From 5919f10719f845488a449a74479799f9d3774759 Mon Sep 17 00:00:00 2001 From: Riley Apeldoorn Date: Sat, 28 May 2022 18:38:31 +0200 Subject: [PATCH] Make it work --- machines/sif/nginx.nix | 58 ++++++++++++++++++++++++++++------------ machines/sif/website.nix | 32 +++++++++++++++------- 2 files changed, 63 insertions(+), 27 deletions(-) diff --git a/machines/sif/nginx.nix b/machines/sif/nginx.nix index faa7941..58e55e0 100644 --- a/machines/sif/nginx.nix +++ b/machines/sif/nginx.nix @@ -1,41 +1,65 @@ { ... }: -{ +let enableACME = false; + port = toString 3000; +in { security.acme = { acceptTerms = true; - email = "me@riley.lgbt"; + defaults.email = "me@riley.lgbt"; }; services.nginx.enable = true; services.nginx.virtualHosts = { - "riley.lgbt" = { - listen = [{ - port = 443; - addr = "77.169.117.112"; - }]; - enableACME = true; + + "192.168.2.22" = { + listen = [{ + port = 80; + addr = "192.168.2.22"; + }]; + locations."/" = { - proxyPass = "http://localhost:3000"; - extraConfig = '' - proxy_set_header Host $host; - proxy_buffering off; - ''; + proxyPass = "http://localhost:${port}"; }; }; - "rly.cx" = { + + # Main domain that hosts my website + "riley.lgbt" = { + + inherit enableACME; + listen = [{ - port = 443; + port = if enableACME then 443 else 80; addr = "77.169.117.112"; }]; - enableACME = true; + locations."/" = { - proxyPass = "http://localhost:3000"; + proxyPass = "http://localhost:${port}"; extraConfig = '' proxy_set_header Host $host; proxy_buffering off; ''; }; + + }; + + "rly.cx" = { + + inherit enableACME; + + listen = [{ + port = if enableACME then 443 else 80; + addr = "77.169.117.112"; + }]; + + locations."/" = { + proxyPass = "http://localhost:${port}"; + extraConfig = '' + proxy_set_header Host $host; + proxy_buffering off; + ''; + }; + }; }; diff --git a/machines/sif/website.nix b/machines/sif/website.nix index 4acce7b..15beec6 100644 --- a/machines/sif/website.nix +++ b/machines/sif/website.nix @@ -1,19 +1,28 @@ { pkgs, lib, config, ... }: -let secret = config.age.secrets."website".path; - website = pkgs.rustPlatform.buildRustPackage { +let secret = config.age.secrets."website".path; + builder = pkgs.rustPlatform.buildRustPackage.override { + rustc = (pkgs.rust-bin.selectLatestNightlyWith (toolchain: toolchain.minimal)).overrideAttrs (old: { + meta.platforms = [ + "x86_64-linux" + "aarch64-linux" + ]; + }); + }; + website = builder { pname = "website"; - version = "1.0.0"; - cargoSha256 = "sha256-sT5BONGXWCpc+455TS1rc/SwNUtc6hXbwUMO/q/tiJ0="; + version = "0.1.0"; + cargoSha256 = "sha256-4v45QaZKyjifn2MGyuy+SovfFBWu55FYR9nWRWlaQOM="; + + postInstall = '' + cp ./links.toml $out/links.toml + cp -r ./static/ $out/static/ + ''; - postPatch = '' - cp ${secret} secret - ''; - src = pkgs.fetchgit { url = "https://im.badat.dev/riley/website.git"; rev = "refs/heads/mistress"; - sha256 = "sha256-NiFinpSOE1wokOgBmgpZfMqR9AsENA9t/N84c/Ms2vU="; + sha256 = "sha256-QONZR4zpgifEQByH3rtfkHQjwQVrjRy89RVvVLMciKs="; }; }; in { @@ -21,6 +30,9 @@ in { enable = true; description = "Run my website :)"; path = [ website ]; - script = "${website}/bin/website"; + script = '' + cd ${website} + SITE_API_SECRET=$(cat ${secret}) ${website}/bin/website + ''; }; }