From e5dbfd32b52e35aecf961b8b80a5f70e76c3cb83 Mon Sep 17 00:00:00 2001
From: Ben Sima <ben@bsima.me>
Date: Sun, 5 Apr 2020 15:53:37 -0700
Subject: Deploy que.run without nginx

I still have to reimplement the SSL stuff but in the Haskell code. That
seems kinda hard or at least requires research that I don't wanna do
right now.
---
 Run/Que/Prod.nix    | 39 ++++++++++++++++++++++++++++
 Run/Que/Server.nix  | 45 +++++++++++++++++++++++++++++++++
 Run/Que/service.nix | 73 -----------------------------------------------------
 3 files changed, 84 insertions(+), 73 deletions(-)
 create mode 100644 Run/Que/Prod.nix
 create mode 100644 Run/Que/Server.nix
 delete mode 100644 Run/Que/service.nix

(limited to 'Run')

diff --git a/Run/Que/Prod.nix b/Run/Que/Prod.nix
new file mode 100644
index 0000000..63e4be3
--- /dev/null
+++ b/Run/Que/Prod.nix
@@ -0,0 +1,39 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+  boot.loader.grub.device = "/dev/vda";
+  fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
+  services.que-server = {
+    enable = true;
+    port = 80;
+    package = pkgs.que-server;
+  };
+  networking = {
+    nameservers = [
+      "67.207.67.2"
+      "67.207.67.3"
+    ];
+    defaultGateway = "157.245.224.1";
+    defaultGateway6 = "2604:a880:2:d1::1";
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce true;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address="157.245.236.44"; prefixLength=20; }
+          { address="10.46.0.5"; prefixLength=16; }
+        ];
+        ipv6.addresses = [
+          { address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
+          { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
+        ];
+        ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
+        ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
+      };
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="7a:92:a5:c6:db:c3", NAME="eth0"
+  '';
+}
diff --git a/Run/Que/Server.nix b/Run/Que/Server.nix
new file mode 100644
index 0000000..272ea6e
--- /dev/null
+++ b/Run/Que/Server.nix
@@ -0,0 +1,45 @@
+{ options
+, lib
+, config
+, pkgs
+, modulesPath
+}:
+
+let
+  cfg = config.services.que-server;
+in
+{
+  options.services.que-server = {
+    enable = lib.mkEnableOption "Enable the que-server service";
+    port = lib.mkOption {
+      type = lib.types.int;
+      default = 3000;
+      description = ''
+        The port on which que-server will listen for
+        incoming HTTP traffic.
+      '';
+    };
+    package = lib.mkOption {
+      type = lib.types.package;
+      description = "que-server package to use";
+    };
+  };
+  config = lib.mkIf cfg.enable {
+    systemd.services.que-server = {
+      path = [ cfg.package ];
+      wantedBy = [ "multi-user.target" ];
+      script = ''
+        ${cfg.package}/bin/que-server -p ${toString cfg.port}
+      '';
+      description = ''
+        Que server
+      '';
+      serviceConfig = {
+        KillSignal = "INT";
+        Type = "simple";
+        Restart = "on-abort";
+        RestartSec = "1";
+      };
+    };
+  };
+}
diff --git a/Run/Que/service.nix b/Run/Que/service.nix
deleted file mode 100644
index aa68657..0000000
--- a/Run/Que/service.nix
+++ /dev/null
@@ -1,73 +0,0 @@
-{ options
-, lib
-, config
-, pkgs
-, modulesPath
-}:
-
-let
-  cfg = config.services.que-server;
-in
-{
-  options.services.que-server = {
-    enable = lib.mkEnableOption "Enable the que-server service";
-    domain = lib.mkOption {
-      type = lib.types.str;
-      default = "que.run";
-      description = ''
-        Domain on which to host que-server. This is passed to
-        services.nginx.virtualHosts.<name> directly.
-      '';
-    };
-    port = lib.mkOption {
-      type = lib.types.int;
-      default = 3000;
-      description = ''
-        The port on which que-server will listen for
-        incoming HTTP traffic.
-      '';
-    };
-    package = lib.mkOption {
-      type = lib.types.package;
-      description = "que-server package to use";
-    };
-  };
-  config = lib.mkIf cfg.enable {
-    systemd.services.que-server = {
-      path = [ cfg.package ];
-      wantedBy = [ "multi-user.target" ];
-      script = ''
-        ${cfg.package}/bin/que-server -p ${toString cfg.port}
-      '';
-      description = ''
-        Que server
-      '';
-      serviceConfig = {
-        KillSignal = "INT";
-        Type = "simple";
-        Restart = "on-abort";
-        RestartSec = "1";
-      };
-    };
-    services.nginx = {
-      recommendedGzipSettings = true;
-      recommendedOptimisation = true;
-      recommendedProxySettings = true;
-      recommendedTlsSettings = true;
-      virtualHosts = {
-        "${cfg.domain}" = {
-          forceSSL = true;
-          enableACME = true;
-          locations."/" = {
-            proxyPass = "http://localhost:${toString cfg.port}";
-            extraConfig = ''
-              proxy_set_header  X-Real-IP $realip_remote_addr;
-              proxy_set_header  X-Forwarded-Host $remote_addr;
-              proxy_pass_request_headers on;
-            '';
-          };
-        };
-      };
-    };
-  };
-}
-- 
cgit v1.2.3