From ac367b083b0a0c430729e670fa6ed6093e28d1f0 Mon Sep 17 00:00:00 2001 From: Schrottkatze Date: Wed, 21 Feb 2024 09:25:07 +0100 Subject: [PATCH 1/5] add school wordpress site --- modules/containers/default.nix | 4 +-- modules/containers/wordpress-schule.nix | 38 +++++++++++++++++++++++++ modules/proxy.nix | 11 +++++++ 3 files changed, 51 insertions(+), 2 deletions(-) create mode 100644 modules/containers/wordpress-schule.nix diff --git a/modules/containers/default.nix b/modules/containers/default.nix index e40264d..20b6d3f 100644 --- a/modules/containers/default.nix +++ b/modules/containers/default.nix @@ -1,10 +1,10 @@ -{ pkgs, ... }: -{ +{pkgs, ...}: { imports = [ ./katzencafe-wiki.nix ./phtanumb-wiki.nix ./calckey.nix ./penpot.nix ./nextcloud.nix + ./wordpress-schule.nix ]; } diff --git a/modules/containers/wordpress-schule.nix b/modules/containers/wordpress-schule.nix new file mode 100644 index 0000000..16914c5 --- /dev/null +++ b/modules/containers/wordpress-schule.nix @@ -0,0 +1,38 @@ +{...}: { + containers."schule-wp" = { + autoStart = true; + privateNetwork = true; + hostAddress = "10.0.4.1"; + localAddress = "10.0.4.2"; + bindMounts = { + "/var/wp" = { + hostPath = "/schule-wp"; + isReadOnly = false; + }; + }; + config = { + config, + pkgs, + ... + }: { + services.wordpress = { + sites."schule" = { + virtualHost = { + hostName = "wp.schule.katzen.cafe"; + adminAddr = "schule@schrottkatze.de"; + listen = [ + { + ip = "10.0.4.2"; + port = 80; + ssl = false; + } + ]; + }; + }; + }; + system.stateVersion = "23.11"; + }; + }; + deployment.keys = { + }; +} diff --git a/modules/proxy.nix b/modules/proxy.nix index f214ab2..81cb09b 100644 --- a/modules/proxy.nix +++ b/modules/proxy.nix @@ -58,6 +58,10 @@ group = "nginx"; keyType = "rsa4096"; }; + "wp.schule.katzen.cafe" = { + group = "nginx"; + keyType = "rsa4096"; + }; # "prosody.katzen.cafe" = { # group = "prosody"; # keyType = "rsa4096"; @@ -204,6 +208,13 @@ add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; ''; }; + "wp.schule.katzen.cafe" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://10.0.4.2"; + }; + }; }; }; } From 3df21ed5b35e7fab863d9447a07d79bbeb9b7c4e Mon Sep 17 00:00:00 2001 From: Schrottkatze Date: Fri, 1 Mar 2024 20:38:16 +0100 Subject: [PATCH 2/5] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'conduit': 'gitlab:famedly/conduit/72a13d83539a4df7c0f126b5854642e210c506b0' (2024-02-02) → 'gitlab:famedly/conduit/99ab234f4081edfcffc5d728a93a1c2c14496033' (2024-02-28) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/c68a9fc85c2cb3a313be6ff40511635544dde8da' (2024-02-15) → 'github:NixOS/nixpkgs/068d4db604958d05d0b46c47f79b507d84dbc069' (2024-02-29) • Updated input 'nixpkgsUnstable': 'github:NixOS/nixpkgs/a4d4fe8c5002202493e87ec8dbc91335ff55552c' (2024-02-15) → 'github:NixOS/nixpkgs/1536926ef5621b09bba54035ae2bb6d806d72ac8' (2024-02-29) --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 162cf11..76ecd77 100644 --- a/flake.lock +++ b/flake.lock @@ -71,11 +71,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1706844761, - "narHash": "sha256-5BcXmVy5QPXplCT9fJ4A0+Tru0kG2sAR7qYwdxVrwvo=", + "lastModified": 1709137188, + "narHash": "sha256-1X+qaJB3xnwBFVFJoC55YtlfPMEvEUOggVLfYVL2VIY=", "owner": "famedly", "repo": "conduit", - "rev": "72a13d83539a4df7c0f126b5854642e210c506b0", + "rev": "99ab234f4081edfcffc5d728a93a1c2c14496033", "type": "gitlab" }, "original": { @@ -510,11 +510,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1707956935, - "narHash": "sha256-ZL2TrjVsiFNKOYwYQozpbvQSwvtV/3Me7Zwhmdsfyu4=", + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a4d4fe8c5002202493e87ec8dbc91335ff55552c", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", "type": "github" }, "original": { @@ -590,11 +590,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1707978831, - "narHash": "sha256-UblFdWQ2MMZNzD9C/w8+7RjAJ2QIbebbzHUniQ/a44o=", + "lastModified": 1709218635, + "narHash": "sha256-nytX/MkfqeTD4z7bMq4QRXcHxO9B3vRo9tM6fMtPFA8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c68a9fc85c2cb3a313be6ff40511635544dde8da", + "rev": "068d4db604958d05d0b46c47f79b507d84dbc069", "type": "github" }, "original": { From 9b72ba2d43c9a40389a591ed85d12989b21891e6 Mon Sep 17 00:00:00 2001 From: Schrottkatze Date: Wed, 20 Mar 2024 16:57:36 +0100 Subject: [PATCH 3/5] remove wordpress --- justfile | 2 ++ modules/containers/wordpress-schule.nix | 38 ------------------------- modules/proxy.nix | 7 ----- 3 files changed, 2 insertions(+), 45 deletions(-) delete mode 100644 modules/containers/wordpress-schule.nix diff --git a/justfile b/justfile index 6351c1a..5e18a7e 100644 --- a/justfile +++ b/justfile @@ -6,3 +6,5 @@ build: update: nix flake update --commit-lock-file + just deploy + ssh root@katzen.cafe ./update-arion.sh diff --git a/modules/containers/wordpress-schule.nix b/modules/containers/wordpress-schule.nix deleted file mode 100644 index 16914c5..0000000 --- a/modules/containers/wordpress-schule.nix +++ /dev/null @@ -1,38 +0,0 @@ -{...}: { - containers."schule-wp" = { - autoStart = true; - privateNetwork = true; - hostAddress = "10.0.4.1"; - localAddress = "10.0.4.2"; - bindMounts = { - "/var/wp" = { - hostPath = "/schule-wp"; - isReadOnly = false; - }; - }; - config = { - config, - pkgs, - ... - }: { - services.wordpress = { - sites."schule" = { - virtualHost = { - hostName = "wp.schule.katzen.cafe"; - adminAddr = "schule@schrottkatze.de"; - listen = [ - { - ip = "10.0.4.2"; - port = 80; - ssl = false; - } - ]; - }; - }; - }; - system.stateVersion = "23.11"; - }; - }; - deployment.keys = { - }; -} diff --git a/modules/proxy.nix b/modules/proxy.nix index 81cb09b..0268860 100644 --- a/modules/proxy.nix +++ b/modules/proxy.nix @@ -208,13 +208,6 @@ add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; ''; }; - "wp.schule.katzen.cafe" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://10.0.4.2"; - }; - }; }; }; } From 8706789ab078b400307f9ed0a248fa34ac556574 Mon Sep 17 00:00:00 2001 From: Schrottkatze Date: Wed, 20 Mar 2024 16:58:50 +0100 Subject: [PATCH 4/5] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'arion': 'github:hercules-ci/arion/2b1fa9a8e9e40bb8e65a677c6fdd66dae4f4676e' (2024-02-14) → 'github:hercules-ci/arion/d2d48c9ec304ac80c84ede138b8c6f298d07d995' (2024-03-05) • Updated input 'arion/flake-parts': 'github:hercules-ci/flake-parts/b253292d9c0a5ead9bc98c4e9a26c6312e27d69f' (2024-02-01) → 'github:hercules-ci/flake-parts/f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2' (2024-03-01) • Updated input 'arion/hercules-ci-effects': 'github:hercules-ci/hercules-ci-effects/d5cbf433a6ae9cae05400189a8dbc6412a03ba16' (2023-12-31) → 'github:hercules-ci/hercules-ci-effects/0ca27bd58e4d5be3135a4bef66b582e57abe8f4a' (2024-02-21) • Updated input 'arion/nixpkgs': 'github:NixOS/nixpkgs/f9d39fb9aff0efee4a3d5f4a6d7c17701d38a1d8' (2024-02-11) → 'github:NixOS/nixpkgs/b8697e57f10292a6165a20f03d2f42920dfaf973' (2024-03-03) • Updated input 'conduit': 'gitlab:famedly/conduit/99ab234f4081edfcffc5d728a93a1c2c14496033' (2024-02-28) → 'gitlab:famedly/conduit/81bc1fc4e324c4798dc7b7e3cec94495a94455e0' (2024-03-18) • Updated input 'conduit/attic': 'github:zhaofengli/attic/fbe252a5c21febbe920c025560cbd63b20e24f3b' (2024-01-18) → 'github:zhaofengli/attic/6eabc3f02fae3683bffab483e614bebfcd476b21' (2024-02-14) • Updated input 'conduit/crane': 'github:ipetkov/crane/c798790eabec3e3da48190ae3698ac227aab770c' (2024-01-28) → 'github:ipetkov/crane/2c653e4478476a52c6aa3ac0495e4dea7449ea0e' (2024-02-11) • Updated input 'conduit/fenix': 'github:nix-community/fenix/e132ea0eb0c799a2109a91688e499d7bf4962801' (2024-01-18) → 'github:nix-community/fenix/c8943ea9e98d41325ff57d4ec14736d330b321b2' (2024-03-05) • Updated input 'conduit/fenix/rust-analyzer-src': 'github:rust-lang/rust-analyzer/9d9b34354d2f13e33568c9c55b226dd014a146a0' (2024-01-17) → 'github:rust-lang/rust-analyzer/9f14343f9ee24f53f17492c5f9b653427e2ad15e' (2024-03-04) • Updated input 'conduit/flake-utils': 'github:numtide/flake-utils/1ef2e671c3b0c19053962c07dbda38332dcebf26' (2024-01-15) → 'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28) • Updated input 'conduit/nixpkgs': 'github:NixOS/nixpkgs/842d9d80cfd4560648c785f8a4e6f3b096790e19' (2024-01-17) → 'github:NixOS/nixpkgs/b8697e57f10292a6165a20f03d2f42920dfaf973' (2024-03-03) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/068d4db604958d05d0b46c47f79b507d84dbc069' (2024-02-29) → 'github:NixOS/nixpkgs/fa9f817df522ac294016af3d40ccff82f5fd3a63' (2024-03-19) • Updated input 'nixpkgsUnstable': 'github:NixOS/nixpkgs/1536926ef5621b09bba54035ae2bb6d806d72ac8' (2024-02-29) → 'github:NixOS/nixpkgs/b06025f1533a1e07b6db3e75151caa155d1c7eb3' (2024-03-19) --- flake.lock | 80 +++++++++++++++++++++++++++--------------------------- 1 file changed, 40 insertions(+), 40 deletions(-) diff --git a/flake.lock b/flake.lock index 76ecd77..67d0fb6 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1707923576, - "narHash": "sha256-vch1hvgoB2TEl1+0J9h5uPkTrL4zNFUxE/razagkqQQ=", + "lastModified": 1709606645, + "narHash": "sha256-yObjAl8deNvx1uIfQn7/vkB9Rnr0kqTo1HVrsk46l30=", "owner": "hercules-ci", "repo": "arion", - "rev": "2b1fa9a8e9e40bb8e65a677c6fdd66dae4f4676e", + "rev": "d2d48c9ec304ac80c84ede138b8c6f298d07d995", "type": "github" }, "original": { @@ -30,11 +30,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1705617092, - "narHash": "sha256-n9PK4O4X4S1JkwpkMuYm1wHZYJzRqif8g3RuVIPD+rY=", + "lastModified": 1707922053, + "narHash": "sha256-wSZjK+rOXn+UQiP1NbdNn5/UW6UcBxjvlqr2wh++MbM=", "owner": "zhaofengli", "repo": "attic", - "rev": "fbe252a5c21febbe920c025560cbd63b20e24f3b", + "rev": "6eabc3f02fae3683bffab483e614bebfcd476b21", "type": "github" }, "original": { @@ -71,11 +71,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1709137188, - "narHash": "sha256-1X+qaJB3xnwBFVFJoC55YtlfPMEvEUOggVLfYVL2VIY=", + "lastModified": 1710785672, + "narHash": "sha256-tEP/amp09fSKeTBrcHWAYr/tQ0g2ZxJQlnCiZDi6qtY=", "owner": "famedly", "repo": "conduit", - "rev": "99ab234f4081edfcffc5d728a93a1c2c14496033", + "rev": "81bc1fc4e324c4798dc7b7e3cec94495a94455e0", "type": "gitlab" }, "original": { @@ -114,17 +114,17 @@ ] }, "locked": { - "lastModified": 1706473964, - "narHash": "sha256-Fq6xleee/TsX6NbtoRuI96bBuDHMU57PrcK9z1QEKbk=", + "lastModified": 1707685877, + "narHash": "sha256-XoXRS+5whotelr1rHiZle5t5hDg9kpguS5yk8c8qzOc=", "owner": "ipetkov", "repo": "crane", - "rev": "c798790eabec3e3da48190ae3698ac227aab770c", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", "type": "github" }, "original": { "owner": "ipetkov", - "ref": "master", "repo": "crane", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", "type": "github" } }, @@ -137,11 +137,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1705559032, - "narHash": "sha256-Cb+Jd1+Gz4Wi+8elPnUIHnqQmE1qjDRZ+PsJaPaAffY=", + "lastModified": 1709619709, + "narHash": "sha256-l6EPVJfwfelWST7qWQeP6t/TDK3HHv5uUB1b2vw4mOQ=", "owner": "nix-community", "repo": "fenix", - "rev": "e132ea0eb0c799a2109a91688e499d7bf4962801", + "rev": "c8943ea9e98d41325ff57d4ec14736d330b321b2", "type": "github" }, "original": { @@ -222,11 +222,11 @@ ] }, "locked": { - "lastModified": 1706830856, - "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { @@ -276,11 +276,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { @@ -329,11 +329,11 @@ ] }, "locked": { - "lastModified": 1704029560, - "narHash": "sha256-a4Iu7x1OP+uSYpqadOu8VCPY+MPF3+f6KIi+MAxlgyw=", + "lastModified": 1708547820, + "narHash": "sha256-xU/KC1PWqq5zL9dQ9wYhcdgxAwdeF/dJCLPH3PNZEBg=", "owner": "hercules-ci", "repo": "hercules-ci-effects", - "rev": "d5cbf433a6ae9cae05400189a8dbc6412a03ba16", + "rev": "0ca27bd58e4d5be3135a4bef66b582e57abe8f4a", "type": "github" }, "original": { @@ -416,11 +416,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1707689078, - "narHash": "sha256-UUGmRa84ZJHpGZ1WZEBEUOzaPOWG8LZ0yPg1pdDF/yM=", + "lastModified": 1709479366, + "narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f9d39fb9aff0efee4a3d5f4a6d7c17701d38a1d8", + "rev": "b8697e57f10292a6165a20f03d2f42920dfaf973", "type": "github" }, "original": { @@ -510,11 +510,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1709237383, - "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", + "lastModified": 1710806803, + "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", + "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", "type": "github" }, "original": { @@ -542,11 +542,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1705496572, - "narHash": "sha256-rPIe9G5EBLXdBdn9ilGc0nq082lzQd0xGGe092R/5QE=", + "lastModified": 1709479366, + "narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "842d9d80cfd4560648c785f8a4e6f3b096790e19", + "rev": "b8697e57f10292a6165a20f03d2f42920dfaf973", "type": "github" }, "original": { @@ -590,11 +590,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1709218635, - "narHash": "sha256-nytX/MkfqeTD4z7bMq4QRXcHxO9B3vRo9tM6fMtPFA8=", + "lastModified": 1710838473, + "narHash": "sha256-RLvwdQSENKOaLdKhNie8XqHmTXzNm00/M/THj6zplQo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "068d4db604958d05d0b46c47f79b507d84dbc069", + "rev": "fa9f817df522ac294016af3d40ccff82f5fd3a63", "type": "github" }, "original": { @@ -633,11 +633,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1705523001, - "narHash": "sha256-TWq5vJ6m+9HGSDMsQAmz1TMegMi79R3TTyKjnPWsQp8=", + "lastModified": 1709571018, + "narHash": "sha256-ISFrxHxE0J5g7lDAscbK88hwaT5uewvWoma9TlFmRzM=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "9d9b34354d2f13e33568c9c55b226dd014a146a0", + "rev": "9f14343f9ee24f53f17492c5f9b653427e2ad15e", "type": "github" }, "original": { From 9eeedff694ead12fda7a37c19460cd5263814328 Mon Sep 17 00:00:00 2001 From: Schrottkatze Date: Wed, 20 Mar 2024 18:16:43 +0100 Subject: [PATCH 5/5] remove wordpres --- modules/containers/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/containers/default.nix b/modules/containers/default.nix index 20b6d3f..7c58c2d 100644 --- a/modules/containers/default.nix +++ b/modules/containers/default.nix @@ -5,6 +5,5 @@ ./calckey.nix ./penpot.nix ./nextcloud.nix - ./wordpress-schule.nix ]; }