From 7d58129e972ca6a768df3435c73559732ff91393 Mon Sep 17 00:00:00 2001 From: self Date: Mon, 21 Aug 2023 12:19:26 -0700 Subject: [PATCH] add flakified lemmy (0.14.4) and sneer-archive --- flake.lock | 381 +++++++++++++++++++++++++++++++++- flake.nix | 14 +- hosts/more/configuration.nix | 1 + hosts/these/configuration.nix | 3 +- lemmy/dev/default.nix | 13 +- lemmy/dev/module.nix | 3 + lemmy/prod/default.nix | 9 +- lemmy/prod/module.nix | 3 + sneer-archive/default.nix | 17 ++ sneer-archive/proxy-pass.nix | 7 + 10 files changed, 431 insertions(+), 20 deletions(-) create mode 100644 sneer-archive/default.nix create mode 100644 sneer-archive/proxy-pass.nix diff --git a/flake.lock b/flake.lock index 3f61a2f..3c14249 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,24 @@ { "nodes": { + "archive-data": { + "inputs": { + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_5" + }, + "locked": { + "lastModified": 1690842193, + "narHash": "sha256-XJlNRnOkkdBSo0T9/aSAIzuRBCX9D+lWR06JutzgRE0=", + "ref": "refs/heads/main", + "rev": "262b488c58c37aa5428a465e1847609656c94236", + "revCount": 1, + "type": "git", + "url": "git://these.awful.systems/sneer-archive-data.git" + }, + "original": { + "type": "git", + "url": "git://these.awful.systems/sneer-archive-data.git" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -18,18 +37,197 @@ "type": "github" } }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_4" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1687709756, + "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "lemmy": { + "inputs": { + "flake-utils": "flake-utils_2", + "lemmy-translations": "lemmy-translations", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1692643794, + "narHash": "sha256-GPL8JJF6cVVFVf9U+liCpeEqcoX/bFYg2LU60MynP/I=", + "ref": "refs/heads/main", + "rev": "162ec83017a9d7f15c7e7ad7cefec62ab1e86d35", + "revCount": 4271, + "type": "git", + "url": "git://these.awful.systems/lemmy.git" + }, + "original": { + "type": "git", + "url": "git://these.awful.systems/lemmy.git" + } + }, + "lemmy-js-client": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1690365721, + "narHash": "sha256-cCgcUW2CLWUI7kUacs2O//rXRBlnUsix2M/QggVhFh4=", + "path": "/home/j/lemmy-js-client", + "type": "path" + }, + "original": { + "path": "/home/j/lemmy-js-client", + "type": "path" + } + }, + "lemmy-translations": { + "flake": false, + "locked": { + "lastModified": 1690314617, + "narHash": "sha256-fkv6l6/888XOdxZ8Y0P+Ww/y+8Wh4F8SIStncAmifu8=", + "owner": "lemmynet", + "repo": "lemmy-translations", + "rev": "68d14665d4f854fc20f9117636b5cde7176e91dd", + "type": "github" + }, + "original": { + "owner": "lemmynet", + "repo": "lemmy-translations", + "type": "github" + } + }, + "lemmy-translations_2": { + "flake": false, + "locked": { + "lastModified": 1690314617, + "narHash": "sha256-fkv6l6/888XOdxZ8Y0P+Ww/y+8Wh4F8SIStncAmifu8=", + "owner": "lemmynet", + "repo": "lemmy-translations", + "rev": "68d14665d4f854fc20f9117636b5cde7176e91dd", + "type": "github" + }, + "original": { + "owner": "lemmynet", + "repo": "lemmy-translations", + "type": "github" + } + }, + "lemmy-ui": { + "inputs": { + "flake-utils": "flake-utils_3", + "lemmy-js-client": "lemmy-js-client", + "lemmy-translations": "lemmy-translations_2", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1692644033, + "narHash": "sha256-mvph4dGG7AntWCl+YR+PpUyYIwsp9ifYEiVy90YS/eQ=", + "ref": "refs/heads/main", + "rev": "d0708bf0499687e12332940db1ddf1a2248cc6f2", + "revCount": 1920, + "type": "git", + "url": "git://these.awful.systems/lemmy-ui.git" + }, + "original": { + "type": "git", + "url": "git://these.awful.systems/lemmy-ui.git" + } + }, "nixpkgs": { "locked": { - "lastModified": 1689431009, - "narHash": "sha256-hPgQCRWP5q/Xc4qOIP3c2krR9nQua78+t9EDiuey5nc=", + "lastModified": 1690031011, + "narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "af8279f65fe71ce5a448408034a8c06e2b4b2c66", + "rev": "12303c652b881435065a98729eb7278313041e49", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-23.05", + "ref": "nixos-unstable", "type": "indirect" } }, @@ -50,6 +248,79 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1690179384, + "narHash": "sha256-+arbgqFTAtoeKtepW9wCnA0njCOyoiDFyl0Q0SBSOtE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b12803b6d90e2e583429bb79b859ca53c348b39a", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1690031011, + "narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "12303c652b881435065a98729eb7278313041e49", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1689431009, + "narHash": "sha256-hPgQCRWP5q/Xc4qOIP3c2krR9nQua78+t9EDiuey5nc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "af8279f65fe71ce5a448408034a8c06e2b4b2c66", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1689078114, + "narHash": "sha256-osG8BrX5RpKJ7wH+vI6auOU+ctvNOblT4XXCgknK47c=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b6cc7ff8fee93789bc871a267ab876c3fca042cb", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1688556768, + "narHash": "sha256-mhd6g0iJGjEfOr3+6mZZOclUveeNr64OwxdbNtLc8mY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "27bd67e55fe09f9d68c77ff151c3e44c4f81f7de", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_7": { "locked": { "lastModified": 1689413807, "narHash": "sha256-exuzOvOhGAEKWQKwDuZAL4N8a1I837hH5eocaTcIbLc=", @@ -83,14 +354,37 @@ "root": { "inputs": { "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs", + "lemmy": "lemmy", + "lemmy-ui": "lemmy-ui", + "nixpkgs": "nixpkgs_4", "pkgs-unstable": "pkgs-unstable", + "sneer-archive-site": "sneer-archive-site", "sops-nix": "sops-nix" } }, + "sneer-archive-site": { + "inputs": { + "archive-data": "archive-data", + "flake-utils": "flake-utils_6", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1690843079, + "narHash": "sha256-pivK6BRgSyZpVjH93WoXLr989y/PoeM5SP9tVxpVQGI=", + "ref": "refs/heads/main", + "rev": "6f0dc5d89caa2b6600b1a174dba81f5522fd4109", + "revCount": 1, + "type": "git", + "url": "git://these.awful.systems/sneer-archive-site.git" + }, + "original": { + "type": "git", + "url": "git://these.awful.systems/sneer-archive-site.git" + } + }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_7", "nixpkgs-stable": "nixpkgs-stable" }, "locked": { @@ -121,6 +415,81 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 8653d48..d2d716e 100644 --- a/flake.nix +++ b/flake.nix @@ -6,9 +6,13 @@ flake-utils.url = "github:numtide/flake-utils"; pkgs-unstable.url = "nixpkgs/nixos-unstable"; sops-nix.url = "github:Mic92/sops-nix"; + lemmy.url = "git://these.awful.systems/lemmy.git"; + lemmy-ui.url = "git://these.awful.systems/lemmy-ui.git"; + sneer-archive-site.url = "git://these.awful.systems/sneer-archive-site.git"; }; - outputs = { self, nixpkgs, flake-utils, sops-nix, ... }@attrs: + outputs = { self, nixpkgs, flake-utils, sops-nix, lemmy, lemmy-ui + , sneer-archive-site, ... }@attrs: { nixosConfigurations = { these = nixpkgs.lib.nixosSystem { @@ -59,9 +63,13 @@ (go "more" "root@more.awful.systems") init-secrets pkgs.bashInteractive + + # cache these packages: + lemmy.packages.${system}.lemmy-server + lemmy-ui.packages.${system}.lemmy-ui + sneer-archive-site.packages.${system}.default ]; }; - packages.maint-mode = - (pkgs.callPackage ./maint-mode/site.nix {}); + packages.maint-mode = (pkgs.callPackage ./maint-mode/site.nix { }); }); } diff --git a/hosts/more/configuration.nix b/hosts/more/configuration.nix index cf2a60a..bc39074 100644 --- a/hosts/more/configuration.nix +++ b/hosts/more/configuration.nix @@ -6,6 +6,7 @@ ../../secrets ../../lemmy/prod ../../git/proxy-pass.nix + ../../sneer-archive/proxy-pass.nix ../../maint-mode ]; diff --git a/hosts/these/configuration.nix b/hosts/these/configuration.nix index e3ad136..f128726 100644 --- a/hosts/these/configuration.nix +++ b/hosts/these/configuration.nix @@ -5,10 +5,11 @@ ../../hardware/hetzner-cloud/cx21.nix ../../secrets ../../pass - ../../lemmy/staging + #../../lemmy/staging ../../lemmy/dev ../../maint-mode ../../git + ../../sneer-archive ]; networking.hostName = "these"; diff --git a/lemmy/dev/default.nix b/lemmy/dev/default.nix index 7bf0d31..eab1b12 100644 --- a/lemmy/dev/default.nix +++ b/lemmy/dev/default.nix @@ -1,12 +1,13 @@ -{ config, lib, pkgs, pkgs-unstable, ... }: +{ config, lib, pkgs, pkgs-unstable, lemmy, lemmy-ui, ... }: { imports = [ ./module.nix ]; services.lemmy-dev = { enable = true; - server.package = pkgs.callPackage ../server.nix { Security = null; }; - ui.package = pkgs.callPackage ../ui.nix { }; + server.package = + lemmy.packages.${pkgs.stdenv.hostPlatform.system}.lemmy-server; + ui.package = lemmy-ui.packages.${pkgs.stdenv.hostPlatform.system}.lemmy-ui; nginx.enable = true; database.createLocally = true; @@ -33,7 +34,8 @@ sops.templates.lemmy-dev.content = builtins.toJSON (config.services.lemmy-dev.settings // { setup = config.services.lemmy-dev.settings.setup // { - admin_password = config.sops.placeholder."lemmy-dev/initial_admin_password"; + admin_password = + config.sops.placeholder."lemmy-dev/initial_admin_password"; }; # email = { @@ -49,8 +51,7 @@ serviceConfig = { User = "lemmy_dev"; Group = "lemmy_dev"; - LoadCredential = - "lemmy-dev:${config.sops.templates.lemmy-dev.path}"; + LoadCredential = "lemmy-dev:${config.sops.templates.lemmy-dev.path}"; }; environment = { diff --git a/lemmy/dev/module.nix b/lemmy/dev/module.nix index 97887c0..81b1eb7 100644 --- a/lemmy/dev/module.nix +++ b/lemmy/dev/module.nix @@ -159,6 +159,9 @@ in { backend = "http://127.0.0.1:${toString cfg.settings.port}"; in mkIf cfg.nginx.enable { enable = mkDefault true; + eventsConfig = '' + worker_connections 20000; + ''; appendHttpConfig = '' map "$request_method:$http_accept" $proxpass { # If no explicit matches exists below, send traffic to lemmy-ui diff --git a/lemmy/prod/default.nix b/lemmy/prod/default.nix index f7c48b8..c871422 100644 --- a/lemmy/prod/default.nix +++ b/lemmy/prod/default.nix @@ -1,12 +1,13 @@ -{ config, lib, pkgs, pkgs-unstable, ... }: +{ config, lib, pkgs, pkgs-unstable, lemmy, lemmy-ui, ... }: { imports = [ ./module.nix ]; services.lemmy-prod = { enable = true; - server.package = pkgs.callPackage ../server.nix { Security = null; }; - ui.package = pkgs.callPackage ../ui.nix { }; + server.package = + lemmy.packages.${pkgs.stdenv.hostPlatform.system}.lemmy-server; + ui.package = lemmy-ui.packages.${pkgs.stdenv.hostPlatform.system}.lemmy-ui; nginx.enable = true; database.createLocally = true; @@ -45,7 +46,7 @@ serviceConfig = { User = "lemmy"; Group = "lemmy"; - LoadCredential = ''lemmy-prod:${config.sops.templates.lemmy-prod.path}''; + LoadCredential = "lemmy-prod:${config.sops.templates.lemmy-prod.path}"; }; environment = { diff --git a/lemmy/prod/module.nix b/lemmy/prod/module.nix index dc24bd7..6d99284 100644 --- a/lemmy/prod/module.nix +++ b/lemmy/prod/module.nix @@ -159,6 +159,9 @@ in { backend = "http://127.0.0.1:${toString cfg.settings.port}"; in mkIf cfg.nginx.enable { enable = mkDefault true; + eventsConfig = '' + worker_connections 20000; + ''; appendHttpConfig = '' map "$request_method:$http_accept" $proxpass { # If no explicit matches exists below, send traffic to lemmy-ui diff --git a/sneer-archive/default.nix b/sneer-archive/default.nix new file mode 100644 index 0000000..b106034 --- /dev/null +++ b/sneer-archive/default.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, sneer-archive-site, ... }: + +{ + services.nginx = { + enable = true; + virtualHosts."_".locations."/archives" = { + root = + sneer-archive-site.packages.${pkgs.stdenv.hostPlatform.system}.default; + tryFiles = "$uri $uri.html $uri/ =404"; + extraConfig = '' + if ($request_uri ~ ^/(.*)\.html(\?|$)) { + return 301 /$1; + } + ''; + }; + }; +} diff --git a/sneer-archive/proxy-pass.nix b/sneer-archive/proxy-pass.nix new file mode 100644 index 0000000..a7ed8e2 --- /dev/null +++ b/sneer-archive/proxy-pass.nix @@ -0,0 +1,7 @@ +{ config, lib, pkgs, ... }: + +{ + services.nginx.virtualHosts."awful.systems".locations."/archives" = { + proxyPass = "http://these"; + }; +} -- 2.44.1