Site de Bingo de Denise

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2021-08-06 01:38:35 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2021-09-30 00:37:01 +0200
commit: 2e573da3e091144d7d6f8c72021a8602fb71d61f (patch)
tree: 92e81fe3728b7130123f447a0a1f79feaf1f4918 /modules/private/websites/denise
parent: a9f52ec521e45204ad9363dd143b32ac9910b6b3 (diff)
download: Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.tar.gz
Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.tar.zst
Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.zip
1 files changed, 100 insertions, 0 deletions
diff --git a/modules/private/websites/denise/bingo.nix b/modules/private/websites/denise/bingo.nix
new file mode 100644
index 0000000..9130462
--- /dev/null
+++ b/modules/private/websites/denise/bingo.nix
@@ -0,0 +1,100 @@
+{ lib, config, pkgs, ... }:
+let
+  cfg = config.myServices.websites.denise.bingo;
+  varDir = "/var/lib/buildbot/outputs/denise/bingo";
+  varDirBeta = "/var/lib/buildbot/outputs/denise/bingo_beta";
+  socket = "/run/denise_bingo/socket.sock";
+  socket_beta = "/run/denise_bingo_beta/socket.sock";
+in {
+  options.myServices.websites.denise.bingo.enable = lib.mkEnableOption "enable Denise's bingo website";
+  config = lib.mkIf cfg.enable {
+    services.websites.env.production.vhostConfs.denise_bingo = {
+      certName     = "denise";
+      addToCerts   = true;
+      hosts        = [ "bingo.syanni.eu" ];
+      root         = null;
+      extraConfig  = [
+        ''
+        ProxyPreserveHost on
+        ProxyVia On
+        ProxyRequests Off
+        ProxyPassMatch ^/.well-known/acme-challenge !
+        ProxyPass / unix://${socket}|http://bingo.syanni.eu/
+        ProxyPassReverse / unix://${socket}|http://bingo.syanni.eu/
+          ''
+      ];
+    };
+    systemd.services.denise-bingo = {
+      description = "Denise bingo website";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        WorkingDirectory = varDir;
+        ExecStart = let
+          python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]);
+        in
+          "${python}/bin/gunicorn -w4 -p /run/denise_bingo/gunicorn.pid --bind unix:${socket} app:app";
+        User = "wwwrun";
+        Restart = "always";
+        RestartSec = "5s";
+        PIDFile = "/run/denise_bingo/gunicorn.pid";
+        RuntimeDirectory = "denise_bingo";
+        StandardOutput = "journal";
+        StandardError = "inherit";
+      };
+    };
+    security.sudo.extraRules = [
+      {
+        commands = [
+          { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo-beta.service"; }
+          { options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo.service"; }
+        ];
+        users = ["buildbot"];
+        runAs = "root";
+      }
+    ];
+    services.websites.env.integration.vhostConfs.denise_bingo_beta = {
+      certName     = "denise";
+      addToCerts   = true;
+      hosts        = [ "beta.bingo.syanni.eu" ];
+      root         = null;
+      extraConfig  = [
+        ''
+        ProxyPreserveHost on
+        ProxyVia On
+        ProxyRequests Off
+        ProxyPassMatch ^/.well-known/acme-challenge !
+        ProxyPass / unix://${socket_beta}|http://beta.bingo.syanni.eu/
+        ProxyPassReverse / unix://${socket_beta}|http://beta.bingo.syanni.eu/
+          ''
+      ];
+    };
+    systemd.services.denise-bingo-beta = {
+      description = "Denise bingo beta website";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        WorkingDirectory = varDirBeta;
+        ExecStart = let
+          python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask ]);
+        in
+          "${python}/bin/gunicorn -w4 -p /run/denise_bingo_beta/gunicorn.pid --bind unix:${socket_beta} app:app";
+        User = "wwwrun";
+        Restart = "always";
+        RestartSec = "5s";
+        PIDFile = "/run/denise_bingo_beta/gunicorn.pid";
+        RuntimeDirectory = "denise_bingo_beta";
+        StandardOutput = "journal";
+        StandardError = "inherit";
+      };
+    };
+  };
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2021-08-06 01:38:35 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2021-09-30 00:37:01 +0200
commit	2e573da3e091144d7d6f8c72021a8602fb71d61f (patch)
tree	92e81fe3728b7130123f447a0a1f79feaf1f4918 /modules/private/websites/denise
parent	a9f52ec521e45204ad9363dd143b32ac9910b6b3 (diff)
download	Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.tar.gz Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.tar.zst Nix-2e573da3e091144d7d6f8c72021a8602fb71d61f.zip

diff --git a/modules/private/websites/denise/bingo.nix b/modules/private/websites/denise/bingo.nix new file mode 100644 index 0000000..9130462 --- /dev/null +++ b/modules/private/websites/denise/bingo.nix
@@ -0,0 +1,100 @@
	1	{ lib, config, pkgs, ... }:
	2	let
	3	cfg = config.myServices.websites.denise.bingo;
	4	varDir = "/var/lib/buildbot/outputs/denise/bingo";
	5	varDirBeta = "/var/lib/buildbot/outputs/denise/bingo_beta";
	6	socket = "/run/denise_bingo/socket.sock";
	7	socket_beta = "/run/denise_bingo_beta/socket.sock";
	8	in {
	9	options.myServices.websites.denise.bingo.enable = lib.mkEnableOption "enable Denise's bingo website";
	10
	11	config = lib.mkIf cfg.enable {
	12	services.websites.env.production.vhostConfs.denise_bingo = {
	13	certName = "denise";
	14	addToCerts = true;
	15	hosts = [ "bingo.syanni.eu" ];
	16	root = null;
	17	extraConfig = [
	18	''
	19	ProxyPreserveHost on
	20	ProxyVia On
	21	ProxyRequests Off
	22	ProxyPassMatch ^/.well-known/acme-challenge !
	23	ProxyPass / unix://${socket}\|http://bingo.syanni.eu/
	24	ProxyPassReverse / unix://${socket}\|http://bingo.syanni.eu/
	25	''
	26	];
	27	};
	28
	29	systemd.services.denise-bingo = {
	30	description = "Denise bingo website";
	31	after = [ "network.target" ];
	32	wantedBy = [ "multi-user.target" ];
	33
	34	serviceConfig = {
	35	Type = "simple";
	36	WorkingDirectory = varDir;
	37	ExecStart = let
	38	python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask p.matplotlib p.unidecode ]);
	39	in
	40	"${python}/bin/gunicorn -w4 -p /run/denise_bingo/gunicorn.pid --bind unix:${socket} app:app";
	41	User = "wwwrun";
	42	Restart = "always";
	43	RestartSec = "5s";
	44	PIDFile = "/run/denise_bingo/gunicorn.pid";
	45	RuntimeDirectory = "denise_bingo";
	46	StandardOutput = "journal";
	47	StandardError = "inherit";
	48	};
	49	};
	50
	51	security.sudo.extraRules = [
	52	{
	53	commands = [
	54	{ options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo-beta.service"; }
	55	{ options = [ "NOPASSWD" ]; command = "${pkgs.systemd}/bin/systemctl restart denise-bingo.service"; }
	56	];
	57	users = ["buildbot"];
	58	runAs = "root";
	59	}
	60	];
	61	services.websites.env.integration.vhostConfs.denise_bingo_beta = {
	62	certName = "denise";
	63	addToCerts = true;
	64	hosts = [ "beta.bingo.syanni.eu" ];
	65	root = null;
	66	extraConfig = [
	67	''
	68	ProxyPreserveHost on
	69	ProxyVia On
	70	ProxyRequests Off
	71	ProxyPassMatch ^/.well-known/acme-challenge !
	72	ProxyPass / unix://${socket_beta}\|http://beta.bingo.syanni.eu/
	73	ProxyPassReverse / unix://${socket_beta}\|http://beta.bingo.syanni.eu/
	74	''
	75	];
	76	};
	77
	78	systemd.services.denise-bingo-beta = {
	79	description = "Denise bingo beta website";
	80	after = [ "network.target" ];
	81	wantedBy = [ "multi-user.target" ];
	82
	83	serviceConfig = {
	84	Type = "simple";
	85	WorkingDirectory = varDirBeta;
	86	ExecStart = let
	87	python = pkgs.python3.withPackages (p: [ p.gunicorn p.flask ]);
	88	in
	89	"${python}/bin/gunicorn -w4 -p /run/denise_bingo_beta/gunicorn.pid --bind unix:${socket_beta} app:app";
	90	User = "wwwrun";
	91	Restart = "always";
	92	RestartSec = "5s";
	93	PIDFile = "/run/denise_bingo_beta/gunicorn.pid";
	94	RuntimeDirectory = "denise_bingo_beta";
	95	StandardOutput = "journal";
	96	StandardError = "inherit";
	97	};
	98	};
	99	};
	100	}