17 -----------
 vps2/backup.sh                                |  2 +-
 vps2/docker-compose.yml                       | 12 --------
 10 files changed, 63 insertions(+), 61 deletions(-)
 create mode 100644 newinfra/nix/apps/cargo-bisect-rustc-service/default.nix

diff --git a/newinfra/nix/apps/cargo-bisect-rustc-service/default.nix b/newinfra/nix/apps/cargo-bisect-rustc-service/default.nix
new file mode 100644
index 0000000..2553d92
--- /dev/null
+++ b/newinfra/nix/apps/cargo-bisect-rustc-service/default.nix
@@ -0,0 +1,28 @@
+{ config, lib, ... }:
+let
+  dockerLogin = {
+    registry = "docker.noratrieb.dev";
+    username = "nils";
+    passwordFile = config.age.secrets.docker_registry_password.path;
+  };
+in
+{
+  virtualisation.oci-containers.containers = {
+    cargo-bisect-rustc-service = {
+      image = "docker.noratrieb.dev/cargo-bisect-rustc-service:316a4044";
+      volumes = [
+        "/var/lib/cargo-bisect-rustc-service:/data"
+      ];
+      environment = {
+        SQLITE_DB = "/data/db.sqlite";
+      };
+      ports = [ "127.0.0.1:5005:4000" ];
+      login = dockerLogin;
+    };
+  };
+
+  system.activationScripts.makeCargoBisectRustcServiceDir = lib.stringAfter [ "var" ] ''
+    mkdir -p /var/lib/cargo-bisect-rustc-service/
+    chmod ugo+w /var/lib/cargo-bisect-rustc-service/
+  '';
+}
diff --git a/newinfra/nix/hive.nix b/newinfra/nix/hive.nix
index ac7c1ea..77c1bf6 100644
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@@ -141,9 +141,12 @@
       ./modules/wg-mesh
       ./modules/ingress
       ./modules/podman
+
+      # apps
       ./apps/widetom
       ./apps/hugo-chat
       ./apps/uptime
+      ./apps/cargo-bisect-rustc-service
     ];
 
     deployment.tags = [ "ingress" "eu" "apps" "wg" ];
diff --git a/newinfra/nix/modules/dns/nilstrieb.dev.nix b/newinfra/nix/modules/dns/nilstrieb.dev.nix
index 44f530f..b5a4ca4 100644
--- a/newinfra/nix/modules/dns/nilstrieb.dev.nix
+++ b/newinfra/nix/modules/dns/nilstrieb.dev.nix
@@ -42,7 +42,6 @@ let
         ns2 = dns2;
 
         # apps
-        bisect-rustc = vps2;
         cors-school = vps2 // {
           subdomains.api = vps2;
         };
@@ -52,6 +51,7 @@ let
         localhost.A = [ (a "127.0.0.1") ];
 
         # --- retired:
+        bisect-rustc = vps1;
         blog = vps1;
         www = vps1;
         uptime = vps1;
diff --git a/newinfra/nix/modules/dns/noratrieb.dev.nix b/newinfra/nix/modules/dns/noratrieb.dev.nix
index 9e02111..3c49bb3 100644
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@@ -41,10 +41,11 @@ let
         docker = vps2;
 
         # --- apps
-        uptime = vps1;
+        bisect-rustc = vps1;
         hugo-chat = vps1 // {
           subdomains.api = vps1;
         };
+        uptime = vps1;
 
         # --- fun shit
         localhost.A = [ (a "127.0.0.1") ];
diff --git a/newinfra/nix/modules/ingress/Caddyfile b/newinfra/nix/modules/ingress/Caddyfile
index d259690..ee15e46 100644
--- a/newinfra/nix/modules/ingress/Caddyfile
+++ b/newinfra/nix/modules/ingress/Caddyfile
@@ -1,23 +1,23 @@
 # https://gist.github.com/ryanburnette/d13575c9ced201e73f8169d3a793c1a3
 (cors) {
-	@cors_preflight{args.0} method OPTIONS
-	@cors{args.0} header Origin {args.0}
+	@cors_preflight{args[0]} method OPTIONS
+	@cors{args[0]} header Origin {args[0]}
 
-	handle @cors_preflight{args.0} {
+	handle @cors_preflight{args[0]} {
 		header {
-			Access-Control-Allow-Origin "{args.0}"
+			Access-Control-Allow-Origin "{args[0]}"
 			Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS"
 			Access-Control-Allow-Credentials "false"
-			Access-Control-Allow-Headers "${args.1}"
+			Access-Control-Allow-Headers "${args[1]}"
 			Access-Control-Max-Age "86400"
 			defer
 		}
 		respond "" 204
 	}
 
-	handle @cors{args.0} {
+	handle @cors{args[0]} {
 		header {
-			Access-Control-Allow-Origin "{args.0}"
+			Access-Control-Allow-Origin "{args[0]}"
 			Access-Control-Expose-Headers *
 			defer
 		}
@@ -43,6 +43,10 @@ api.hugo-chat.noratrieb.dev {
 	reverse_proxy * localhost:5001
 }
 
+bisect-rustc.noratrieb.dev {
+	reverse_proxy * localhost:5005
+}
+
 ################################################################
 # deadname redirects
 nilstrieb.dev {
@@ -57,12 +61,15 @@ blog.nilstrieb.dev {
 	redir https://noratrieb.dev/blog{uri} permanent
 }
 
+bisect-rustc.nilstrieb.dev {
+	redir https://bisect-rustc.dev/blog{uri} permanent
+}
+
 hugo-chat.nilstrieb.dev {
 	redir https://hugo-chat.noratrieb.dev{uri} permanent
 }
 
 api.hugo-chat.nilstrieb.dev {
-	import cors https://hugo-chat.nilstrieb.dev "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"
 	redir https://api.hugo-chat.noratrieb.dev{uri} permanent
 }
 
diff --git a/newinfra/nix/modules/ingress/default.nix b/newinfra/nix/modules/ingress/default.nix
index fbc481b..0972d96 100644
--- a/newinfra/nix/modules/ingress/default.nix
+++ b/newinfra/nix/modules/ingress/default.nix
@@ -1,32 +1,37 @@
-{ pkgs, config, name, website, slides, blog, ... }: {
+{ pkgs, config, lib, name, website, slides, blog, ... }: {
   networking.firewall.allowedTCPPorts = [
     443
   ];
 
   services.caddy = {
     enable = true;
-    configFile = pkgs.writeText "Caddyfile"
-      (
+    configFile = pkgs.writeTextFile {
+      name = "Caddyfile";
+      text = (
         ''
           {
-            email nilstrieb@proton.me
+              email nilstrieb@proton.me
           }
 
           ${config.networking.hostName}.infra.noratrieb.dev {
-            root * ${./debugging-page}
-            file_server
+              root * ${./debugging-page}
+              file_server
           }
 
           ${
             if name == "vps1" then
             builtins.readFile ./Caddyfile + ''
               noratrieb.dev {
-                root * ${website {inherit pkgs slides blog;}}
-                file_server
+                  root * ${website {inherit pkgs slides blog;}}
+                  file_server
               }
             '' else ""
           }
         ''
       );
+      checkPhase = ''
+        ${lib.getExe pkgs.caddy} validate --adapter=caddyfile --config=$out
+      '';
+    };
   };
 }
diff --git a/playbooks/vps2.yml b/playbooks/vps2.yml
index 7978f80..b3daa60 100644
--- a/playbooks/vps2.yml
+++ b/playbooks/vps2.yml
@@ -97,19 +97,6 @@
         - db.env
         - server.env
     #####
-    # APP: bisect-rustc-servce, /apps/bisect-rustc-service
-    #####
-    - name: Create /apps/bisect-rustc-service
-      ansible.builtin.file:
-        path: /apps/bisect-rustc-service
-        state: directory
-        mode: "u=rwx,g=rx,o=rx"
-    - name: SQLite DB permissions for bisect-rustc-servce
-      ansible.builtin.file:
-        path: /apps/bisect-rustc-service/db.sqlite
-        state: touch
-        mode: "u=rw,g=rw,o=rw"
-    #####
     # APP: minecraft server, /apps/minecraft
     #####
     - name: Create /apps/minecraft
diff --git a/vps2/Caddyfile b/vps2/Caddyfile
index 3e3451c..2246e1e 100644
--- a/vps2/Caddyfile
+++ b/vps2/Caddyfile
@@ -33,14 +33,6 @@ vps2.nilstrieb.dev {
 	file_server
 }
 
-nilstrieb.dev {
-	redir https://blog.nilstrieb.dev{uri}
-}
-
-www.nilstrieb.dev {
-	redir https://blog.nilstrieb.dev{uri}
-}
-
 docker.nilstrieb.dev {
 	reverse_proxy * localhost:5000
 }
@@ -57,10 +49,6 @@ cors-school.nilstrieb.dev {
 	reverse_proxy * localhost:5004
 }
 
-bisect-rustc.nilstrieb.dev {
-	reverse_proxy * localhost:5005
-}
-
 olat.nilstrieb.dev {
 	reverse_proxy * localhost:5011
 }
@@ -68,8 +56,3 @@ olat.nilstrieb.dev {
 olat.nilstrieb.dev:8088 {
 	reverse_proxy * localhost:5011
 }
-
-noratrieb.dev {
-	root * /var/www/html/nora
-	file_server
-}
diff --git a/vps2/backup.sh b/vps2/backup.sh
index 7a03e56..38c7a54 100755
--- a/vps2/backup.sh
+++ b/vps2/backup.sh
@@ -65,7 +65,7 @@ function upload_directory {
     rm "$tmppath"
 }
 
-upload_file "bisect-rustc-service/db.sqlite"
+#upload_file "bisect-rustc-service/db.sqlite"
 upload_file "killua/trivia_questions.json"
 #upload_file "uptime/uptime.db"
 
diff --git a/vps2/docker-compose.yml b/vps2/docker-compose.yml
index 02d2757..a5a2dce 100644
--- a/vps2/docker-compose.yml
+++ b/vps2/docker-compose.yml
@@ -28,18 +28,6 @@ services:
     environment:
       BOT_TOKEN: "${KILLUA_BOT_TOKEN}"
       KILLUA_JSON_PATH: /app/config/trivia_questions.json
-  cargo_bisect_rustc_service:
-    container_name: cargo-bisect-rustc-service
-    image: "docker.noratrieb.dev/cargo-bisect-rustc-service:316a4044"
-    restart: always
-    volumes:
-      - "/apps/bisect-rustc-service/db.sqlite:/home/bisector/db.sqlite"
-    environment:
-      SQLITE_DB: /home/bisector/db.sqlite
-    ports:
-      - "5005:4000"
-    networks:
-      - prometheus
   #### Karin
   karin_bot_db:
     container_name: karin-bot-db