Periodic/system-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[dm-companion] Sets up auto-deploy and moves it to terakoda.com

Browse Source
This commit is contained in:
Drew Haven
2025-06-15 10:29:39 -07:00
parent 32e10284d0
commit cda32ea550
3 changed files with 71 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
system/hosts/mcp/containers/dm-companion.nix
View File

@@ -1,6 +1,6 @@
{ config, ... }:
let
inherit (import ./lib.nix config) mkContainer localHostRule havenisms;
inherit (import ./lib.nix config) mkContainer localHostRule terakoda;
in
{
virtualisation.oci-containers.containers = {
@@ -14,22 +14,27 @@ in
port = 8080;
volumes = [
"dm-companion:/pb/pb_data"
"/tank/web/dm.terakoda.com/pb_migrations:/pb/pb_migrations:ro"
];
environment = { };
extraLabels = {
"traefik.http.routers.${hostName}-api.rule" =
"PathPrefix(`/api`) && ${localHostRule "dm" havenisms}";
"PathPrefix(`/api`) && ${localHostRule "dm" terakoda}";
"traefik.http.routers.${hostName}-api.service" = "${hostName}";
};
};
dm-companion = mkContainer {
image = "nginx:alpine";
hostName = "dm";
image = "docker.havenisms.com/lazy-dm/app";
domain = terakoda;
port = 80;
dependsOn = [
"dm-companion-pocketbase"
];
volumes = [ ];
volumes = [
"/tank/web/dm.terakoda.com/dist:/usr/share/nginx/html:ro"
];
};
};
}

101
system/hosts/mcp/static-site-hooks.nix
View File

@@ -6,7 +6,7 @@ let
testHook =
with pkgs;
writeShellApplication {
name = "deploy-astro-app";
name = "build-npm-app";
runtimeInputs = [
openssh
gitFull
@@ -43,50 +43,67 @@ in
restartUnits = [ "webhook.service" ];
owner = config.users.users.webhook.name;
};
"deploy-key/dm.terakoda.com" = {
restartUnits = [ "webhook.service" ];
owner = config.users.users.webhook.name;
};
};
services.webhook = {
enable = true;
verbose = true;
port = 9000;
openFirewall = true;
hooks = {
"deploy-terakoda-com" = {
id = "deploy-terakoda-com";
http-methods = [ "POST" ];
command-working-directory = "/tank/web/terakoda.com";
include-command-output-in-response-on-error = true;
execute-command = "${testHook}/bin/deploy-astro-app";
trigger-rule-mismatch-http-response-code = 400;
trigger-rule = {
or = [
# There were some issues getting the payload signature validation to work.
# Switching to only accepting requests from internal IPs.
# {
# match = {
# type = "payload-hmac-sha1";
# secret = "mysecret";
# parameter = {
# source = "header";
# name = "X-Hub-Signature";
# };
# };
# }
{
match = {
type = "ip-whitelist";
ip-range = "192.168.0.0/16";
};
}
{
match = {
type = "ip-whitelist";
ip-range = "10.88.0.0/16";
};
}
];
services.webhook =
let
trigger-rule = {
or = [
# There were some issues getting the payload signature validation to work.
# Switching to only accepting requests from internal IPs.
# {
# match = {
# type = "payload-hmac-sha1";
# secret = "mysecret";
# parameter = {
# source = "header";
# name = "X-Hub-Signature";
# };
# };
# }
{
match = {
type = "ip-whitelist";
ip-range = "192.168.0.0/16";
};
}
{
match = {
type = "ip-whitelist";
ip-range = "10.88.0.0/16";
};
}
];
};
in
{
enable = true;
verbose = true;
port = 9000;
openFirewall = true;
hooks = {
"deploy-terakoda-com" = {
id = "deploy-terakoda-com";
http-methods = [ "POST" ];
command-working-directory = "/tank/web/terakoda.com";
include-command-output-in-response-on-error = true;
execute-command = "${testHook}/bin/build-npm-app";
trigger-rule-mismatch-http-response-code = 400;
inherit trigger-rule;
};
"deploy-dm-terakoda-com" = {
id = "deploy-dm-terakoda-com";
http-methods = [ "POST" ];
command-working-directory = "/tank/web/dm.terakoda.com";
include-command-output-in-response-on-error = true;
execute-command = "${testHook}/bin/build-npm-app";
trigger-rule-mismatch-http-response-code = 400;
inherit trigger-rule;
};
};
};
};
}