From dba711f4a52b28bd905ace465d6398aadd88adec Mon Sep 17 00:00:00 2001 From: clerie Date: Mon, 29 Jul 2024 18:43:07 +0200 Subject: [PATCH 1/2] hosts/web-2: Add nurausstieg.clerie.de --- flake.lock | 21 ++++++++++++++++++ flake.nix | 4 ++++ flake/overlay.nix | 3 +++ hosts/web-2/configuration.nix | 1 + hosts/web-2/nurausstieg.nix | 41 +++++++++++++++++++++++++++++++++++ 5 files changed, 70 insertions(+) create mode 100644 hosts/web-2/nurausstieg.nix diff --git a/flake.lock b/flake.lock index f11a738..48818fe 100644 --- a/flake.lock +++ b/flake.lock @@ -302,6 +302,26 @@ "type": "github" } }, + "nurausstieg": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1722174167, + "narHash": "sha256-u9ef1BNaXHEnuQEFgqqBLEVZqd5T/sqRBysN71gFOKg=", + "ref": "refs/heads/main", + "rev": "7f2e0febf3a430e4ba4f6cf1cf1c5ca10c5dd04d", + "revCount": 20, + "type": "git", + "url": "https://git.clerie.de/clerie/nurausstieg.git" + }, + "original": { + "type": "git", + "url": "https://git.clerie.de/clerie/nurausstieg.git" + } + }, "root": { "inputs": { "berlinerbaeder-exporter": "berlinerbaeder-exporter", @@ -313,6 +333,7 @@ "nixos-exporter": "nixos-exporter", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", + "nurausstieg": "nurausstieg", "solid-xmpp-alarm": "solid-xmpp-alarm", "sops-nix": "sops-nix", "ssh-to-age": "ssh-to-age" diff --git a/flake.nix b/flake.nix index af9092e..d15cd4d 100644 --- a/flake.nix +++ b/flake.nix @@ -27,6 +27,10 @@ url = "git+https://git.clerie.de/clerie/nixos-exporter.git"; inputs.nixpkgs.follows = "nixpkgs"; }; + nurausstieg = { + url = "git+https://git.clerie.de/clerie/nurausstieg.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; solid-xmpp-alarm = { url = "git+https://git.clerie.de/clerie/solid-xmpp-alarm.git"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/flake/overlay.nix b/flake/overlay.nix index 31191a3..b1bd7e3 100644 --- a/flake/overlay.nix +++ b/flake/overlay.nix @@ -3,6 +3,7 @@ , bij , chaosevents , harmonia +, nurausstieg , ssh-to-age , ... }@inputs: @@ -16,6 +17,8 @@ final: prev: { harmonia = harmonia.packages.${final.system}.harmonia.override { nixForHarmonia = final.nixVersions.nix_2_21; }; + inherit (nurausstieg.packages.${final.system}) + nurausstieg; inherit (ssh-to-age.packages.${final.system}) ssh-to-age; } diff --git a/hosts/web-2/configuration.nix b/hosts/web-2/configuration.nix index 283c5be..f7567e8 100644 --- a/hosts/web-2/configuration.nix +++ b/hosts/web-2/configuration.nix @@ -20,6 +20,7 @@ ./mitel-ommclient2.nix ./nix-install.nix ./nogo2024.nix + ./nurausstieg.nix ./ping.nix ./public.nix ./radicale.nix diff --git a/hosts/web-2/nurausstieg.nix b/hosts/web-2/nurausstieg.nix new file mode 100644 index 0000000..a3d4a2f --- /dev/null +++ b/hosts/web-2/nurausstieg.nix @@ -0,0 +1,41 @@ +{ pkgs, ... }: + +{ + + systemd.tmpfiles.rules = [ + "d /var/cache/nginx/nurausstieg - nginx nginx - -" + ]; + + services.nginx = { + commonHttpConfig = '' + proxy_cache_path /var/cache/nginx/nurausstieg levels=1:2 use_temp_path=off keys_zone=nurausstieg:1m max_size=10m; + ''; + + virtualHosts."nurausstieg.clerie.de" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://[::1]:44384"; + extraConfig = '' + proxy_cache nurausstieg; + # Ignore upstream cache hints + proxy_ignore_headers Cache-Control; + # Force cache 200 and 500 responses for one minute + proxy_cache_valid 200 500 1m; + # Only do a single fetch for missing entries and let other sessions wait + proxy_cache_lock on; + ''; + }; + }; + }; + + systemd.services.nurausstieg = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + DynamicUser = true; + }; + path = with pkgs; [ nurausstieg ]; + script = "nurausstieg --listen [::1]:44384"; + }; + +} From 693b92f68f2133a1a184e6d0652ac9d50b7f6809 Mon Sep 17 00:00:00 2001 From: Flake Update Bot Date: Tue, 30 Jul 2024 03:03:03 +0200 Subject: [PATCH 2/2] Update nixpkgs 2024-07-30-01-03 --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 48818fe..d40d1c2 100644 --- a/flake.lock +++ b/flake.lock @@ -288,11 +288,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1720957393, - "narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", + "lastModified": 1722062969, + "narHash": "sha256-QOS0ykELUmPbrrUGmegAUlpmUFznDQeR4q7rFhl8eQg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", + "rev": "b73c2221a46c13557b1b3be9c2070cc42cf01eb3", "type": "github" }, "original": {