From 5ca7dadd02fb49dd62ad448d12021359e41beec1 Mon Sep 17 00:00:00 2001 From: Brian Picciano Date: Tue, 3 Aug 2021 17:47:01 -0600 Subject: [PATCH] full deployment via nix --- .gitignore | 1 + Makefile | 4 ++++ config.nix.tpl | 9 ++++++++ default.nix | 43 +++++++++++++++++++++++++++++++++++ srv/cmd/mediocre-blog/main.go | 10 ++++++-- srv/default.nix | 2 +- srv/pow/pow_test.go | 2 +- 7 files changed, 67 insertions(+), 4 deletions(-) create mode 100644 config.nix.tpl create mode 100644 default.nix diff --git a/.gitignore b/.gitignore index b2be92b..79ffe03 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ result +config.nix diff --git a/Makefile b/Makefile index e69de29..2417c12 100644 --- a/Makefile +++ b/Makefile @@ -0,0 +1,4 @@ + +install: + nix-build -A install + ./result diff --git a/config.nix.tpl b/config.nix.tpl new file mode 100644 index 0000000..5539376 --- /dev/null +++ b/config.nix.tpl @@ -0,0 +1,9 @@ +{ + powSecret = ""; + mlSMTPAddr = ""; + mlSMTPAuth = ""; + dataDir = "."; + publicURL = "http://localhost:4000"; + listenProto = "tcp"; + listenAddr = ":4000"; +} diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..8e634bf --- /dev/null +++ b/default.nix @@ -0,0 +1,43 @@ +let + utils = (import ./nix) {}; + pkgs = utils.pkgs; + system = utils.system; +in + rec { + srv = (import ./srv).build; + static = (import ./static).build; + config = (import ./config.nix); + + service = pkgs.writeText "mediocregopher-mediocre-blog" '' + [Unit] + Description=mediocregopher mediocre blog + Requires=network.target + After=network.target + + [Service] + Restart=always + RestartSec=1s + User=mediocregopher + ExecStart=${srv}/bin/mediocre-blog \ + -pow-secret "${config.powSecret}" \ + -ml-smtp-addr "${config.mlSMTPAddr}" \ + -ml-smtp-auth "${config.mlSMTPAuth}" \ + -data-dir "${config.dataDir}" \ + -public-url "${config.publicURL}" \ + -static-dir "${static}" \ + -listen-proto "${config.listenProto}" \ + -listen-addr "${config.listenAddr}" + + [Install] + WantedBy=multi-user.target + ''; + + install = pkgs.writeScript "mediocregopher-mediocre-blog" '' + set -e -x + + sudo cp ${service} /etc/systemd/system/mediocregopher-mediocre-blog.service + sudo systemctl daemon-reload + sudo systemctl enable mediocregopher-mediocre-blog.service + sudo systemctl restart mediocregopher-mediocre-blog.service + ''; + } diff --git a/srv/cmd/mediocre-blog/main.go b/srv/cmd/mediocre-blog/main.go index f912f45..5233a2c 100644 --- a/srv/cmd/mediocre-blog/main.go +++ b/srv/cmd/mediocre-blog/main.go @@ -143,8 +143,8 @@ func main() { Store: mlStore, Mailer: mailer, Clock: clock, - FinalizeSubURL: path.Join(publicURL.String(), "/mailinglist/finalize.html"), - UnsubURL: path.Join(publicURL.String(), "/mailinglist/unsubscribe.html"), + FinalizeSubURL: publicURL.String() + "/mailinglist/finalize.html", + UnsubURL: publicURL.String() + "/mailinglist/unsubscribe.html", }) mux := http.NewServeMux() @@ -183,6 +183,12 @@ func main() { loggerFatalErr(ctx, logger, "creating listen socket", err) } + if *listenProto == "unix" { + if err := os.Chmod(*listenAddr, 0777); err != nil { + loggerFatalErr(ctx, logger, "chmod-ing unix socket", err) + } + } + srv := &http.Server{Handler: mux} go func() { if err := srv.Serve(l); err != nil && !errors.Is(err, http.ErrServerClosed) { diff --git a/srv/default.nix b/srv/default.nix index 5a4a4d0..e4babab 100644 --- a/srv/default.nix +++ b/srv/default.nix @@ -9,7 +9,7 @@ in pname = "mediocre-blog-srv"; version = "dev"; src = ./.; - vendorSha256 = "0xr5gks5mrh34s5npncw71wncrzqrhnm3vjfwdakd7fzd6iw049z"; + vendorSha256 = "08wv94yv2wmlxzmanw551gixc8v8nl6zq2m721ig9nl3r540x46f"; }; shell = pkgs.stdenv.mkDerivation { diff --git a/srv/pow/pow_test.go b/srv/pow/pow_test.go index 4bc4141..cc868b1 100644 --- a/srv/pow/pow_test.go +++ b/srv/pow/pow_test.go @@ -114,7 +114,7 @@ func TestManager(t *testing.T) { c := mgr.NewChallenge() solution := Solve(c) clock.Add(2 * time.Second) - assert.ErrorIs(t, mgr.CheckSolution(c.Seed, solution), ErrExpiredSolution) + assert.ErrorIs(t, mgr.CheckSolution(c.Seed, solution), ErrExpiredSeed) } }