c3d2-web: add gemini with molly-brown
This commit is contained in:
parent
0bfde2fd49
commit
3edf2da774
|
@ -1,6 +1,7 @@
|
|||
{ zentralwerk, nixpkgs, config, pkgs, ... }:
|
||||
let
|
||||
webroot = "/var/www";
|
||||
geminiRoot = "/var/gemini";
|
||||
deployCommand = "${pkgs.systemd}/bin/systemctl start deploy-c3d2-web.service";
|
||||
in
|
||||
{
|
||||
|
@ -13,7 +14,12 @@ in
|
|||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
# nginx
|
||||
80 443
|
||||
# molly-brown
|
||||
1965
|
||||
];
|
||||
|
||||
# Web server
|
||||
services.nginx = {
|
||||
|
@ -76,6 +82,20 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
# Gemini server
|
||||
services.molly-brown = {
|
||||
enable = true;
|
||||
hostName = "c3d2.de";
|
||||
certPath = "/var/lib/acme/www.c3d2.de/cert.pem";
|
||||
keyPath = "/var/lib/acme/www.c3d2.de/key.pem";
|
||||
docBase = geminiRoot;
|
||||
settings = {
|
||||
DefaultLang = "de";
|
||||
ReadMollyFiles = true;
|
||||
};
|
||||
};
|
||||
# let molly-brown access the tls certs
|
||||
systemd.services.molly-brown.serviceConfig.Group = config.services.nginx.group;
|
||||
|
||||
# Build user
|
||||
users.groups.c3d2-web = {};
|
||||
|
@ -88,6 +108,7 @@ in
|
|||
systemd.tmpfiles.rules = [
|
||||
"d ${webroot}/c3d2 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
|
||||
"d ${webroot}/log 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
|
||||
"d ${geminiRoot} 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
|
||||
"d ${config.users.users.c3d2-web.home} 0700 c3d2-web ${config.users.users.c3d2-web.group} -"
|
||||
];
|
||||
|
||||
|
@ -111,6 +132,7 @@ in
|
|||
git pull
|
||||
REV=$(git rev-parse HEAD)
|
||||
|
||||
# web
|
||||
set +e
|
||||
curl -X POST \
|
||||
"https://gitea.c3d2.de/api/v1/repos/c3d2/c3d2-web/statuses/$REV?token=${pkgs.c3d2-web.giteaToken}" \
|
||||
|
@ -135,6 +157,30 @@ in
|
|||
-H "Content-Type: application/json" \
|
||||
-d "$STATUS"
|
||||
|
||||
git clean -fx
|
||||
# gemini
|
||||
curl -X POST \
|
||||
"https://gitea.c3d2.de/api/v1/repos/c3d2/c3d2-web/statuses/$REV?token=${pkgs.c3d2-web.giteaToken}" \
|
||||
-H "accept: application/json" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{ \"context\": \"c3d2-gemini\", \"description\": \"building...\", \"state\": \"pending\", \"target_url\": \"https://c3d2-web.serv.zentralwerk.org/log/build-gemini-$REV.txt\"}"
|
||||
|
||||
nix-shell shell.nix \
|
||||
-I nixpkgs=${nixpkgs} \
|
||||
--run "make -f Makefile.gemini -j$(nproc) export DESTDIR=${geminiRoot}" \
|
||||
2>&1 \
|
||||
>${webroot}/log/build-gemini-$REV.txt
|
||||
|
||||
if [ $? = 0 ]; then
|
||||
STATUS="{ \"context\": \"c3d2-gemini\", \"description\": \"deployed\", \"state\": \"success\", \"target_url\": \"https://c3d2-web.serv.zentralwerk.org/log/build-gemini-$REV.txt\"}"
|
||||
else
|
||||
STATUS="{ \"context\": \"c3d2-gemini\", \"description\": \"build failure\", \"state\": \"failure\", \"target_url\": \"https://c3d2-web.serv.zentralwerk.org/log/build-gemini-$REV.txt\"}"
|
||||
fi
|
||||
curl -X POST \
|
||||
"https://gitea.c3d2.de/api/v1/repos/c3d2/c3d2-web/statuses/$REV?token=${pkgs.c3d2-web.giteaToken}" \
|
||||
-H "accept: application/json" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$STATUS"
|
||||
set -e
|
||||
done
|
||||
'';
|
||||
|
|
Loading…
Reference in New Issue