From 7ba4a8992cde42d655be090c548b8270f4cec074 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?=
 <tristan.maat@codethink.co.uk>
Date: Thu, 13 May 2021 21:12:11 +0100
Subject: [PATCH 1/2] Add hydra

---
 configuration/default.nix        |  2 ++
 configuration/services/hydra.nix | 11 +++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 configuration/services/hydra.nix

diff --git a/configuration/default.nix b/configuration/default.nix
index f6ff072..bbc0205 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -3,6 +3,7 @@
 {
   imports = [
     ./services/gitea.nix
+    ./services/hydra.nix
     ./services/minecraft.nix
     ./services/nextcloud.nix
     ./services/webserver.nix
@@ -66,6 +67,7 @@
       "tlater.net" = host 3002 { serverAliases = [ "www.tlater.net" ]; };
       "gitea.tlater.net" = host 3000 { };
       "nextcloud.tlater.net" = host 3001 { };
+      "hydra.tlater.net" = host config.services.hydra.port { };
     };
   };
 
diff --git a/configuration/services/hydra.nix b/configuration/services/hydra.nix
new file mode 100644
index 0000000..3b7c136
--- /dev/null
+++ b/configuration/services/hydra.nix
@@ -0,0 +1,11 @@
+{ ... }:
+
+{
+  services.hydra = {
+    enable = true;
+    port = 3003;
+
+    hydraURL = "hydra.tlater.net";
+    notificationSender = "hydra@tlater.net";
+  };
+}

From 4c05f0767f6db8df52b124683d10d228dcfa0852 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?=
 <tristan.maat@codethink.co.uk>
Date: Fri, 14 May 2021 12:21:20 +0100
Subject: [PATCH 2/2] nginx: Don't look up localhost via DNS

This results in occasional failure to resolve proxies because it turns
into [::1] for IPv6 reasons.

We hard-code the IPv4 address since the containers don't currently
support IPv6.
---
 configuration/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configuration/default.nix b/configuration/default.nix
index bbc0205..73ae1a3 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -61,7 +61,7 @@
         {
           forceSSL = true;
           enableACME = true;
-          locations."/" = { proxyPass = "http://localhost:${toString port}"; };
+          locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
         } // extra;
     in {
       "tlater.net" = host 3002 { serverAliases = [ "www.tlater.net" ]; };