M-Labs/it-infra
M-Labs
/
it-infra
8
0
Fork 4
Code Issues 12 Pull Requests 2 Releases Wiki Activity

Make hydra upload static website to m-labs-intl 

Signed-off-by: Egor Savkin <es@m-labs.hk>
This commit is contained in:
Egor Savkin 2024-06-19 15:17:42 +08:00
parent 28f07245c6
commit 2a4830ec55
4 changed files with 47 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
m-labs-intl/m-labs-intl.com
View File

@ -3,26 +3,14 @@ upstream rfq_server {
}
server {
root /var/www/m-labs-intl.com/html;
index index.html index.htm index.nginx-debian.html;
root /var/www/m-labs-intl.com/html;
index index.html index.htm index.nginx-debian.html;
server_name m-labs-intl.com www.m-labs-intl.com;
server_name m-labs-intl.com www.m-labs-intl.com;
location /rfq {
proxy_pass http://rfq_server/rfq;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 30;
proxy_connect_timeout 30;
proxy_send_timeout 30;
}
location / {
try_files $uri $uri/ =404;
}
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
@ -30,21 +18,43 @@ server {
ssl_certificate_key /etc/letsencrypt/live/m-labs-intl.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name hooks.m-labs-intl.com;
location /rfq {
proxy_pass http://rfq_server/rfq;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 30;
proxy_connect_timeout 30;
proxy_send_timeout 30;
}
location / {
return 404;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/m-labs-intl.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/m-labs-intl.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.m-labs-intl.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
listen 80;
listen [::]:80;
server_name m-labs-intl.com www.m-labs-intl.com;
return 301 https://$host$request_uri;
server_name m-labs-intl.com www.m-labs-intl.com;
return 301 https://$host$request_uri;
#return 404; # managed by Certbot
}

4
m-labs-intl/setup.sh
View File

@ -13,10 +13,6 @@ ln -s /etc/nginx/sites-available/m-labs-intl.com /etc/nginx/sites-enabled/
mkdir -p /var/www/m-labs-intl.com/html
chown -R zolaupd /var/www/m-labs-intl.com/
cp redeploy.sh /home/zolaupd/
chown zolaupd /home/zolaupd/redeploy.sh
chmod +x /home/zolaupd/redeploy.sh
cp runrfq.sh /home/rfqserver/
cp mail.secret /home/rfqserver/
chown rfqserver /home/rfqserver/runrfq.sh

10
nixbld-etc-nixos/configuration.nix
View File

@ -651,6 +651,16 @@ in
job = web:web:web
command = [ $(jq '.buildStatus' < $HYDRA_JSON) = 0 ] && ln -sfn $(jq -r '.outputs[0].path' < $HYDRA_JSON) ${hydraWwwOutputs}/web
</runcommand>
<runcommand>
job = web:web:web-intl
command = [ $(jq '.buildStatus' < $HYDRA_JSON) = 0 ] && export HOME=`mktemp -d` && \
mkdir $HOME/.ssh && \
cp /opt/hydra_id_ed25519 $HOME/.ssh/id_ed25519 && \
cp /opt/hydra_id_ed25519.pub $HOME/.ssh/id_ed25519.pub && \
echo "5.78.86.156 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMbV69aqkHdQ1T5lMuALyHjNowU1rottZtEV4OhKQ6Y" > $HOME/.ssh/known_hosts && \
chmod 600 $HOME/.ssh/id_ed25519 && \
rsync -r -c $(jq -r '.outputs[0].path' < $HYDRA_JSON) zolaupd@5.78.86.156:/var/www/m-labs-intl.com/html/
</runcommand>
<runcommand>
job = web:web:nmigen-docs
command = [ $(jq '.buildStatus' < $HYDRA_JSON) = 0 ] && ln -sfn $(jq -r '.outputs[0].path' < $HYDRA_JSON) ${hydraWwwOutputs}/nmigen-docs

1
nixbld-etc-nixos/named/m-labs-intl.com
View File

@ -18,3 +18,4 @@ ns A 94.190.212.123
ns AAAA 2001:470:18:390::2
www CNAME @
hooks CNAME @