diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix
index 706b64c..8501e9c 100644
--- a/nixbld-etc-nixos/configuration.nix
+++ b/nixbld-etc-nixos/configuration.nix
@@ -4,14 +4,12 @@
{ config, pkgs, ... }:
-let
- hydraWwwOutputs = "/var/www/hydra-outputs";
-in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./homu/nixos-module.nix
+ ./hydra-www-outputs.nix
];
# Use the systemd-boot EFI boot loader.
@@ -139,25 +137,20 @@ ACTION=="add", SUBSYSTEM=="tty", \
''
binary_cache_secret_key_file = /etc/nixos/secret/nixbld.m-labs.hk-1
max_output_size = 5500000000
-
-
- job = artiq:main:artiq-manual-html
- command = ln -sf $(jq -r '.outputs[0].path' < $HYDRA_JSON) ${hydraWwwOutputs}/artiq-manual-html-beta
-
-
- job = artiq:main:artiq-manual-latexpdf
- command = ln -sf $(jq -r '.outputs[0].path' < $HYDRA_JSON) ${hydraWwwOutputs}/artiq-manual-latexpdf-beta
-
'';
};
- systemd.services.hydra-www-outputs-init = {
- description = "Set up a hydra-owned directory for build outputs";
- wantedBy = [ "multi-user.target" ];
- requiredBy = [ "hydra-queue-runner.service" ];
- before = [ "hydra-queue-runner.service" ];
- serviceConfig = {
- Type = "oneshot";
- ExecStart = [ "${pkgs.coreutils}/bin/mkdir -p ${hydraWwwOutputs}" "${pkgs.coreutils}/bin/chown hydra-queue-runner:hydra ${hydraWwwOutputs}" ];
+ services.hydraWwwOutputs = {
+ "m-labs.hk" = {
+ "artiq-manual-beta-html" = {
+ job = "artiq:main:artiq-manual-html";
+ httpPath = "/artiq/manual-beta";
+ outputPath = "share/doc/artiq-manual/html";
+ };
+ "artiq-manual-beta-latexpdf" = {
+ job = "artiq:main:artiq-manual-latexpdf";
+ httpPath = "/artiq/manual-beta.pdf";
+ outputPath = "share/doc/artiq-manual/ARTIQ.pdf";
+ };
};
};
@@ -230,8 +223,6 @@ ACTION=="add", SUBSYSTEM=="tty", \
locations."/gateware.html".extraConfig = ''
return 301 /migen/;
'';
- locations."/artiq/manual-beta".alias = "${hydraWwwOutputs}/artiq-manual-html-beta/share/doc/artiq-manual/html";
- locations."/artiq/manual-beta.pdf".alias = "${hydraWwwOutputs}/artiq-manual-latexpdf-beta/share/doc/artiq-manual/ARTIQ.pdf";
};
"www.m-labs.hk" = {
addSSL = true;
diff --git a/nixbld-etc-nixos/hydra-www-hook.sh b/nixbld-etc-nixos/hydra-www-hook.sh
new file mode 100755
index 0000000..2506e3c
--- /dev/null
+++ b/nixbld-etc-nixos/hydra-www-hook.sh
@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Argument 1:
+CONF=$1
+# Argument 2: HTTP location
+LOCATION=$2
+# Argument 3: HTTP alias target within the derivation output
+HTTP_PATH=$3
+# Get path of first output
+OUTPUT=$(jq -r '.outputs[0].path' < $HYDRA_JSON)
+HASH=${OUTPUT:11:32}
+ROOT="$OUTPUT/$HTTP_PATH"
+
+cat > $CONF <
+ job = ${cfg.job}
+ command = ${hook}/bin/hydra-www-hook.sh ${hydraWwwOutputs}/${name}.conf ${cfg.httpPath} ${cfg.outputPath}
+
+ '') cfg.${vhost}
+ )) (builtins.attrNames cfg)
+ );
+ };
+
+ config.systemd.services.hydra-www-outputs-init = {
+ description = "Set up a hydra-owned directory for build outputs";
+ wantedBy = [ "multi-user.target" ];
+ requiredBy = [ "hydra-queue-runner.service" ];
+ before = [ "hydra-queue-runner.service" ];
+ serviceConfig = {
+ Type = "oneshot";
+ ExecStart = [
+ "${pkgs.coreutils}/bin/mkdir -p ${hydraWwwOutputs}"
+ ] ++
+ (builtins.concatMap (vhost:
+ map (name:
+ "${pkgs.coreutils}/bin/touch ${hydraWwwOutputs}/${name}.conf"
+ ) (builtins.attrNames cfg.${vhost})
+ ) (builtins.attrNames cfg)) ++ [
+ "${pkgs.coreutils}/bin/chown -R hydra-queue-runner:hydra ${hydraWwwOutputs}"
+ ];
+ };
+ };
+
+ # Allow the hook to reload nginx
+ config.security.sudo.extraRules = [ {
+ users = [ "hydra-queue-runner" ];
+ commands = [ {
+ command = "${config.systemd.package}/bin/systemctl reload nginx";
+ options = [ "NOPASSWD" ];
+ } ];
+ } ];
+
+ config.services.nginx = {
+ virtualHosts = builtins.mapAttrs (vhost: cfg': {
+ extraConfig = builtins.concatStringsSep "\n" (
+ map (name:
+ "include ${hydraWwwOutputs}/${name}.conf;"
+ ) (builtins.attrNames cfg')
+ );
+ }) cfg;
+ };
+}