From 88c6fa28f687eb074c7bca2256d00128127b3537 Mon Sep 17 00:00:00 2001 From: Sridhar Ratnakumar <3998+srid@users.noreply.github.com> Date: Mon, 13 May 2024 01:05:18 -0400 Subject: [PATCH] add actualism-app server (#55) --- flake.lock | 344 ++++++++++++++++++++++++++++++++++------ flake.nix | 1 + nixos/actualism-app.nix | 49 ++++++ packages/overlay.nix | 1 + systems/ax41.nix | 1 + 5 files changed, 350 insertions(+), 46 deletions(-) create mode 100644 nixos/actualism-app.nix diff --git a/flake.lock b/flake.lock index dcc5666..6e53745 100644 --- a/flake.lock +++ b/flake.lock @@ -1,6 +1,45 @@ { "nodes": { + "actualism-app": { + "inputs": { + "cargo-doc-live": "cargo-doc-live", + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs", + "process-compose-flake": "process-compose-flake", + "rust-flake": "rust-flake", + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1715572711, + "narHash": "sha256-CPZrSwbZBasURURCzoWHb0XCK1dYEmomT8HamOoQ1A8=", + "owner": "srid", + "repo": "actualism-app", + "rev": "62897d3bb3340d0952489195fd8f1f31b12c9c8c", + "type": "github" + }, + "original": { + "owner": "srid", + "repo": "actualism-app", + "type": "github" + } + }, "cargo-doc-live": { + "locked": { + "lastModified": 1713493311, + "narHash": "sha256-fxbzPNIv0o/Y0OEo0r6iAm4Dft1pX08CKtzBl+RKgrE=", + "owner": "srid", + "repo": "cargo-doc-live", + "rev": "b7058f7b4eb131c569a1fcebf966a1149defd7e3", + "type": "github" + }, + "original": { + "owner": "srid", + "repo": "cargo-doc-live", + "type": "github" + } + }, + "cargo-doc-live_2": { "locked": { "lastModified": 1692743000, "narHash": "sha256-7lxG/r72hECceIir+Y+N3vM0f7FcudZD5cq+KhZj4MI=", @@ -31,14 +70,37 @@ } }, "crane": { + "inputs": { + "nixpkgs": [ + "actualism-app", + "rust-flake", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707685877, + "narHash": "sha256-XoXRS+5whotelr1rHiZle5t5hDg9kpguS5yk8c8qzOc=", + "owner": "ipetkov", + "repo": "crane", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", + "type": "github" + } + }, + "crane_2": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixci", "nixpkgs" ], - "rust-overlay": "rust-overlay" + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1693787605, @@ -72,7 +134,7 @@ }, "devshell": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_5", "nixpkgs": [ "nixvim", "nixpkgs" @@ -162,6 +224,24 @@ "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, + "locked": { + "lastModified": 1714641030, + "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, "locked": { "lastModified": 1698579227, "narHash": "sha256-KVWjFZky+gRuWennKsbo6cWyo7c/z/VgCte5pR9pEKg=", @@ -176,9 +256,9 @@ "type": "github" } }, - "flake-parts_2": { + "flake-parts_3": { "inputs": { - "nixpkgs-lib": "nixpkgs-lib_2" + "nixpkgs-lib": "nixpkgs-lib_3" }, "locked": { "lastModified": 1688466019, @@ -194,7 +274,7 @@ "type": "github" } }, - "flake-parts_3": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -220,11 +300,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1692799911, - "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", "owner": "numtide", "repo": "flake-utils", - "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", "type": "github" }, "original": { @@ -235,14 +315,14 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1692799911, + "narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44", "type": "github" }, "original": { @@ -271,7 +351,25 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_5": { + "inputs": { + "systems": "systems_7" }, "locked": { "lastModified": 1701680307, @@ -287,9 +385,9 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { - "systems": "systems_6" + "systems": "systems_8" }, "locked": { "lastModified": 1710146030, @@ -431,15 +529,15 @@ }, "nixci": { "inputs": { - "cargo-doc-live": "cargo-doc-live", - "crane": "crane", + "cargo-doc-live": "cargo-doc-live_2", + "crane": "crane_2", "devour-flake": "devour-flake", - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs", - "process-compose-flake": "process-compose-flake", - "rust-overlay": "rust-overlay_2", - "systems": "systems_3", - "treefmt-nix": "treefmt-nix" + "flake-parts": "flake-parts_3", + "nixpkgs": "nixpkgs_3", + "process-compose-flake": "process-compose-flake_2", + "rust-overlay": "rust-overlay_3", + "systems": "systems_5", + "treefmt-nix": "treefmt-nix_2" }, "locked": { "lastModified": 1712481419, @@ -487,8 +585,8 @@ }, "nixos-vscode-server": { "inputs": { - "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_4" + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1684517665, @@ -506,21 +604,33 @@ }, "nixpkgs": { "locked": { - "lastModified": 1688590700, - "narHash": "sha256-ZF055rIUP89cVwiLpG5xkJzx00gEuuGFF60Bs/LM3wc=", + "lastModified": 1715282013, + "narHash": "sha256-GtwK9hQMbN+FxSD2eTioBOi2P47+t3oqnY4ZGJl53+k=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f292b4964cb71f9dfbbd30dc9f511d6165cd109b", + "rev": "cc6431d5598071f0021efc6c009c79e5b5fe1617", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-lib": { + "locked": { + "lastModified": 1714640452, + "narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" + } + }, + "nixpkgs-lib_2": { "locked": { "dir": "lib", "lastModified": 1696019113, @@ -538,7 +648,7 @@ "type": "github" } }, - "nixpkgs-lib_2": { + "nixpkgs-lib_3": { "locked": { "dir": "lib", "lastModified": 1688049487, @@ -557,6 +667,38 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1706487304, + "narHash": "sha256-LE8lVX28MV2jWJsidW13D2qrHU/RUUONendL2Q/WlJg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "90f456026d284c22b3e3497be980b2e47d0b28ac", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1688590700, + "narHash": "sha256-ZF055rIUP89cVwiLpG5xkJzx00gEuuGFF60Bs/LM3wc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "f292b4964cb71f9dfbbd30dc9f511d6165cd109b", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { "locked": { "lastModified": 1681358109, "narHash": "sha256-eKyxW4OohHQx9Urxi7TQlFBTDWII+F+x2hklDOQPB50=", @@ -572,7 +714,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_5": { "locked": { "lastModified": 1680945546, "narHash": "sha256-8FuaH5t/aVi/pR1XxnF0qi4WwMYC+YxlfdsA0V+TEuQ=", @@ -588,7 +730,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_6": { "locked": { "lastModified": 1682526928, "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", @@ -601,7 +743,7 @@ "type": "indirect" } }, - "nixpkgs_5": { + "nixpkgs_7": { "locked": { "lastModified": 1714253743, "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=", @@ -617,7 +759,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_8": { "locked": { "lastModified": 1680945546, "narHash": "sha256-8FuaH5t/aVi/pR1XxnF0qi4WwMYC+YxlfdsA0V+TEuQ=", @@ -637,7 +779,7 @@ "inputs": { "devshell": "devshell", "flake-compat": "flake-compat_2", - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_4", "home-manager": "home-manager_2", "nix-darwin": "nix-darwin_2", "nixpkgs": [ @@ -662,7 +804,7 @@ "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "gitignore": "gitignore", "nixpkgs": [ "nixvim", @@ -688,6 +830,21 @@ } }, "process-compose-flake": { + "locked": { + "lastModified": 1715063745, + "narHash": "sha256-kO8gcRHfuKIlsGmFoHUF4lD3CfrRBymIlG2R3OHBEjQ=", + "owner": "Platonic-Systems", + "repo": "process-compose-flake", + "rev": "32c069e7ef436b4325ee36503cd02b2863eede53", + "type": "github" + }, + "original": { + "owner": "Platonic-Systems", + "repo": "process-compose-flake", + "type": "github" + } + }, + "process-compose-flake_2": { "locked": { "lastModified": 1693927910, "narHash": "sha256-qPKHnWWzHS2bAi/SsFePQkGFeC2E1jklUjEidfQwYLc=", @@ -704,9 +861,10 @@ }, "root": { "inputs": { + "actualism-app": "actualism-app", "colmena-flake": "colmena-flake", "disko": "disko", - "flake-parts": "flake-parts", + "flake-parts": "flake-parts_2", "home-manager": "home-manager", "nix-darwin": "nix-darwin", "nix-index-database": "nix-index-database", @@ -714,12 +872,55 @@ "nixos-flake": "nixos-flake", "nixos-hardware": "nixos-hardware", "nixos-vscode-server": "nixos-vscode-server", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_7", "nixvim": "nixvim", - "treefmt-nix": "treefmt-nix_2" + "treefmt-nix": "treefmt-nix_3" + } + }, + "rust-flake": { + "inputs": { + "crane": "crane", + "nixpkgs": [ + "actualism-app", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1715570778, + "narHash": "sha256-PlWsDmfLHmhrvf2y7rBJP9wKlgMKm4iIP/PX2BdlttI=", + "owner": "juspay", + "repo": "rust-flake", + "rev": "19e41363312bdb34c2b3d6304b84d5d5fccee09d", + "type": "github" + }, + "original": { + "owner": "juspay", + "ref": "extraBuildArgs", + "repo": "rust-flake", + "type": "github" } }, "rust-overlay": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1715480255, + "narHash": "sha256-gEZl8nYidQwqJhOigJ91JDjoBFoPEWVsd82AKnaE7Go=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "d690205a4f01ec0930303c4204e5063958e51255", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "rust-overlay_2": { "inputs": { "flake-utils": [ "nixci", @@ -746,10 +947,10 @@ "type": "github" } }, - "rust-overlay_2": { + "rust-overlay_3": { "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_2" + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1694052649, @@ -855,9 +1056,60 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { - "nixpkgs": "nixpkgs_3" + "nixpkgs": [ + "actualism-app", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1714058656, + "narHash": "sha256-Qv4RBm4LKuO4fNOfx9wl40W2rBbv5u5m+whxRYUMiaA=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "c6aaf729f34a36c445618580a9f95a48f5e4e03f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_2": { + "inputs": { + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1688026376, @@ -873,9 +1125,9 @@ "type": "github" } }, - "treefmt-nix_2": { + "treefmt-nix_3": { "inputs": { - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_8" }, "locked": { "lastModified": 1689243103, diff --git a/flake.nix b/flake.nix index cca8e4d..c141208 100644 --- a/flake.nix +++ b/flake.nix @@ -21,6 +21,7 @@ nixci.url = "github:srid/nixci"; nix-index-database.url = "github:nix-community/nix-index-database"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs"; + actualism-app.url = "github:srid/actualism-app"; # Neovim nixvim.url = "github:nix-community/nixvim"; diff --git a/nixos/actualism-app.nix b/nixos/actualism-app.nix new file mode 100644 index 0000000..7db5738 --- /dev/null +++ b/nixos/actualism-app.nix @@ -0,0 +1,49 @@ +{ flake, pkgs, lib, ... }: + +let + inherit (flake) inputs; + inherit (inputs) self; +in +{ + + networking.firewall = { + allowedTCPPorts = [ + 80 + 443 + ]; + }; + # actualism-app (temp host) + services.nginx = { + enable = true; + virtualHosts."www.actualism.app" = { + enableACME = true; + # addSSL = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:8080"; + proxyWebsockets = true; + }; + }; + }; + security.acme = { + acceptTerms = true; + defaults.email = "srid@srid.ca"; + }; + systemd.services.actualism-app = { + enable = true; + description = "actualism-app server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = + lib.getExe (pkgs.writeShellApplication { + name = "actualism-app-start"; + text = '' + cd ${pkgs.actualism-app}/ + ${pkgs.actualism-app}/bin/actualism-app + ''; + }); + Restart = "always"; + }; + }; +} diff --git a/packages/overlay.nix b/packages/overlay.nix index 909ec50..3b2971f 100644 --- a/packages/overlay.nix +++ b/packages/overlay.nix @@ -6,4 +6,5 @@ self: super: { sshuttle-via = self.callPackage ./sshuttle-via.nix { }; nixci = flake.inputs.nixci.packages.${system}.default; # nix-health = flake.inputs.nix-browser.packages.${system}.nix-health; + actualism-app = flake.inputs.actualism-app.packages.${system}.default; } diff --git a/systems/ax41.nix b/systems/ax41.nix index c9cf0c1..ea84346 100644 --- a/systems/ax41.nix +++ b/systems/ax41.nix @@ -12,6 +12,7 @@ in "${self}/nixos/nix.nix" "${self}/nixos/self/primary-as-admin.nix" "${self}/nixos/docker.nix" + "${self}/nixos/actualism-app.nix" # "${self}/nixos/server/harden/basics.nix" ];