From 4f956c005c31a0f66a3936d4045de7a016e2fc4f Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Tue, 31 Dec 2024 11:29:29 +0100 Subject: [PATCH] Build blog image with NixNG --- README.md | 2 +- flake.lock | 142 ++++++++++++++++++++----------- flake.nix | 16 ++-- kubenix.nix | 2 +- modules/blog.nix | 4 +- nixng-configurations/blog.nix | 44 ++++++++++ nixng-configurations/default.nix | 4 + 7 files changed, 156 insertions(+), 58 deletions(-) create mode 100644 nixng-configurations/blog.nix diff --git a/README.md b/README.md index 0814689..19e76c3 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Legend: | Status | Image | Comments | | --- | --- | --- | -| ✨ | `git.kun.is/home/blog-pim` | | +| ✨ | `nixng-blog` | | | ✨ | `nixng-dnsmasq` | | | ✨ | `nixng-attic` | | | ✨ | `nixng-ntfy-sh` | | diff --git a/flake.lock b/flake.lock index 9fcf010..7954c3c 100644 --- a/flake.lock +++ b/flake.lock @@ -1,34 +1,28 @@ { "nodes": { - "blog-pim": { + "blog": { "inputs": { - "flutils": [ - "flake-utils" - ], - "nginx": "nginx", - "nixpkgs": [ - "nixpkgs" - ] + "flutils": "flutils", + "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1715503080, - "narHash": "sha256-/VnzHTpTq3u0z2Vgu/vKU0SHwOUIu8olHDORWT0IofM=", + "lastModified": 1735508994, + "narHash": "sha256-SMMX3irZ4Y+0QEAq0mOYEnJIYRe3YnXHrkCSRvdxHxU=", "ref": "refs/heads/master", - "rev": "7296f7f5bf5f089a5137036dcbd8058cf3e4a9e5", - "revCount": 21, + "rev": "433c1ef4b5874e2c4782be7322604d17182035ab", + "revCount": 23, "type": "git", - "url": "https://git.kun.is/home/blog-pim" + "url": "https://git.kun.is/pim/blog" }, "original": { - "rev": "7296f7f5bf5f089a5137036dcbd8058cf3e4a9e5", "type": "git", - "url": "https://git.kun.is/home/blog-pim" + "url": "https://git.kun.is/pim/blog" } }, "deploy-rs": { "inputs": { "flake-compat": "flake-compat_4", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "utils": "utils" }, "locked": { @@ -281,7 +275,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1731533236, @@ -299,7 +293,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1710146030, @@ -316,7 +310,7 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1710146030, @@ -349,7 +343,7 @@ }, "flake-utils_6": { "inputs": { - "systems": "systems_7" + "systems": "systems_8" }, "locked": { "lastModified": 1726560853, @@ -365,6 +359,24 @@ "type": "github" } }, + "flutils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "git-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -504,7 +516,7 @@ "nixpkgs": [ "nixpkgs" ], - "systems": "systems_2", + "systems": "systems_3", "treefmt": "treefmt" }, "locked": { @@ -528,7 +540,7 @@ "servers", "nixpkgs-unstable" ], - "systems": "systems_8", + "systems": "systems_9", "treefmt": "treefmt_2" }, "locked": { @@ -548,11 +560,11 @@ "nginx": { "flake": false, "locked": { - "lastModified": 1713277799, - "narHash": "sha256-VNDzQvUGeh54F3s6SIq6lBrp4RatURzJoJqVorexttA=", + "lastModified": 1735301654, + "narHash": "sha256-PHcSyHYyPUwPAls0BgtnGu2e936vhxW2nt7bQxDyGAQ=", "owner": "nginx", "repo": "nginx", - "rev": "d8a849ae3c99ee5ca82c9a06074761e937dac6d6", + "rev": "e3a9b6ad08a86e799a3d77da3f2fc507d3c9699e", "type": "github" }, "original": { @@ -745,16 +757,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726871744, - "narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=", + "lastModified": 1714076141, + "narHash": "sha256-Drmja/f5MRHZCskS6mvzFqxEaZMeciScCTFxWVLqWEY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2", + "rev": "7bb2ccd8cdc44c91edba16c48d2c8f331fb3d856", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixpkgs-unstable", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -856,6 +868,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1726871744, + "narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1733581040, "narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=", @@ -871,7 +899,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1702272962, "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", @@ -887,7 +915,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1726871744, "narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=", @@ -903,7 +931,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1733097829, "narHash": "sha256-9hbb1rqGelllb4kVUCZ307G2k3/UhmA8PPGBoyuWaSw=", @@ -927,7 +955,7 @@ "nixhelm", "nixpkgs" ], - "systems": "systems_5", + "systems": "systems_6", "treefmt-nix": "treefmt-nix" }, "locked": { @@ -946,15 +974,16 @@ }, "root": { "inputs": { - "blog-pim": "blog-pim", + "blog": "blog", "dns": "dns", "flake-utils": "flake-utils_2", "git-hooks": "git-hooks", "kubenix": "kubenix", + "nginx": "nginx", "nix-snapshotter": "nix-snapshotter", "nixhelm": "nixhelm", "nixng": "nixng", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nixpkgs-bazarr": "nixpkgs-bazarr", "nixpkgs-jellyseerr": "nixpkgs-jellyseerr", "servers": "servers", @@ -1041,8 +1070,9 @@ "type": "github" }, "original": { - "id": "systems", - "type": "indirect" + "owner": "nix-systems", + "repo": "default", + "type": "github" } }, "systems_3": { @@ -1055,9 +1085,8 @@ "type": "github" }, "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" + "id": "systems", + "type": "indirect" } }, "systems_4": { @@ -1085,8 +1114,9 @@ "type": "github" }, "original": { - "id": "systems", - "type": "indirect" + "owner": "nix-systems", + "repo": "default", + "type": "github" } }, "systems_6": { @@ -1099,9 +1129,8 @@ "type": "github" }, "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" + "id": "systems", + "type": "indirect" } }, "systems_7": { @@ -1120,6 +1149,21 @@ } }, "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_9": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1178,7 +1222,7 @@ }, "treefmt-nix_2": { "inputs": { - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1727984844, @@ -1196,7 +1240,7 @@ }, "treefmt-nix_3": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1730025913, @@ -1214,7 +1258,7 @@ }, "treefmt-nix_4": { "inputs": { - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1733662930, @@ -1254,7 +1298,7 @@ }, "utils": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1701680307, diff --git a/flake.nix b/flake.nix index 453d3a9..6f68832 100644 --- a/flake.nix +++ b/flake.nix @@ -18,12 +18,13 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - blog-pim = { - # HACK: pinning this to a specific revision, as my automation is broken. - url = "git+https://git.kun.is/home/blog-pim?rev=7296f7f5bf5f089a5137036dcbd8058cf3e4a9e5"; + blog = { + url = "git+https://git.kun.is/pim/blog"; + inputs = { - nixpkgs.follows = "nixpkgs"; - flutils.follows = "flake-utils"; + # nixpkgs.follows = "nixpkgs"; + # flutils.follows = "flake-utils"; + # nixng.follows = "nixng"; }; }; @@ -51,6 +52,11 @@ url = "github:pdtpartners/nix-snapshotter"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nginx = { + url = "github:nginx/nginx"; + flake = false; + }; }; outputs = inputs @ {flake-utils, ...}: diff --git a/kubenix.nix b/kubenix.nix index 417d5a7..64806b8 100644 --- a/kubenix.nix +++ b/kubenix.nix @@ -17,7 +17,7 @@ flake-utils.lib.eachDefaultSystem (kubenix.evalModules.${system} { specialArgs = { inherit namespace system self; - inherit (inputs) nixhelm blog-pim dns nixpkgs nixng; + inherit (inputs) nixhelm blog dns nixpkgs; inherit (self) globals; utils = import ./utils.nix { diff --git a/modules/blog.nix b/modules/blog.nix index a6c1ed7..37d803d 100644 --- a/modules/blog.nix +++ b/modules/blog.nix @@ -1,5 +1,5 @@ { - blog-pim, + utils, lib, config, ... @@ -17,7 +17,7 @@ spec = { containers.blog = { - image = "git.kun.is/home/blog-pim:${blog-pim.rev}"; + image = utils.mkNixNGImage "blog"; ports.web.containerPort = 80; }; }; diff --git a/nixng-configurations/blog.nix b/nixng-configurations/blog.nix new file mode 100644 index 0000000..ce38f44 --- /dev/null +++ b/nixng-configurations/blog.nix @@ -0,0 +1,44 @@ +{ + blog, + nginx, + system, + config, + lib, + pkgs, + ... +}: let + nginxPort = "80"; + nginxConf = pkgs.writeText "nginx.conf" '' + user nginx nginx; + daemon off; + error_log /dev/stderr; + pid /httpd.pid; + events {} + http { + access_log /dev/stdout; + include ${nginx.outPath}/conf/mime.types; + + server { + listen ${nginxPort}; + index index.html; + location / { + root ${blog.packages.${system}.static-website}; + } + } + } + ''; +in { + dinit.enable = true; + + init.services.nginx = { + shutdownOnExit = true; + script = lib.mkForce (pkgs.writeShellScript "nginx-run" '' + HOME=~nginx ${config.services.nginx.package}/bin/nginx -c ${nginxConf} + ''); + }; + + services.nginx = { + enable = true; + configuration = []; + }; +} diff --git a/nixng-configurations/default.nix b/nixng-configurations/default.nix index cb1e3c5..a97a5db 100644 --- a/nixng-configurations/default.nix +++ b/nixng-configurations/default.nix @@ -2,6 +2,8 @@ self, flake-utils, nixng, + nginx, + blog, nixpkgs, nixpkgs-jellyseerr, nixpkgs-bazarr, @@ -18,6 +20,7 @@ flake-utils.lib.eachDefaultSystem (system: let sonarr = ./sonarr.nix; bazarr = ./bazarr.nix; prowlarr = ./prowlarr.nix; + blog = ./blog.nix; }; in { nixngConfigurations = builtins.mapAttrs (name: configFile: @@ -27,6 +30,7 @@ in { config = import configFile; specialArgs = { + inherit nginx blog; inherit (self) globals; };