From e5dbfd32b52e35aecf961b8b80a5f70e76c3cb83 Mon Sep 17 00:00:00 2001 From: Ben Sima Date: Sun, 5 Apr 2020 15:53:37 -0700 Subject: Deploy que.run without nginx I still have to reimplement the SSL stuff but in the Haskell code. That seems kinda hard or at least requires research that I don't wanna do right now. --- Com/Simatime/Prod/configuration.nix | 11 ------ Com/Simatime/Prod/hardware.nix | 6 --- Com/Simatime/Prod/networking.nix | 31 ---------------- Run/Que/Prod.nix | 39 ++++++++++++++++++++ Run/Que/Server.nix | 45 +++++++++++++++++++++++ Run/Que/service.nix | 73 ------------------------------------- default.nix | 15 +++----- 7 files changed, 90 insertions(+), 130 deletions(-) delete mode 100644 Com/Simatime/Prod/configuration.nix delete mode 100755 Com/Simatime/Prod/hardware.nix delete mode 100755 Com/Simatime/Prod/networking.nix create mode 100644 Run/Que/Prod.nix create mode 100644 Run/Que/Server.nix delete mode 100644 Run/Que/service.nix diff --git a/Com/Simatime/Prod/configuration.nix b/Com/Simatime/Prod/configuration.nix deleted file mode 100644 index 0a1d4fc..0000000 --- a/Com/Simatime/Prod/configuration.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: -{ - networking.firewall.allowedTCPPorts = [ 22 80 443 ]; - services.que-server = { - enable = true; - domain = "que.run"; - port = 3000; - package = pkgs.que-server; - }; - services.nginx.enable = true; -} diff --git a/Com/Simatime/Prod/hardware.nix b/Com/Simatime/Prod/hardware.nix deleted file mode 100755 index 8c88cb7..0000000 --- a/Com/Simatime/Prod/hardware.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ ... }: -{ - imports = [ ]; - boot.loader.grub.device = "/dev/vda"; - fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; -} diff --git a/Com/Simatime/Prod/networking.nix b/Com/Simatime/Prod/networking.nix deleted file mode 100755 index 6180dde..0000000 --- a/Com/Simatime/Prod/networking.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib, ... }: { - # This file was populated at runtime with the networking - # details gathered from the active system. - networking = { - nameservers = [ - "67.207.67.2" - "67.207.67.3" - ]; - defaultGateway = "157.245.224.1"; - defaultGateway6 = "2604:a880:2:d1::1"; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce true; - interfaces = { - eth0 = { - ipv4.addresses = [ - { address="157.245.236.44"; prefixLength=20; } - { address="10.46.0.5"; prefixLength=16; } - ]; - ipv6.addresses = [ - { address="2604:a880:2:d1::a2:5001"; prefixLength=64; } - { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; } - ]; - ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ]; - ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ]; - }; - }; - }; - services.udev.extraRules = '' - ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0" - ''; -} diff --git a/Run/Que/Prod.nix b/Run/Que/Prod.nix new file mode 100644 index 0000000..63e4be3 --- /dev/null +++ b/Run/Que/Prod.nix @@ -0,0 +1,39 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ ]; + boot.loader.grub.device = "/dev/vda"; + fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; + networking.firewall.allowedTCPPorts = [ 22 80 443 ]; + services.que-server = { + enable = true; + port = 80; + package = pkgs.que-server; + }; + networking = { + nameservers = [ + "67.207.67.2" + "67.207.67.3" + ]; + defaultGateway = "157.245.224.1"; + defaultGateway6 = "2604:a880:2:d1::1"; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce true; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address="157.245.236.44"; prefixLength=20; } + { address="10.46.0.5"; prefixLength=16; } + ]; + ipv6.addresses = [ + { address="2604:a880:2:d1::a2:5001"; prefixLength=64; } + { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; } + ]; + ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ]; + ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ]; + }; + }; + }; + services.udev.extraRules = '' + ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0" + ''; +} diff --git a/Run/Que/Server.nix b/Run/Que/Server.nix new file mode 100644 index 0000000..272ea6e --- /dev/null +++ b/Run/Que/Server.nix @@ -0,0 +1,45 @@ +{ options +, lib +, config +, pkgs +, modulesPath +}: + +let + cfg = config.services.que-server; +in +{ + options.services.que-server = { + enable = lib.mkEnableOption "Enable the que-server service"; + port = lib.mkOption { + type = lib.types.int; + default = 3000; + description = '' + The port on which que-server will listen for + incoming HTTP traffic. + ''; + }; + package = lib.mkOption { + type = lib.types.package; + description = "que-server package to use"; + }; + }; + config = lib.mkIf cfg.enable { + systemd.services.que-server = { + path = [ cfg.package ]; + wantedBy = [ "multi-user.target" ]; + script = '' + ${cfg.package}/bin/que-server -p ${toString cfg.port} + ''; + description = '' + Que server + ''; + serviceConfig = { + KillSignal = "INT"; + Type = "simple"; + Restart = "on-abort"; + RestartSec = "1"; + }; + }; + }; +} diff --git a/Run/Que/service.nix b/Run/Que/service.nix deleted file mode 100644 index aa68657..0000000 --- a/Run/Que/service.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ options -, lib -, config -, pkgs -, modulesPath -}: - -let - cfg = config.services.que-server; -in -{ - options.services.que-server = { - enable = lib.mkEnableOption "Enable the que-server service"; - domain = lib.mkOption { - type = lib.types.str; - default = "que.run"; - description = '' - Domain on which to host que-server. This is passed to - services.nginx.virtualHosts. directly. - ''; - }; - port = lib.mkOption { - type = lib.types.int; - default = 3000; - description = '' - The port on which que-server will listen for - incoming HTTP traffic. - ''; - }; - package = lib.mkOption { - type = lib.types.package; - description = "que-server package to use"; - }; - }; - config = lib.mkIf cfg.enable { - systemd.services.que-server = { - path = [ cfg.package ]; - wantedBy = [ "multi-user.target" ]; - script = '' - ${cfg.package}/bin/que-server -p ${toString cfg.port} - ''; - description = '' - Que server - ''; - serviceConfig = { - KillSignal = "INT"; - Type = "simple"; - Restart = "on-abort"; - RestartSec = "1"; - }; - }; - services.nginx = { - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - virtualHosts = { - "${cfg.domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:${toString cfg.port}"; - extraConfig = '' - proxy_set_header X-Real-IP $realip_remote_addr; - proxy_set_header X-Forwarded-Host $remote_addr; - proxy_pass_request_headers on; - ''; - }; - }; - }; - }; - }; -} diff --git a/default.nix b/default.nix index ad1f750..ea20799 100644 --- a/default.nix +++ b/default.nix @@ -52,9 +52,9 @@ in rec { networking.domain = "dev.simatime.com"; }; }; - # The production server for apps + # The production server for que.run # - Com.Simatime.Prod = buildOS { + Run.Que.Prod = buildOS { deps = { que-server = Run.Que.Server; }; @@ -62,14 +62,11 @@ in rec { imports = [ ./Com/Simatime/packages.nix ./Com/Simatime/users.nix - ./Com/Simatime/Prod/hardware.nix - ./Com/Simatime/Prod/networking.nix - ./Com/Simatime/Prod/configuration.nix - ./Run/Que/service.nix + ./Run/Que/Server.nix + ./Run/Que/Prod.nix ]; - networking.hostName = "prod"; - networking.domain = "prod.simatime.com"; - boot.enableContainers = true; + networking.hostName = "prod.que.run"; + networking.domain = "que.run"; }; }; # Haskell targets -- cgit v1.2.3