thohlt/archtika
1
0
Fork 0
mirror of https://github.com/thiloho/archtika.git synced 2025-11-22 02:41:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Different Nix configurations for qs and prod

Browse Source
This commit is contained in:
thiloho
2024-09-15 14:23:54 +02:00
parent 756040e5ea
commit cc3687aaca
6 changed files with 57 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/deploy.yml vendored
View File

@@ -1,4 +1,4 @@
name: Deploy app to server name: Deploy to server
on: on:
workflow_run: workflow_run:
@@ -7,12 +7,13 @@ on:
branches: [ devel, main ] branches: [ devel, main ]
env: env:
SERVER_USER: root SERVER_USER: root
SERVER_IP: 128.140.75.240 QS_SERVER_IP: 128.140.75.240
PROD_SERVER_IP: 128.140.75.240
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.event == 'push' }} if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.event != 'pull_request' }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@@ -24,14 +25,14 @@ jobs:
- name: Install SSH Key - name: Install SSH Key
uses: shimataro/ssh-key-action@v2 uses: shimataro/ssh-key-action@v2
with: with:
key: ${{ secrets.DEMO_SERVER_SSH_KEY }} key: ${{ github.ref_name == 'devel' && secrets.QS_SSH_KEY || secrets.PROD_SSH_KEY }}
known_hosts: ${{ secrets.DEMO_SERVER_KNOWN_HOSTS }} known_hosts: ${{ github.ref_name == 'devel' && secrets.QS_KNOWN_HOSTS || secrets.PROD_KNOWN_HOSTS }}
- name: Deploy to demo server - name: Deploy to demo server
run: | run: |
nix run nixpkgs#nixos-rebuild -- switch \ nix run nixpkgs#nixos-rebuild -- switch \
--flake .#demo-server \ --flake .#$[ github.ref_name == 'devel' && 'qs' || 'prod' ] \
--fast \ --fast \
--build-host ${{ env.SERVER_USER }}@${{ env.SERVER_IP }} \ --build-host ${{ env.SERVER_USER }}@$[ github.ref_name == 'devel' && env.QS_SERVER_IP || env.PROD_SERVER_IP ] \
--target-host ${{ env.SERVER_USER }}@${{ env.SERVER_IP }} \ --target-host ${{ env.SERVER_USER }}@$[ github.ref_name == 'devel' && env.QS_SERVER_IP || env.PROD_SERVER_IP ] \
--use-remote-sudo --use-remote-sudo

11
flake.nix
View File

@@ -78,10 +78,17 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ ./nix/dev-vm.nix ]; modules = [ ./nix/dev-vm.nix ];
}; };
demo-server = nixpkgs.lib.nixosSystem { qs = nixpkgs.lib.nixosSystem {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
./nix/demo-server ./nix/deploy/qs
{ _module.args.localArchtikaPackage = self.packages."aarch64-linux".default; }
];
};
prod = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
./nix/deploy/prod
{ _module.args.localArchtikaPackage = self.packages."aarch64-linux".default; } { _module.args.localArchtikaPackage = self.packages."aarch64-linux".default; }
]; ];
}; };

19
nix/deploy/prod/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{ pkgs, localArchtikaPackage, ... }:
{
imports = [
./hardware-configuration.nix
../shared.nix
../../module.nix
];
networking.hostName = "archtika-prod";
services.archtika = {
enable = true;
package = localArchtikaPackage;
domain = "demo.archtika.com";
acmeEmail = "thilo.hohlt@tutanota.com";
dnsProvider = "porkbun";
dnsEnvironmentFile = /var/lib/porkbun.env;
};
}

19
nix/deploy/qs/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{ pkgs, localArchtikaPackage, ... }:
{
imports = [
./hardware-configuration.nix
../shared.nix
../../module.nix
];
networking.hostName = "archtika-qs";
services.archtika = {
enable = true;
package = localArchtikaPackage;
domain = "qs.archtika.com";
acmeEmail = "thilo.hohlt@tutanota.com";
dnsProvider = "porkbun";
dnsEnvironmentFile = /var/lib/porkbun.env;
};
}

0
nix/demo-server/hardware-configuration.nix → nix/deploy/qs/hardware-configuration.nix
View File

17
nix/demo-server/default.nix → nix/deploy/shared.nix
View File

@@ -1,10 +1,5 @@
{ pkgs, localArchtikaPackage, ... }: { pkgs, ... }:
{ {
imports = [
./hardware-configuration.nix
../module.nix
];
boot = { boot = {
loader = { loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
@@ -23,7 +18,6 @@
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
networking = { networking = {
hostName = "archtika-qs";
networkmanager.enable = true; networkmanager.enable = true;
firewall = { firewall = {
allowedTCPPorts = [ allowedTCPPorts = [
@@ -62,14 +56,5 @@
settings.PasswordAuthentication = false; settings.PasswordAuthentication = false;
}; };
services.archtika = {
enable = true;
package = localArchtikaPackage;
domain = "qs.archtika.com";
acmeEmail = "thilo.hohlt@tutanota.com";
dnsProvider = "porkbun";
dnsEnvironmentFile = /var/lib/porkbun.env;
};
system.stateVersion = "24.11"; system.stateVersion = "24.11";
} }