Rework web roles

author: Caroline Larimore <caroline@larimo.re> 2024-07-20 17:50:59 -0700
committer: Caroline Larimore <caroline@larimo.re> 2024-07-20 17:50:59 -0700
commit: ad70a6505bb3f052c6a0161ae0d2010c654737b3 (patch)
tree: e3c315552a0d002164a45e38c3dfceed4bc0eda5 /roles
parent: 036e6e8d3959f9490bd54819a5efe574306b4b6f (diff)
5 files changed, 81 insertions, 33 deletions
diff --git a/roles/web/default.nix b/roles/web/default.nix
index bbcc246..efa9342 100644
--- a/roles/web/default.nix
+++ b/roles/web/default.nix
@@ -2,6 +2,7 @@
 
 {
   imports = [
+    ./personal
     ./proxy
     ./stargazers
     ./test
diff --git a/roles/web/personal/default.nix b/roles/web/personal/default.nix
new file mode 100644
index 0000000..e036f98
--- /dev/null
+++ b/roles/web/personal/default.nix
@@ -0,0 +1,56 @@
+{ config, pkgs, lib, inputs, ... }:
+with lib;
+
+let 
+  cfg = config.roles.web.personal;
+  package = (pkgs.buildGoModule rec {
+    pname = "site";
+    version = "6612d84c63a7bbc2a5b70607f2ec32ea070c4659";
+
+    src = pkgs.fetchFromGitHub {
+      owner = "CartConnoisseur";
+      repo = "site";
+      rev = "${version}";
+      hash = "sha256-n54+LdtMyjoLfaFqd7tcDQqBiYCdUW/Rs67Vc4QwEJ0=";
+    };
+
+    # kinda a hack, but whatever
+    postBuild = ''
+      mkdir -p $out/share/site
+      cp -r $src/* $out/share/site/
+    '';
+
+    vendorHash = "sha256-2/4Wv7nsaT0wnUzkRgHKpSswigDj9nOvlmYXK29rvLU=";
+  });
+in {
+  options.roles.web.personal = {
+    enable = mkEnableOption "personal site";
+  };
+
+  config = mkIf cfg.enable {
+    networking.firewall.allowedTCPPorts = [ 80 ];
+    
+    services.nginx = {
+      enable = true;
+      virtualHosts = {
+        "caroline.larimo.re" = {
+          serverAliases = [ "cxl.sh" "localhost" ];
+          locations."/" = {
+            recommendedProxySettings = true;
+            proxyPass = "http://localhost:8080/";
+          };
+        };
+      };
+    };
+
+    systemd.services."web.personal" = {
+      enable = true;
+      wantedBy = [ "multi-user.target" ];
+
+      serviceConfig = {
+        WorkingDirectory = "${package}/share/site";
+        ExecStart = "${package}/bin/site";
+      };
+    };
+  };
+}
diff --git a/roles/web/proxy/default.nix b/roles/web/proxy/default.nix
index 879ef12..3f06265 100644
--- a/roles/web/proxy/default.nix
+++ b/roles/web/proxy/default.nix
@@ -4,6 +4,11 @@ with lib;
 let cfg = config.roles.web.proxy; in {
   options.roles.web.proxy = {
     enable = mkEnableOption "nginx reverse proxy";
+    personal = mkOption {
+      type = types.str;
+      default = "localhost:8080";
+      description = "personal site address";
+    };
   };
 
   config = mkIf cfg.enable {
@@ -12,14 +17,18 @@ let cfg = config.roles.web.proxy; in {
     services.nginx = {
       enable = true;
       virtualHosts = {
-        "localhost".locations = {
-          "/test" = {
-            recommendedProxySettings = true;
-            proxyPass = "http://192.168.0.2/";
-          };
-          "/stargazers" = {
-            recommendedProxySettings = true;
-            proxyPass = "http://192.168.0.3/";
+        "caroline.larimo.re" = {
+          serverAliases = [ "cxl.sh" "localhost" ];
+
+          locations = {
+            "/" = {
+              recommendedProxySettings = true;
+              proxyPass = "http://${cfg.personal}/";
+            };
+            "/test" = {
+              recommendedProxySettings = true;
+              proxyPass = "http://web-test.containers/";
+            };
           };
         };
       };
diff --git a/roles/web/stargazers/default.nix b/roles/web/stargazers/default.nix
index 78b37d3..b7cca11 100644
--- a/roles/web/stargazers/default.nix
+++ b/roles/web/stargazers/default.nix
@@ -7,30 +7,12 @@ let cfg = config.roles.web.stargazers; in {
   };
 
   config = mkIf cfg.enable {
-    containers.web-stargazers = {
-      autoStart = true;
-
-      privateNetwork = true;
-      hostAddress = "192.168.0.1";
-      localAddress = "192.168.0.3";
-
-      bindMounts = {
-        "/srv/web/stargazers" = {
-          hostPath = "/srv/web/stargazers";
-          isReadOnly = true;
-        };
-      };
-
-      config = { ... }: {
-        system.stateVersion = "23.11";
-        networking.firewall.allowedTCPPorts = [ 80 ];
-
-        services.nginx = {
-          enable = true;
-          virtualHosts = {
-            "192.168.0.3".root = "/srv/web/stargazers";
-          };
-        };
+    networking.firewall.allowedTCPPorts = [ 80 ];
+    
+    services.nginx = {
+      enable = true;
+      virtualHosts = {
+        "stargazers.xn--6frz82g".root = "/srv/web/stargazers";
       };
     };
   };
diff --git a/roles/web/test/default.nix b/roles/web/test/default.nix
index 04bc1a7..28376a2 100644
--- a/roles/web/test/default.nix
+++ b/roles/web/test/default.nix
@@ -28,7 +28,7 @@ let cfg = config.roles.web.test; in {
         services.nginx = {
           enable = true;
           virtualHosts = {
-            "192.168.0.2".root = "/srv/web/test";
+            "web-test".root = "/srv/web/test";
           };
         };
       };
author	Caroline Larimore <caroline@larimo.re>	2024-07-20 17:50:59 -0700
committer	Caroline Larimore <caroline@larimo.re>	2024-07-20 17:50:59 -0700
commit	ad70a6505bb3f052c6a0161ae0d2010c654737b3 (patch)
tree	e3c315552a0d002164a45e38c3dfceed4bc0eda5 /roles
parent	036e6e8d3959f9490bd54819a5efe574306b4b6f (diff)