From 785a17059d2997a63588c5d4ebe65b20023e2de8 Mon Sep 17 00:00:00 2001
From: Jake Hillion <jake@hillion.co.uk>
Date: Fri, 8 Dec 2023 21:18:21 +0000
Subject: [PATCH] drone.server: modularise

---
 .../default.nix                               |  2 +-
 modules/default.nix                           |  1 +
 modules/drone/default.nix                     |  7 +++
 modules/drone/server.nix                      | 54 ++++++++++++-------
 modules/locations.nix                         |  5 ++
 modules/www/global.nix                        |  2 +-
 6 files changed, 51 insertions(+), 20 deletions(-)
 create mode 100644 modules/drone/default.nix

diff --git a/hosts/vm.strangervm.ts.hillion.co.uk/default.nix b/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
index 0ec1940..834ff38 100644
--- a/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
+++ b/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
@@ -3,7 +3,6 @@
 {
   imports = [
     ../../modules/common/default.nix
-    ../../modules/drone/server.nix
     ./hardware-configuration.nix
   ];
 
@@ -21,6 +20,7 @@
     ## Custom Services
     custom = {
       locations.autoServe = true;
+      drone.server.path = "/data/drone";
     };
 
     ## Networking
diff --git a/modules/default.nix b/modules/default.nix
index 4a3c84e..9677f11 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -6,6 +6,7 @@
     ./chia.nix
     ./common/hostinfo.nix
     ./desktop/awesome/default.nix
+    ./drone/default.nix
     ./impermanence.nix
     ./locations.nix
     ./resilio.nix
diff --git a/modules/drone/default.nix b/modules/drone/default.nix
new file mode 100644
index 0000000..2665c59
--- /dev/null
+++ b/modules/drone/default.nix
@@ -0,0 +1,7 @@
+{ ... }:
+
+{
+  imports = [
+    ./server.nix
+  ];
+}
diff --git a/modules/drone/server.nix b/modules/drone/server.nix
index d45b310..c387233 100644
--- a/modules/drone/server.nix
+++ b/modules/drone/server.nix
@@ -1,25 +1,43 @@
 { config, pkgs, lib, ... }:
 
+let
+  cfg = config.custom.drone.server;
+in
 {
-  config.age.secrets."drone/gitea_client_secret".file = ../../secrets/drone/gitea_client_secret.age;
-  config.age.secrets."drone/rpc_secret".file = ../../secrets/drone/rpc_secret.age;
+  options.custom.drone.server = {
+    enable = lib.mkEnableOption "drone server";
 
-  config.virtualisation.oci-containers.containers."drone" = {
-    image = "drone/drone:2.16.0";
-    volumes = [ "/data/drone:/data" ];
-    ports = [ "18733:80" ];
-    environment = {
-      DRONE_AGENTS_ENABLED = "true";
-      DRONE_GITEA_SERVER = "https://gitea.hillion.co.uk";
-      DRONE_GITEA_CLIENT_ID = "687ee331-ad9e-44fd-9e02-7f1c652754bb";
-      DRONE_SERVER_HOST = "drone.hillion.co.uk";
-      DRONE_SERVER_PROTO = "https";
-      DRONE_LOGS_DEBUG = "true";
-      DRONE_USER_CREATE = "username:JakeHillion,admin:true";
+    path = lib.mkOption {
+      type = lib.types.str;
+      default = "/var/lib/drone";
+    };
+    port = lib.mkOption {
+      type = lib.types.port;
+      default = 18733;
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    age.secrets."drone/gitea_client_secret".file = ../../secrets/drone/gitea_client_secret.age;
+    age.secrets."drone/rpc_secret".file = ../../secrets/drone/rpc_secret.age;
+
+    virtualisation.oci-containers.containers."drone" = {
+      image = "drone/drone:2.21.0";
+      volumes = [ "${cfg.path}:/data" ];
+      ports = [ "${toString cfg.port}:80" ];
+      environment = {
+        DRONE_AGENTS_ENABLED = "true";
+        DRONE_GITEA_SERVER = "https://gitea.hillion.co.uk";
+        DRONE_GITEA_CLIENT_ID = "687ee331-ad9e-44fd-9e02-7f1c652754bb";
+        DRONE_SERVER_HOST = "drone.hillion.co.uk";
+        DRONE_SERVER_PROTO = "https";
+        DRONE_LOGS_DEBUG = "true";
+        DRONE_USER_CREATE = "username:JakeHillion,admin:true";
+      };
+      environmentFiles = [
+        config.age.secrets."drone/gitea_client_secret".path
+        config.age.secrets."drone/rpc_secret".path
+      ];
     };
-    environmentFiles = [
-      config.age.secrets."drone/gitea_client_secret".path
-      config.age.secrets."drone/rpc_secret".path
-    ];
   };
 }
diff --git a/modules/locations.nix b/modules/locations.nix
index c6f5043..276d586 100644
--- a/modules/locations.nix
+++ b/modules/locations.nix
@@ -17,6 +17,9 @@ in
           mastodon = "vm.strangervm.ts.hillion.co.uk";
           matrix = "jorah.cx.ts.hillion.co.uk";
         };
+        drone = {
+          server = "vm.strangervm.ts.hillion.co.uk";
+        };
       };
     };
   };
@@ -25,5 +28,7 @@ in
     custom.services.downloads.enable = cfg.locations.services.downloads == config.networking.fqdn;
     custom.services.mastodon.enable = cfg.locations.services.mastodon == config.networking.fqdn;
     custom.services.matrix.enable = cfg.locations.services.matrix == config.networking.fqdn;
+
+    custom.drone.server.enable = cfg.locations.drone.server == config.networking.fqdn;
   };
 }
diff --git a/modules/www/global.nix b/modules/www/global.nix
index 16e529a..340d203 100644
--- a/modules/www/global.nix
+++ b/modules/www/global.nix
@@ -51,7 +51,7 @@ in
           reverse_proxy /_synapse/client/* http://${locations.services.matrix}:8008
         '';
         "drone.hillion.co.uk".extraConfig = ''
-          reverse_proxy http://vm.strangervm.ts.hillion.co.uk:18733
+          reverse_proxy http://${locations.drone.server}:18733
         '';
       };
     };