diff options
| author | Rory& <root@rory.gay> | 2024-02-19 06:16:55 +0100 |
|---|---|---|
| committer | Rory& <root@rory.gay> | 2024-06-05 17:25:16 +0200 |
| commit | db8f1c592903e1ac600d21b9448ded5bc46d3a77 (patch) | |
| tree | 90ebec32a5a8c9af8cdc9c9c133ed2826eb88e35 | |
| parent | Switch containers to nginx mainline (diff) | |
| download | Spacebar-Open-Infrastructure-db8f1c592903e1ac600d21b9448ded5bc46d3a77.tar.xz | |
Spacebar import - use variables
| -rwxr-xr-x | build.sh | 17 | ||||
| -rwxr-xr-x | host/Spacebar-nginx/configuration.nix | 7 | ||||
| -rw-r--r-- | host/Spacebar-nginx/containers/spacebar-server-dev-nix/import.nix | 71 |
3 files changed, 55 insertions, 40 deletions
diff --git a/build.sh b/build.sh index da5872f..27d0e11 100755 --- a/build.sh +++ b/build.sh @@ -1,26 +1,27 @@ -#!/usr/bin/env sh +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p git nixos-install-tools nix-output-monitor if [ $# -ne 2 ]; then echo "Usage: $0 <root> <config>" echo "NOTE: hardware config will be generated from root!" echo "Defined configs:" - cat flake.nix | grep 'nixpkgs.lib.nixosSystem' | sed 's/ =.*//' | sed 's/^[ \t]*//;s/[ \t]*$//' | while read cfg; do echo " - $cfg"; done + cat flake.nix | grep '.lib.nixosSystem' | sed 's/ =.*//' | sed 's/^[ \t]*//;s/[ \t]*$//' | while read cfg; do echo " - $cfg"; done exit 1 fi if [ "$1" = "/" ]; then + [ -f "host/${2}/pre-rebuild.sh" ] && host/$2/pre-rebuild.sh nixos-generate-config --show-hardware-config > hardware-configuration.nix git add -f hardware-configuration.nix - nixos-rebuild switch --flake ".#${2}" -j`nproc` --upgrade-all + nom build .#nixosConfigurations.${2}.config.system.build.toplevel && sudo nixos-rebuild switch --flake .#${HOSTNAME} || exit 1 + nixos-rebuild switch --flake ".#${2}" -j`nproc` --upgrade-all -L || exit 1 + [ -f "host/${2}/post-rebuild.sh" ] && host/$2/post-rebuild.sh git rm --cached hardware-configuration.nix exit else nixos-generate-config --show-hardware-config --root "${1}" > hardware-configuration.nix git add -f hardware-configuration.nix - if [ -f "flake.lock" ]; then - git add -f flake.lock - fi + nom build .#nixosConfigurations.${2}.config.system.build.toplevel || exit 1 nixos-install --root "${1}" --flake ".#${2}" git rm --cached hardware-configuration.nix - git rm --cached flake.lock - cp . "${1}/Spacebar-Open-Architecture" -r + cp . "${1}/Rory-Open-Architecture" -r exit fi diff --git a/host/Spacebar-nginx/configuration.nix b/host/Spacebar-nginx/configuration.nix index 434b2ff..15c8ffc 100755 --- a/host/Spacebar-nginx/configuration.nix +++ b/host/Spacebar-nginx/configuration.nix @@ -4,7 +4,12 @@ imports = [ ../../modules/base.nix - (import ./containers/spacebar-server-dev-nix/import.nix { inherit config lib pkgs secrets; spacebar-server = spacebarchat-server-dev-nix; }) + (import ./containers/spacebar-server-dev-nix/import.nix { + inherit config lib pkgs secrets; + spacebar-server = spacebarchat-server-dev-nix; + containerName = "spacebar-server-dev-nix"; + rootDomain = "dev-nix.server.spacebar.chat"; + }) ]; networking = { diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/import.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/import.nix index 5daacfb..7cc8763 100644 --- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/import.nix +++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/import.nix @@ -1,41 +1,50 @@ -{ config, pkgs, lib, spacebar-server, secrets, ... }: +{ + config, + pkgs, + lib, + secrets, + spacebar-server, + containerName, + rootDomain, + ... +}: { - containers."spacebarchat-server-dev-nix" = import ./container.nix { - inherit pkgs lib spacebar-server; - }; + containers."${containerName}" = import ./container.nix { + inherit pkgs lib spacebar-server; + }; - security.acme.certs."dev-nix.server.spacebar.chat" = { - domain = "dev-nix.server.spacebar.chat"; - extraDomainNames = [ "*.dev-nix.server.spacebar.chat" ]; - group = "nginx"; - dnsProvider = "cloudflare"; - credentialsFile = pkgs.writeTextFile { - name = "cloudflare-credentials"; - text = '' - # Cloudflare API credentials used by lego - # https://go-acme.github.io/lego/dns/cloudflare/ - CLOUDFLARE_DNS_API_TOKEN=${secrets.secret_keys.cloudflare_dns} - ''; - }; + security.acme.certs."${rootDomain}" = { + domain = "${rootDomain}"; + extraDomainNames = [ "*.${rootDomain}" ]; + group = "nginx"; + dnsProvider = "cloudflare"; + credentialsFile = pkgs.writeTextFile { + name = "cloudflare-credentials"; + text = '' + # Cloudflare API credentials used by lego + # https://go-acme.github.io/lego/dns/cloudflare/ + CLOUDFLARE_DNS_API_TOKEN=${secrets.secret_keys.cloudflare_dns} + ''; }; + }; - services.nginx.virtualHosts."*.dev-nix.server.spacebar.chat" = { - serverName = "*.dev-nix.server.spacebar.chat"; - useACMEHost = "dev-nix.server.spacebar.chat"; - forceSSL = true; - locations."/" = { - proxyPass = "http://192.168.100.1"; - }; + services.nginx.virtualHosts."*.${rootDomain}" = { + serverName = "*.${rootDomain}"; + useACMEHost = "${rootDomain}"; + forceSSL = true; + locations."/" = { + proxyPass = "http://${containerName}.containers"; }; - services.nginx.virtualHosts."dev-nix.server.spacebar.chat" = { - serverName = "dev-nix.server.spacebar.chat"; - useACMEHost = "dev-nix.server.spacebar.chat"; - forceSSL = true; - locations."/" = { - proxyPass = "http://192.168.100.1"; - }; + }; + services.nginx.virtualHosts."${rootDomain}" = { + serverName = "${rootDomain}"; + useACMEHost = "${rootDomain}"; + forceSSL = true; + locations."/" = { + proxyPass = "http://${containerName}.containers"; }; + }; system.stateVersion = "22.11"; # DO NOT EDIT! } \ No newline at end of file |