diff --git a/flake.lock b/flake.lock index 22f39d0..d9a3b2e 100644 --- a/flake.lock +++ b/flake.lock @@ -753,7 +753,8 @@ "scan-to-gpg": "scan-to-gpg", "solid-xmpp-alarm": "solid-xmpp-alarm", "sops-nix": "sops-nix", - "ssh-to-age": "ssh-to-age" + "ssh-to-age": "ssh-to-age", + "traveldrafter": "traveldrafter" } }, "scan-to-gpg": { @@ -868,6 +869,26 @@ "type": "github" } }, + "traveldrafter": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1751817360, + "narHash": "sha256-HzOhsPvzCaFeiz8nPq5MkYnYHpUzVaU/P5sxG+Njt+8=", + "ref": "refs/heads/main", + "rev": "b6610d70f363ecf9704352b1ef39244a816bd34f", + "revCount": 22, + "type": "git", + "url": "https://git.clerie.de/clerie/traveldrafter.git" + }, + "original": { + "type": "git", + "url": "https://git.clerie.de/clerie/traveldrafter.git" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 1a6405f..e0af4c8 100644 --- a/flake.nix +++ b/flake.nix @@ -68,6 +68,10 @@ url = "github:Mic92/ssh-to-age"; inputs.nixpkgs.follows = "nixpkgs"; }; + traveldrafter = { + url = "git+https://git.clerie.de/clerie/traveldrafter.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = { self, nixpkgs, nixos-hardware, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ssh-to-age, ... }@inputs: let lib = import ./lib inputs; diff --git a/flake/inputs-overlay.nix b/flake/inputs-overlay.nix index 21fe057..df5e956 100644 --- a/flake/inputs-overlay.nix +++ b/flake/inputs-overlay.nix @@ -9,6 +9,7 @@ , rainbowrss , scan-to-gpg , ssh-to-age +, traveldrafter , ... }@inputs: final: prev: { @@ -32,4 +33,6 @@ final: prev: { scan-to-gpg; inherit (ssh-to-age.packages.${final.system}) ssh-to-age; + inherit (traveldrafter.packages.${final.system}) + traveldrafter; } diff --git a/hosts/web-2/configuration.nix b/hosts/web-2/configuration.nix index fd45575..0ea8cfc 100644 --- a/hosts/web-2/configuration.nix +++ b/hosts/web-2/configuration.nix @@ -24,6 +24,7 @@ ./public.nix ./radicale.nix ./reichartstrasse.nix + ./traveldrafter.nix ./uptimestatus.nix ./wetter.nix ]; diff --git a/hosts/web-2/secrets.json b/hosts/web-2/secrets.json index b9048bd..c21e43a 100644 --- a/hosts/web-2/secrets.json +++ b/hosts/web-2/secrets.json @@ -4,19 +4,16 @@ "clerie-backup-target-magenta": "ENC[AES256_GCM,data:zsPFXpnTWHL2b9/fZiW1fhpla8hTeZb1+O8oihnwDIAcC4Tgn8PrFDEYK7kuWYcdbIvL5XRJRR48erSACsntFA==,iv:lTlAyVl3ndgca4Mp9lSldXmhlP8ECPvE/CM7Zpzy9ao=,tag:LCNF1loABQpZ8Y5wfpXjkg==,type:str]", "wg-monitoring": "ENC[AES256_GCM,data:AfkytaHshFSyKkMdKVMdYaq3sKUC9dKYs5rKXN4Ouv5kjDGNXC18liEsRuc=,iv:4mMgsovdAJ++Myr+9GuhAaEBuzDBNZbGK6zfzoAEJ0E=,tag:/d0ZXNbpaMFyxyzov23kdQ==,type:str]", "radicale-htpasswd": "ENC[AES256_GCM,data:+FHsq5We/fc8gBNub/GV5Mfs2i0/7Qm9UPDhb3unEhak6XDAvMSUQb4eaX0wn7Yi3y/gFGmapd0eYilTjfoJnI9gVnvi,iv:lEV8kQh9RBL/xKcCLIRzUR6ADq4zoah1c8Z67Qrs3dQ=,tag:cw6jKYbZUXBD3Zio5CH+Hw==,type:str]", + "traveldrafter-htpasswd": "ENC[AES256_GCM,data:f29vVDofv2mJEyn/pMKWW8ZbVTKSofe1EEtcfuCaokdqAyxemcq/2hrXFw8cAGTV2hwVqlM2hzJcT32KBjO/wgUNfv4=,iv:5PdQ+bn/bXmfQstP5A/dLeDk7O0qTjoRTyr4D+AgiG0=,tag:gCBrSJ4cEnZHqePiUpPglA==,type:str]", "sops": { - "kms": null, - "gcp_kms": null, - "azure_kv": null, - "hc_vault": null, "age": [ { "recipient": "age1nn8dwl2avshdhwn66w92jvlvz2ugl5fdxc8dxz6lpru72hlq44uq5a88az", "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlU2tEMHIvRUFxa24wMVcy\nb2lheGR2ekl6S0wzWUd5cTMwTC9HdFN1eVc0CkRjRHdJVUw3ZCtZSTlUOHZCV2J6\nYkxqdnNmU05LTTNmNFZiTzBxZVdkOTgKLS0tIEZUZ0svL2NhcTZPdFZrYUhwQ05Q\nWnZXRWIvRXBOMWNDTzQ4RDNKa3IwSUkKj+vI9dEEUQYN9uT6H1FdexComfbe+iA9\nVzLF970ASzptGiNYtdN9GYdXY7JGHoOfmYy3fpjZGN3p2KqiYyi3UA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-05-10T13:32:34Z", - "mac": "ENC[AES256_GCM,data:lxfYT2TEO9KFx0x6DPRQ2mRy5Ft6syyyO1yV9my6GwvDxd1e7odXGRcFo3N1AFod8Y6z4+XaxqZ/GoqSp94Pk8aF4eEhyAFun/UUr8KhKGsnq6xnQA4p37oYccvTY4eohS5YHBr/+AMutddmQ7qiYtQhVViXAr6+dmOsV1Tfu+A=,iv:bC+z9SP2W048bR3aWIcPgRlfLB5n5ccst6OvH0NjYBk=,tag:qhoXUAl0nG4LYy6yXQP2/g==,type:str]", + "lastmodified": "2025-07-06T16:08:39Z", + "mac": "ENC[AES256_GCM,data:6EbMSJAKOMgXtlwaVtsmPgrZVgraReAfVJWjZvhe965eLhhP5aeyZqPlA6a93h2FsShVFYWFPI57tdHy9Ymo53oXolSt8Docr2w2FL4BTWHHhkXal9+6aJZAZ+XOPEOUYurFxPOX44l+LDkecSz0NMCgrScWtpphjlkj3yP5GTo=,iv:5w8RC9IAuyEuO0QSZ0FBwW2/qqV56HNG7hZIkEeGEYU=,tag:Zosv1OSMtznnKkSYStu+oA==,type:str]", "pgp": [ { "created_at": "2024-05-10T13:29:58Z", @@ -27,4 +24,4 @@ "unencrypted_suffix": "_unencrypted", "version": "3.8.1" } -} \ No newline at end of file +} diff --git a/hosts/web-2/traveldrafter.nix b/hosts/web-2/traveldrafter.nix new file mode 100644 index 0000000..f35a0d6 --- /dev/null +++ b/hosts/web-2/traveldrafter.nix @@ -0,0 +1,40 @@ +{ pkgs, lib, config, ... }: { + services.update-from-hydra.paths.traveldrafter = { + enable = true; + hydraUrl = "https://hydra.clerie.de"; + hydraProject = "clerie"; + hydraJobset = "traveldrafter"; + hydraJob = "packages.x86_64-linux.traveldrafter"; + nixStoreUri = "https://nix-cache.clerie.de"; + resultPath = "/srv/traveldrafter"; + }; + + sops.secrets.traveldrafter-htpasswd = { + owner = "nginx"; + group = "nginx"; + }; + + services.nginx.virtualHosts = { + "traveldrafter.clerie.de" = { + enableACME = true; + forceSSL = true; + root = "/srv/traveldrafter/lib/node_modules/traveldrafter/web/"; + basicAuthFile = config.sops.secrets.traveldrafter-htpasswd.path; + locations."/api" = { + proxyPass = "http://[::1]:3001"; + }; + }; + }; + + systemd.services."traveldrafter" = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + RuntimeDirectory = "traveldrafter"; + DynamicUser = true; + }; + environment = { + HTTP_PORT = "3001"; + }; + script = lib.getExe pkgs.traveldrafter; + }; +}