www: deploy blog

2023-01-08 11:58:34 +00:00 · 2023-01-08 11:58:34 +00:00 · 39291a65f3
commit 39291a65f3
parent bbfbc843b5
3 changed files with 57 additions and 2 deletions
--- a/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
+++ b/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
@ -10,7 +10,7 @@
    ../../modules/common/default.nix
    ../../modules/matrix/default.nix
    ../../modules/resilio/default.nix
-    ../../modules/reverse-proxy/global.nix
+    ../../modules/www/global.nix
    ./hardware-configuration.nix
  ];

--- a/modules/reverse-proxy/global.nix
+++ b/modules/reverse-proxy/global.nix
@ -1,6 +1,10 @@
 { pkgs, lib, config, ... }:

 {
+  imports = [
+    ./www-repo.nix
+  ];
+
  networking.firewall = {
    allowedTCPPorts = [ 80 443 ];
    allowedUDPPorts = [ 443 ];
@ -10,7 +14,18 @@
    enable = true;

    virtualHosts."hillion.co.uk".extraConfig = ''
-      respond /.well-known/matrix/server "{\"m.server\": \"matrix.hillion.co.uk:443\"}" 200
+      handle /.well-known/* {
+        respond /.well-known/matrix/server "{\"m.server\": \"matrix.hillion.co.uk:443\"}" 200
+        respond 404
+      }
+
+      handle {
+        redir https://blog.hillion.co.uk{uri}
+      }
+    '';
+    virtualHosts."blog.hillion.co.uk".extraConfig = ''
+      root * /var/www/blog.hillion.co.uk
+      file_server
    '';
    virtualHosts."ts.hillion.co.uk".extraConfig = ''
      reverse_proxy http://10.48.62.14:8080
--- a/modules/www/www-repo.nix
+++ b/modules/www/www-repo.nix
@ -0,0 +1,40 @@
+{ pkgs, lib, config, ... }:
+
+{
+  config.systemd.tmpfiles.rules = [
+    "d /var/www 0755 ${config.services.caddy.user} ${config.services.caddy.group} - -"
+  ];
+
+  config.systemd.timers.clone-www-repo = {
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnBootSec = "5m";
+      OnUnitInactiveSec = "60m";
+      Unit = "clone-www-repo.service";
+    };
+  };
+
+  config.systemd.services.clone-www-repo = {
+    description = "Clone and pull the www repo";
+
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+
+    serviceConfig = {
+      Type = "oneshot";
+      User = "${config.services.caddy.user}";
+      Group = "${config.services.caddy.group}";
+    };
+
+    script = with pkgs; ''
+      if [ ! -d "/var/www/.git" ] ; then
+          ${git}/bin/git clone https://gitea.hillion.co.uk/JakeHillion/www.git /var/www
+      else
+          cd /var/www
+          ${git}/bin/git fetch
+          ${git}/bin/git reset --hard origin/main
+      fi
+    '';
+  };
+}
+