WIP: Add hydra

webserver: Use SIGKILL instead of SIGTERM
This is necessary because rocket 0.4 does not support SIGTERM.
2021-05-17 00:15:07 +01:00 · 2021-05-17 00:14:00 +01:00
4 changed files with 32 additions and 2 deletions
--- a/configuration/default.nix
+++ b/configuration/default.nix
@ -3,6 +3,7 @@
 {
  imports = [
    ./services/gitea.nix
+    ./services/hydra.nix
    ./services/minecraft.nix
    ./services/nextcloud.nix
    ./services/webserver.nix
@ -68,6 +69,7 @@
      "${domain}" = host 3002 { serverAliases = [ "www.${domain}" ]; };
      "gitea.${domain}" = host 3000 { };
      "nextcloud.${domain}" = host 3001 { };
+      "hydra.${domain}" = host config.services.hydra.port { };
    };
  };

--- a/configuration/services/hydra.nix
+++ b/configuration/services/hydra.nix
@ -0,0 +1,16 @@
+{ ... }:
+
+{
+  services.hydra = {
+    enable = true;
+    port = 3003;
+
+    hydraURL = "hydra.tlater.net";
+    notificationSender = "hydra@tlater.net";
+    extraConfig = ''
+      <gitea_authorization>
+
+      </gitea_authorization>
+    '';
+  };
+}
--- a/configuration/services/webserver.nix
+++ b/configuration/services/webserver.nix
@ -36,7 +36,7 @@
    volumes = [ "tlaternet-mail:/srv/mail" ];
    extraOptions = [
      "--hostname=tlater.net"
-      # Rocket 0.4 doesn't support SIGTERM anyway, so SIGKILL is the cleanest exit possible.
+      # This can change with rocket 0.5.
      "--stop-signal=SIGKILL"
    ];
  };
--- a/flake.nix
+++ b/flake.nix
@ -68,7 +68,7 @@
            (import ./modules)

            (import ./configuration)
-            ({ lib, ... }: {
+            ({ config, lib, ... }: {
              users.users.tlater.password = "insecure";

              # Disable graphical tty so -curses works
@ -78,6 +78,18 @@
              # can easily test locally with the VM.
              services.nginx.domain = lib.mkOverride 99 "localhost";

+              # Hydra uses X-Forwarded-Port to figure out how to
+              # include links to static files, but because we redirect
+              # 443 -> 3443 in the vm we need to explicitly set this
+              # (nginx can't see qemu's port redirection).
+              services.nginx.virtualHosts =
+                let domain = config.services.nginx.domain;
+                in {
+                  "hydra.${domain}".locations."/".extraConfig = ''
+                    proxy_set_header X-Forwarded-Port 3443;
+                  '';
+                };
+
              # # Set up VM settings to match real VPS
              # virtualisation.memorySize = 3941;
              # virtualisation.cores = 2;
Author	SHA1	Message	Date
Tristan Daniël Maat	2a7f905bc2	WIP: Add hydra	2021-05-17 00:15:07 +01:00
Tristan Daniël Maat	a24c68d9db	webserver: Use SIGKILL instead of SIGTERM This is necessary because rocket 0.4 does not support SIGTERM.	2021-05-17 00:14:00 +01:00