summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2020-11-17 20:16:27 +0100
committermakefu <github@syntax-fehler.de>2020-11-17 20:16:27 +0100
commit0b3a9c922286b4f8d96d8dc98bdb71e1a5831123 (patch)
tree8525309752ce8f364d86b06016be726618ba217b
parent9d99500e0922c5577c32bcb77f88d9edc472ffaa (diff)
parentf790a72f19c51fd7b19c4ff0111fb7e8a004a051 (diff)
Merge remote-tracking branch 'lass/20.09' into 20.09
-rw-r--r--krebs/3modules/tv/default.nix16
-rw-r--r--tv/2configs/default.nix4
-rw-r--r--tv/2configs/elm-packages-proxy.nix154
3 files changed, 165 insertions, 9 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 756caa03..6a09cc83 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -32,7 +32,7 @@ in {
};
hosts = mapAttrs hostDefaults {
alnus = {
- ci = false;
+ ci = true;
cores = 2;
nets = {
retiolum = {
@@ -56,7 +56,7 @@ in {
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q==";
};
au = {
- ci = false;
+ ci = true;
cores = 4;
nets = {
retiolum = {
@@ -83,7 +83,7 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au";
};
mu = {
- ci = false;
+ ci = true;
cores = 2;
nets = {
retiolum = {
@@ -155,7 +155,7 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
};
nomic = {
- ci = false;
+ ci = true;
cores = 2;
nets = {
retiolum = {
@@ -181,7 +181,7 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic";
};
wu = {
- ci = false;
+ ci = true;
cores = 4;
nets = {
retiolum = {
@@ -207,7 +207,7 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa";
};
querel = {
- ci = false;
+ ci = true;
cores = 2;
nets = {
retiolum = {
@@ -239,7 +239,7 @@ in {
binary-cache = {
pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s=";
};
- ci = false;
+ ci = true;
cores = 4;
nets = {
retiolum = {
@@ -266,7 +266,7 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu";
};
zu = {
- ci = false;
+ ci = true;
cores = 4;
nets = {
retiolum = {
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 2d813fe3..975266f6 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -90,7 +90,9 @@ with import <stockholm/lib>;
{
services.cron.enable = false;
- services.nscd.enable = false;
+ services.nscd.enable =
+ # Since 20.09 nscd doesn't cache anymore.
+ versionOlder version "20.09";
services.ntp.enable = false;
services.timesyncd.enable = true;
}
diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix
new file mode 100644
index 00000000..17a0d230
--- /dev/null
+++ b/tv/2configs/elm-packages-proxy.nix
@@ -0,0 +1,154 @@
+{ config, lib, pkgs, ... }: let
+
+ cfg.nameserver = "1.1.1.1";
+ cfg.packageDir = "/var/lib/elm-packages";
+ cfg.port = 7782;
+
+in {
+ services.nginx.virtualHosts."package.elm-lang.org" = {
+ addSSL = true;
+
+ # TODO secret files
+ sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
+ sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+
+ locations."/all-packages/since/".extraConfig = ''
+ proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+ proxy_pass_header Server;
+ '';
+
+ locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
+ set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball";
+ proxy_set_header X-Author $author;
+ proxy_set_header X-Package $pname;
+ proxy_set_header X-Version $version;
+ proxy_set_header X-Zipball $zipball;
+ proxy_pass_header Server;
+ resolver ${cfg.nameserver};
+
+ if (-f $zipball) {
+ set $new_uri http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+ }
+ if (!-f $zipball) {
+ set $new_uri https://package.elm-lang.org$request_uri;
+ }
+
+ proxy_pass $new_uri;
+ '';
+ };
+
+ krebs.htgen.elm-packages-proxy = {
+ port = cfg.port;
+ script = /* sh */ ''(. ${pkgs.writeDash "elm-packages-proxy.sh" ''
+ PATH=${lib.makeBinPath [
+ pkgs.coreutils
+ pkgs.curl
+ pkgs.findutils
+ pkgs.gnugrep
+ pkgs.jq
+ pkgs.unzip
+ ]}
+ export PATH
+ file_response() {(
+ status_code=$1
+ status_reason=$2
+ file=$3
+ content_type=$4
+
+ content_length=$(wc -c "$file" | cut -d\ -f1)
+
+ printf "HTTP/1.1 $status_code $status_reason\r\n"
+ printf 'Connection: close\r\n'
+ printf 'Content-Length: %d\r\n' "$content_length"
+ printf 'Content-Type: %s\r\n' "$content_type"
+ printf 'Server: %s\r\n' "$Server"
+ printf '\r\n'
+ cat "$file"
+ )}
+ string_response() {(
+ status_code=$1
+ status_reason=$2
+ response_body=$3
+ content_type=$4
+
+ printf "HTTP/1.1 $status_code $status_reason\r\n"
+ printf 'Connection: close\r\n'
+ printf 'Content-Length: %d\r\n' ''${#response_body}
+ printf 'Content-Type: %s\r\n' "$content_type"
+ printf 'Server: %s\r\n' "$Server"
+ printf '\r\n'
+ printf '%s\n' "$response_body"
+ )}
+
+ case "$Method $Request_URI" in
+ 'GET /packages/'*)
+
+ author=$req_x_author
+ pname=$req_x_package
+ version=$req_x_version
+
+ zipball=${cfg.packageDir}/$author/$pname/$version/zipball
+ elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json
+ endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json
+ mkdir -p "$HOME/cache"
+
+ case $(basename $Request_URI) in
+ zipball)
+ file_response 200 OK "$zipball" application/zip
+ exit
+ ;;
+ elm.json)
+ if ! test -f "$elmjson"; then
+ unzip -p "$zipball" \*/elm.json > "$elmjson"
+ fi
+ file_response 200 OK "$elmjson" 'application/json; charset=UTF-8'
+ exit
+ ;;
+ endpoint.json)
+ if ! test -f "$endpointjson"; then
+ hash=$(sha1sum "$zipball" | cut -d\ -f1)
+ url=https://package.elm-lang.org/packages/$author/$pname/$version/zipball
+ jq -n \
+ --arg hash "$hash" \
+ --arg url "$url" \
+ '{ $hash, $url }' \
+ > "$endpointjson"
+ fi
+ file_response 200 OK "$endpointjson" 'application/json; charset=UTF-8'
+ exit
+ ;;
+ esac
+ ;;
+ 'POST /all-packages/since/'*)
+
+ # TODO only show newest?
+ my_packages=$(
+ cd ${cfg.packageDir}
+ find -mindepth 3 -maxdepth 3 |
+ jq -Rs '
+ split("\n") |
+ map(
+ select(.!="") |
+ sub("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$";"\(.author)/\(.pname)@\(.version)")
+ )
+ '
+ )
+
+ new_upstream_packages=$(
+ curl -fsS https://package.elm-lang.org"$Request_URI"
+ )
+
+ response=$(
+ jq -n \
+ --argjson my_packages "$my_packages" \
+ --argjson new_upstream_packages "$new_upstream_packages" \
+ '$new_upstream_packages + $my_packages'
+ )
+
+ string_response 200 OK "$response" 'application/json; charset=UTF-8'
+ exit
+ ;;
+ esac
+ ''})'';
+ };
+}