2023-05-12 22:05:10 +01:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
2022-12-09 14:35:32 +00:00
|
|
|
let
|
|
|
|
|
domain = "runas.rocks";
|
|
|
|
|
runas_root = "/var/lib/runas.rocks/dist";
|
|
|
|
|
service_name = "runas.rocks-pull";
|
|
|
|
|
mkStartScript = name: pkgs.writeShellScript "${name}.sh" ''
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
cd ${runas_root}
|
2023-01-01 12:33:11 +00:00
|
|
|
git pull origin main --rebase
|
2022-12-09 14:35:32 +00:00
|
|
|
'';
|
2023-05-12 22:05:10 +01:00
|
|
|
|
|
|
|
|
utilities = import ./utilities.nix { inherit lib config; };
|
|
|
|
|
inherit (utilities) architectInterfaceAddress;
|
2022-12-09 14:35:32 +00:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
services.nginx.virtualHosts.${domain} = {
|
|
|
|
|
enableACME = true;
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
|
|
|
|
|
locations."/".root = runas_root;
|
2023-02-11 02:29:48 +00:00
|
|
|
|
2022-12-09 14:35:32 +00:00
|
|
|
locations."/.git" = { return = "404"; };
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd = {
|
|
|
|
|
services.${service_name} = {
|
|
|
|
|
path = [ pkgs.git ];
|
|
|
|
|
enable = true;
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
ExecStart = mkStartScript "${service_name}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
timers.${service_name} = {
|
|
|
|
|
wantedBy = [ "timers.target" ];
|
|
|
|
|
timerConfig = {
|
2023-01-01 12:32:14 +00:00
|
|
|
OnCalendar = "hourly";
|
2022-12-09 14:35:32 +00:00
|
|
|
Unit = "${service_name}.service";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking.extraHosts = ''
|
2023-05-12 22:05:10 +01:00
|
|
|
${architectInterfaceAddress "lan"} ${domain}
|
|
|
|
|
${architectInterfaceAddress "tailscale"} ${domain}
|
2022-12-09 14:35:32 +00:00
|
|
|
'';
|
|
|
|
|
}
|
