From 40002ac76ee2425f0faf72fb438702b10203670c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= <tm@tlater.net>
Date: Mon, 12 Apr 2021 01:44:10 +0100
Subject: [PATCH] Add webserver service

---
 configuration/default.nix            |   4 +-
 configuration/services/webserver.nix |  27 +++++++
 flake.lock                           | 112 ++++++++++++++++++++++++++-
 flake.nix                            |  31 +++++++-
 4 files changed, 170 insertions(+), 4 deletions(-)
 create mode 100644 configuration/services/webserver.nix

diff --git a/configuration/default.nix b/configuration/default.nix
index 3c9b0df..a00235b 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -1,7 +1,8 @@
 { config, pkgs, ... }:
 
 {
-  imports = [ ./services/gitea.nix ./services/nextcloud.nix ];
+  imports =
+    [ ./services/gitea.nix ./services/nextcloud.nix ./services/webserver.nix ];
 
   nix = {
     package = pkgs.nixFlakes;
@@ -53,6 +54,7 @@
           locations."/" = { proxyPass = "http://localhost:${toString port}"; };
         } // extra;
     in {
+      "tlater.net" = host 3002 { serverAliases = [ "www.tlater.net" ]; };
       "gitea.tlater.net" = host 3000 { };
       "nextcloud.tlater.net" = host 3001 { };
     };
diff --git a/configuration/services/webserver.nix b/configuration/services/webserver.nix
new file mode 100644
index 0000000..1a182e2
--- /dev/null
+++ b/configuration/services/webserver.nix
@@ -0,0 +1,27 @@
+{ config, pkgs, ... }:
+
+{
+  virtualisation.oci-containers.containers.webserver = {
+    image = "tlaternet/webserver";
+
+    imageFile = pkgs.dockerTools.buildImage {
+      name = "tlaternet/webserver";
+      tag = "latest";
+      contents = pkgs.tlaternet-webserver.webserver;
+
+      config = {
+        Cmd = [ "tlaternet-webserver" ];
+        Volumes = { "/srv/mail" = { }; };
+        Env = [
+          "ROCKET_PORT=80"
+          "ROCKET_TEMPLATE_DIR=${pkgs.tlaternet-templates.templates}/browser/"
+        ];
+        ExposedPorts = { "80" = { }; };
+      };
+    };
+
+    ports = [ "3002:80" ];
+    volumes = [ "tlaternet-mail:/srv/mail" ];
+    extraOptions = [ "--hostname=tlater.net" ];
+  };
+}
diff --git a/flake.lock b/flake.lock
index a6faf09..939bc49 100644
--- a/flake.lock
+++ b/flake.lock
@@ -15,6 +15,26 @@
         "type": "github"
       }
     },
+    "naersk": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1614785451,
+        "narHash": "sha256-TPw8kQvr2UNCuvndtY+EjyXp6Q5GEW2l9UafXXh1XmI=",
+        "owner": "nmattia",
+        "repo": "naersk",
+        "rev": "e0fe990b478a66178a58c69cf53daec0478ca6f9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nmattia",
+        "repo": "naersk",
+        "type": "github"
+      }
+    },
     "nixos-hardware": {
       "locked": {
         "lastModified": 1617690895,
@@ -47,11 +67,101 @@
         "type": "github"
       }
     },
+    "nixpkgs-unstable": {
+      "locked": {
+        "lastModified": 1617899217,
+        "narHash": "sha256-gd5JHH7IkeoIQ/oiGZSqDpGdGt7DMRJTQ8JiD8+hdOQ=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "9e377a6ce42dccd9b624ae4ce8f978dc892ba0e2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
         "flake-utils": "flake-utils",
         "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs",
+        "tlaternet-templates": "tlaternet-templates",
+        "tlaternet-webserver": "tlaternet-webserver"
+      }
+    },
+    "rust-overlay": {
+      "inputs": {
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1617071065,
+        "narHash": "sha256-9JXhxwlc/ZJaO4aZ3cUwQwlK7ZRamjV+BvOTvdXrggs=",
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "rev": "38766381042021f547a168ebb3f10305dc6fde08",
+        "type": "github"
+      },
+      "original": {
+        "owner": "oxalica",
+        "repo": "rust-overlay",
+        "type": "github"
+      }
+    },
+    "tlaternet-templates": {
+      "inputs": {
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-unstable": "nixpkgs-unstable"
+      },
+      "locked": {
+        "lastModified": 1618117315,
+        "narHash": "sha256-RSqbWv20zNDhCx1VARxEjrYH1pNv+H2pY8dQ29tdNjA=",
+        "ref": "master",
+        "rev": "6da1d644ac02143172d20e0d3e9fcd7a0c8720ef",
+        "revCount": 60,
+        "type": "git",
+        "url": "https://gitea.tlater.net/tlaternet/tlaternet-templates.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://gitea.tlater.net/tlaternet/tlaternet-templates.git"
+      }
+    },
+    "tlaternet-webserver": {
+      "inputs": {
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "naersk": "naersk",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "rust-overlay": "rust-overlay"
+      },
+      "locked": {
+        "lastModified": 1617992257,
+        "narHash": "sha256-TfcLtS/1Niv21NN5e9VGUbK0fpoOvgmx1caO4LBcTas=",
+        "ref": "master",
+        "rev": "ff25f151d3c170c7290b83be5cbdb1fd84261997",
+        "revCount": 14,
+        "type": "git",
+        "url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
       }
     }
   },
diff --git a/flake.nix b/flake.nix
index a9bba2f..5fad4b8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,15 +5,41 @@
     nixpkgs.url = "github:nixos/nixpkgs/nixos-20.09";
     nixos-hardware.url = "github:nixos/nixos-hardware/master";
     flake-utils.url = "github:numtide/flake-utils";
+    tlaternet-webserver = {
+      url = "git+https://gitea.tlater.net/tlaternet/tlaternet.git";
+      inputs = {
+        flake-utils.follows = "flake-utils";
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
+    tlaternet-templates = {
+      url = "git+https://gitea.tlater.net/tlaternet/tlaternet-templates.git";
+      inputs = {
+        flake-utils.follows = "flake-utils";
+        nixpkgs.follows = "nixpkgs";
+      };
+    };
   };
 
-  outputs = { nixpkgs, nixos-hardware, flake-utils, ... }@inputs:
-    {
+  outputs = { nixpkgs, nixos-hardware, flake-utils, tlaternet-webserver
+    , tlaternet-templates, ... }@inputs:
+    let
+      overlays = [
+        (final: prev: {
+          tlaternet-webserver =
+            tlaternet-webserver.legacyPackages.${prev.system}.packages;
+          tlaternet-templates =
+            tlaternet-templates.legacyPackages.${prev.system}.packages;
+        })
+      ];
+
+    in {
       nixosConfigurations = {
         tlaternet = nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
 
           modules = [
+            ({ ... }: { nixpkgs.overlays = overlays; })
             (import ./modules)
 
             (import ./configuration)
@@ -27,6 +53,7 @@
           system = "x86_64-linux";
 
           modules = [
+            ({ ... }: { nixpkgs.overlays = overlays; })
             (import ./modules)
 
             (import ./configuration)