Skip to content

Commit

Permalink
services/sicp-staging: init
Browse files Browse the repository at this point in the history
  • Loading branch information
linyinfeng committed Sep 21, 2024
1 parent 314ecac commit 0cfe063
Show file tree
Hide file tree
Showing 6 changed files with 100 additions and 3 deletions.
4 changes: 4 additions & 0 deletions lib/data/data.json
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,10 @@
"on": "shg0",
"proxy": false
},
"sicp-staging": {
"on": "mtl0",
"proxy": true
},
"smtp": {
"on": "fsn0",
"proxy": false
Expand Down
1 change: 1 addition & 0 deletions nixos/hosts/mtl0/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ in
services.telegraf-http
services.prebuilt-zip
services.hledger-web
services.sicp-staging
i18n.input-method
virtualization.podman
users.yinfeng
Expand Down
83 changes: 83 additions & 0 deletions nixos/profiles/services/sicp-staging/default.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
{
config,
pkgs,
lib,
...
}:
let
njuGitUser = "yinfeng";
ojRepoName = "online-judge";
podmanCompose = lib.escapeShellArgs [
"podman-compose"
"--podman-build-args"
"--network host --build-arg=VERSION=staging --build-arg=HOST=https://sicp-staging.li7g.com --build-arg=BASE=/2024/oj/web/"
];
in
{
systemd.services.sicp-staging = {
preStart = ''
export TMPDIR="$PWD/tmp"
mkdir -p "$TMPDIR"
token=$(cat "$CREDENTIALS_DIRECTORY/token")
# setup repository
if [ ! -d "${ojRepoName}" ]; then
git clone "https://${njuGitUser}:[email protected]/nju-sicp/online-judge.git" "${ojRepoName}"
fi
pushd "${ojRepoName}"
git remote set-url origin "https://${njuGitUser}:[email protected]/nju-sicp/online-judge.git"
# update repository
git fetch origin
git reset --hard origin/master
sed -i 's^https://sicp.pascal-lab.net/2024/oj/api^https://sicp-staging.li7g.com/2024/oj/api^g' packages/web/src/config.ts
# build image
pushd utils/docker
${podmanCompose} \
--profile all \
--env-file vars/x86_64.env \
build
popd
popd # from oj repository
'';
script = ''
pushd "${ojRepoName}"
pushd utils/docker
${podmanCompose} \
--profile all \
--env-file vars/x86_64.env \
up
'';
path = with pkgs; [
git
podman
podman-compose
];
serviceConfig = {
TimeoutStartSec = "5min";
StateDirectory = "sicp-staging";
WorkingDirectory = "/var/lib/sicp-staging";
LoadCredential = [
"token:${config.sops.secrets."nju-git/read-token".path}"
];
};
requires = [ "podman.socket" ];
after = [ "podman.socket" ];
wantedBy = [ "multi-user.target" ];
};

services.nginx.virtualHosts."sicp-staging.*" = {
forceSSL = true;
inherit (config.security.acme.tfCerts."li7g_com".nginxSettings) sslCertificate sslCertificateKey;
locations."/2024/oj/web/".proxyPass = "http://127.0.0.1:8080";
locations."/2024/oj/api/".proxyPass = "http://127.0.0.1:3000";
};

sops.secrets."nju-git/read-token" = {
sopsFile = config.sops-file.host;
restartUnits = [ "sicp-staging-build.service" ];
};
}
6 changes: 6 additions & 0 deletions nixos/profiles/services/telegraf-http/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,12 @@ let
code = 302;
}
];
sicp-staging = [
{
url = "https://sicp-staging.li7g.com/2024/oj/web/";
code = 200;
}
];
};
mkServiceCfg =
name: cnameMapping:
Expand Down
8 changes: 5 additions & 3 deletions secrets/hosts/mtl0.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ telegram-bot:
commit-notifier: ENC[AES256_GCM,data:kOJ8AbeFZN6meADJtDYs/XJqyjvVhHGGLyush9gRGnA0wLxPMbSvsIVRMnS6YA==,iv:l0pTTiKtgvsGT1dHYSpYuoXcAYXeH5MXgvQiMQUH4/o=,tag:RjGjQENensD1v3SToM9jyg==,type:str]
hledger:
repo-token: ENC[AES256_GCM,data:O7hG//HYSDZqgELMDALFK1Uaj38sqfR5m4WTKTUQIdPOOvpMfsxZ6LbGT9LxJkWuIl4qbxD2JLkT00m3UEFcoWjZIWbODT00jzAuX6+l4lXWwh8hNuvYgJipqYqF,iv:rzQBQBWE1WxOodjdcU/G9sV/XAoVxEBo/F7Il9s5dqE=,tag:spMO2sQhbcecEcfTaEh7cA==,type:str]
nju-git:
read-token: ENC[AES256_GCM,data:lZUbQt8Dn5gtxxmNuJ070uttOwURT0l+Dfg=,iv:tg7kB1Ry3A7/j0E8yhFiX40eO2YNUFKKZlzZ1AcyVLY=,tag:duA+bL94W6TWsl2rfCRfCg==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -29,8 +31,8 @@ sops:
NVVEZ0dhOUpYT3BKcVFlUWI1Mklpa2MKAzwQw2ba9N2VUXGF3N59FO4madR42orJ
lvOGOtdy/0nLA8OFVkHXyuXshtysUlakyizWFjmiZjJTVkImxwn7Vg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-18T06:05:33Z"
mac: ENC[AES256_GCM,data:3QCFer4spHMuELLkwaxBItNUXXlL7AxbMeinjjy3wKD245YCHh/3BKj7aeirQgHLBy+dcZI2z21cdg72YzTrQrOc9VlUmNu3eCezz1DChzqzpbb3Ke7EMvgP7q3Kn/RBvh3FIOkEDM1BytjVvYxzOuRS9S7aDmvEDWG09+QOAyg=,iv:ffIQVZrmyGGEmDbwhFuLoyPAEBSiWa/hGwWnVKVy8uY=,tag:x9pDIHjjHDGUyys7b2N0mw==,type:str]
lastmodified: "2024-09-21T08:43:17Z"
mac: ENC[AES256_GCM,data:Oh87LzAO1WQR+Voe2ecMmrMHlRp3OlmZeMZtvE3PLB6smtoPwbhlfOZ8Em2Iba1XnwBoZU2gXhh3m36FF+euYgZzMuVDuKtQJweT+Vost4D3iAtCkPQig3+S2DQGngwbjyAOKg+6aQc3Zw1likjgMdPUQMxSkwKX6+PgaqEmR38=,iv:qZSUlas7DqGdCuaY31TMxliE9u6f5h2dmOYt9dVYfGw=,tag:7URjIwmzNchD37omBSBUWA==,type:str]
pgp:
- created_at: "2022-07-08T07:03:14Z"
enc: |-
Expand All @@ -44,4 +46,4 @@ sops:
-----END PGP MESSAGE-----
fp: 7D2F4C6B9A8300CCDDB641FDDF14B55A7A29C30F
unencrypted_suffix: _unencrypted
version: 3.8.1
version: 3.9.0
1 change: 1 addition & 0 deletions terraform/cloudflare.tf
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,7 @@ locals {
minio-console = { on = "mtl0", proxy = true }
static = { on = "mtl0", proxy = true }
http-test = { on = "mtl0", proxy = true }
sicp-staging = { on = "mtl0", proxy = true }
minio = { on = "mtl0", proxy = false }
prebuilt-zip = { on = "mtl0", proxy = false }
"shanghai.derp" = { on = "shg0", proxy = false }
Expand Down

0 comments on commit 0cfe063

Please sign in to comment.