diff options
| -rw-r--r-- | flake.lock | 140 | ||||
| -rw-r--r-- | flake.nix | 7 | ||||
| -rw-r--r-- | hosts/ahmed/configuration.nix | 4 | ||||
| -rw-r--r-- | modules/nixos/default.nix | 1 | ||||
| -rw-r--r-- | modules/nixos/hellohtml.linus.onl/default.nix | 60 |
5 files changed, 211 insertions, 1 deletions
@@ -65,6 +65,73 @@ "type": "github" } }, + "deno2nix": { + "inputs": { + "devshell": "devshell", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "hellohtml", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1694341738, + "narHash": "sha256-zEosA90LiNd3/EFpZNKs7XPdY7PIsat19I6uJb/MuYU=", + "owner": "SnO2WMaN", + "repo": "deno2nix", + "rev": "38dcc186763ab930acd1d751b4bfe3c0bd606ef3", + "type": "github" + }, + "original": { + "owner": "SnO2WMaN", + "repo": "deno2nix", + "type": "github" + } + }, + "devshell": { + "inputs": { + "flake-utils": [ + "hellohtml", + "deno2nix", + "flake-utils" + ], + "nixpkgs": [ + "hellohtml", + "deno2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1667210711, + "narHash": "sha256-IoErjXZAkzYWHEpQqwu/DeRNJGFdR7X2OGbkhMqMrpw=", + "owner": "numtide", + "repo": "devshell", + "rev": "96a9dd12b8a447840cc246e17a47b81a4268bba7", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -84,10 +151,43 @@ } }, "flake-utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "inputs": { "systems": "systems_2" }, "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_3" + }, + "locked": { "lastModified": 1694529238, "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", @@ -101,6 +201,28 @@ "type": "github" } }, + "hellohtml": { + "inputs": { + "deno2nix": "deno2nix", + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1703882017, + "narHash": "sha256-2pu26Y+0oZfnbQ7/4KFUBzWYXj3PMkpkxIKaMI/xWAw=", + "owner": "linnnus", + "repo": "hellohtml", + "rev": "57bcf2dd89d5f863520410278b9666725f2f9f77", + "type": "github" + }, + "original": { + "owner": "linnnus", + "repo": "hellohtml", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -196,7 +318,7 @@ }, "push-notification-api": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ] @@ -219,6 +341,7 @@ "inputs": { "agenix": "agenix", "comma": "comma", + "hellohtml": "hellohtml", "home-manager": "home-manager_2", "nix-darwin": "nix-darwin", "nixpkgs": "nixpkgs", @@ -255,6 +378,21 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", @@ -27,6 +27,11 @@ url = "github:linnnus/comma-zsh"; inputs.nixpkgs.follows = "nixpkgs"; }; + hellohtml = { + url = "github:linnnus/hellohtml"; + # url = "path:/home/linus/hellohtml"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; }; outputs = { @@ -36,6 +41,7 @@ nix-darwin, agenix, push-notification-api, + hellohtml, ... } @ inputs: let args = { @@ -88,6 +94,7 @@ home-manager.nixosModules.home-manager agenix.nixosModules.default push-notification-api.nixosModules.default + hellohtml.nixosModules.default ./hosts/ahmed/configuration.nix ./hosts/common.nix ./home diff --git a/hosts/ahmed/configuration.nix b/hosts/ahmed/configuration.nix index 12eae60..cd36f7a 100644 --- a/hosts/ahmed/configuration.nix +++ b/hosts/ahmed/configuration.nix @@ -65,6 +65,10 @@ enable = true; useACME = true; }; + modules."hellohtml.linus.onl" = { + enable = true; + useACME = true; + }; # Configure ACME for various HTTPS services. security.acme = { diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 13476b5..0bce684 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -12,5 +12,6 @@ "linus.onl" = import ./linus.onl; "notifications.linus.onl" = import ./nofitications.linus.onl; "git.linus.onl" = import ./git.linus.onl; + "hellohtml.linus.onl" = import ./hellohtml.linus.onl; }; } diff --git a/modules/nixos/hellohtml.linus.onl/default.nix b/modules/nixos/hellohtml.linus.onl/default.nix new file mode 100644 index 0000000..f4a110e --- /dev/null +++ b/modules/nixos/hellohtml.linus.onl/default.nix @@ -0,0 +1,60 @@ +{ + lib, + config, + ... +}: let + inherit (lib) mkEnableOption mkIf; + + cfg = config.modules."hellohtml.linus.onl"; +in { + options.modules."hellohtml.linus.onl" = { + enable = mkEnableOption "hellohtml.linus.onl site"; + + useACME = mkEnableOption "built-in HTTPS stuff"; + }; + + config = mkIf cfg.enable { + # Start service listening on socket /tmp/hellohtml.sock + services.hellohtml = { + enable = true; + }; + + # Register domain name. + services.cloudflare-dyndns.domains = ["hellohtml.linus.onl"]; + + # Use NGINX as reverse proxy. + services.nginx.virtualHosts."hellohtml.linus.onl" = { + enableACME = cfg.useACME; + forceSSL = cfg.useACME; + locations."/" = rec { + proxyPass = "http://localhost:8538"; + # Disable settings that might mess with the text/event-stream response of the /listen/:id endpoint. + # NOTE: These settings work in tanden with Cloudflare Proxy settings descibed here: + # https://blog.devops.dev/implementing-server-sent-events-with-fastapi-nginx-and-cloudflare-10ede1dffc18 + extraConfig = '' + location /listen/ { + # Have to duplicate this here, as this directive is not inherited. + # See: https://blog.martinfjordvald.com/understanding-the-nginx-configuration-inheritance-model/ + # See: https://serverfault.com/q/1082562 + proxy_pass ${proxyPass}; + # Disable connection header. + # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Connection + # See: https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#no-keepalives + proxy_set_header Connection \'\'; + # Disable buffering. This is crucial for SSE to ensure that + # messages are sent immediately without waiting for a buffer to + # fill. + proxy_buffering off; + # Disable caching to ensure that all messages are sent and received + # in real-time without being cached by the proxy. + proxy_cache off; + # Set a long timeout for reading from the proxy to prevent the + # connection from timing out. You may need to adjust this value + # based on your specific requirements. + proxy_read_timeout 86400; + } + ''; + }; + }; + }; +} |