deployable to fly.io

vivlim · Dec 5, 2022 · 7558ee8 · 7558ee8
1 parent b0f2b8c
commit 7558ee8
Show file tree

Hide file tree

Showing 4 changed files with 169 additions and 41 deletions.
diff --git a/flake.nix b/flake.nix
@@ -14,57 +14,94 @@
             };
     in
         (flake-utils.lib.eachDefaultSystem (system:
-            let pkgs = import nixpkgs { inherit system; };
+            let 
+                pkgs = import nixpkgs { inherit system; };
+                buildAndDeployScript = pkgs.writeShellScriptBin "nitter_fly" 
+                ''
+                    nix build .#containers.x86_64-linux.nitter_fly
+                    if [ $? -ne 0 ]; then echo "build failed" && exit 1; fi
+                    ./result | docker load
+                    if [ $? -ne 0 ]; then echo "loading image failed" && exit 1; fi
+                    ${pkgs.flyctl}/bin/flyctl deploy --local-only
+                    if [ $? -ne 0 ]; then echo "deployment failed" && exit 1; fi
+                '';
+                runLocalScript = pkgs.writeShellScriptBin "nitter_local" 
+                ''
+                    nix build .#containers.x86_64-linux.nitter_dev
+                    if [ $? -ne 0 ]; then echo "build failed" && exit 1; fi
+                    ./result | docker load
+                    if [ $? -ne 0 ]; then echo "loading image failed" && exit 1; fi
+                    docker run -it -p 127.0.0.1:16969:16969 nitter-nixos:dev
+                    if [ $? -ne 0 ]; then echo "running failed" && exit 1; fi
+                '';
             in {
-                containers = {
-                    nitter = let
-                        nixosSystem = (nixConfigs.nitter { inherit system; }).config.system.build.toplevel;
+                containers = (let
+                    nixosSystem = (nixConfigs.nitter { inherit system; }).config.system.build.toplevel;
+
+                    unitRunner = unitName: let 
+                        script = pkgs.runCommand "scriptified-${unitName}.sh" {} ''
+                        ${pkgs.python3}/bin/python ${./systemd-unit-scriptifier.py} --unit ${nixosSystem}/etc/systemd/system/${unitName}.service --out $out
+                    '';
+                    in "/bin/sh ${script}";
 
-                        unitRunner = unitName: let 
-                            script = pkgs.runCommand "scriptified-${unitName}.sh" {} ''
-                            ${pkgs.python3}/bin/python ${./systemd-unit-scriptifier.py} --unit ${nixosSystem}/etc/systemd/system/${unitName}.service --out $out
-                        '';
-                        in "/bin/sh ${script}";
+                    procfile = pkgs.writeText "Procfile"
+                    ''
+                        nitter: sleep 10 && ${unitRunner "nitter"}
+                        redis: ${unitRunner "redis-nitter"}
+                        sh: /bin/sh
+                        netdata: ${unitRunner "netdata"}
+                    '';
 
-                        procfile = pkgs.writeText "Procfile"
-                        ''
-                            sh: /bin/sh
-                            bb: ${pkgs.busybox}/bin/busybox sh
-                            nitter: ${unitRunner "nitter"}
-                            redis: ${unitRunner "redis-nitter"}
-                        '';
+                    entry = pkgs.writeShellScriptBin "entry" ''
+                        # install busybox
+                        #${pkgs.busybox}/bin/busybox mkdir /bin
+                        #${pkgs.busybox}/bin/busybox mkdir /sbin
+                        #${pkgs.busybox}/bin/busybox --install -s
 
-                        entry = pkgs.writeShellScriptBin "entry" ''
-                            # install busybox
-                            #${pkgs.busybox}/bin/busybox mkdir /bin
-                            #${pkgs.busybox}/bin/busybox mkdir /sbin
-                            #${pkgs.busybox}/bin/busybox --install -s
+                        # activate rootfs. it doesn't work completely, but many files will be in place.
+                        ${nixosSystem}/activate
 
-                            # activate rootfs. it doesn't work completely, but many files will be in place.
-                            ${nixosSystem}/activate
+                        # fixups
+                        ${pkgs.busybox}/bin/busybox rm -rf /bin # remove existing /bin so we don't get /bin/bin
+                        ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/bin /
+                        ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/sbin /
+                        ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/lib /
+                        source /etc/profile
 
-                            # fixups
-                            ${pkgs.busybox}/bin/busybox rm -rf /bin # remove existing /bin so we don't get /bin/bin
-                            ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/bin /
-                            ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/sbin /
-                            ${pkgs.busybox}/bin/busybox ln -s ${nixosSystem}/sw/lib /
-                            source /etc/profile
+                        cp ${procfile} /Procfile
+                        export OVERMIND_SOCKET=/tmp/.overmind.sock
 
-                            cp ${procfile} /Procfile
-                            export OVERMIND_SOCKET=/tmp/.overmind.sock
+                        if [ "$1" == "interactive" ]; then
                             OVERMIND_ANY_CAN_DIE=1 ${pkgs.overmind}/bin/overmind s -D
+                            sleep 3
                             ${pkgs.overmind}/bin/overmind c
-                            echo "this is fallback shell"
-                            /bin/sh
-                        '';
-                    in pkgs.dockerTools.streamLayeredImage {
-                        name = "nitter-nixos";
-                        tag = "dev";
-                        config = {
-                            Cmd = [ "${entry}/bin/entry" ];
+                        else
+                            ${pkgs.overmind}/bin/overmind s
+                        fi
+                    '';
+                    in {
+                        nitter_dev = pkgs.dockerTools.streamLayeredImage {
+                            name = "nitter-nixos";
+                            tag = "dev";
+                            config = {
+                                Cmd = [ "${entry}/bin/entry" "interactive" ];
+                            };
                         };
-                    };
+                        nitter_fly = pkgs.dockerTools.streamLayeredImage {
+                            name = "nitter-nixos";
+                            tag = "fly";
+                            config = {
+                                Cmd = [ "${entry}/bin/entry" ];
+                            };
+                        };
+                    });
+
+                devShell = pkgs.mkShell {
+                    buildInputs = with pkgs; [flyctl buildAndDeployScript runLocalScript];
+                    shellHook = ''
+                    '';
                 };
+
 
             }) // {
             # for use with nixos-container create --bridge br0 --flake .#nitter nitter

diff --git a/fly.toml b/fly.toml
@@ -0,0 +1,67 @@
+# fly.toml file generated for viviridian-nixos-nitter on 2022-12-04T12:49:22-08:00
+
+app = "viviridian-nixos-nitter"
+kill_signal = "SIGINT"
+kill_timeout = 5
+processes = []
+
+[build]
+  image = "nitter-nixos:fly"
+
+[env]
+
+[experimental]
+  allowed_public_ports = []
+  auto_rollback = true
+
+[[services]]
+  http_checks = []
+  internal_port = 16969
+  processes = ["app"]
+  protocol = "tcp"
+  script_checks = []
+  [services.concurrency]
+    hard_limit = 25
+    soft_limit = 20
+    type = "connections"
+
+  [[services.ports]]
+    force_https = true
+    handlers = ["http"]
+    port = 80
+
+  [[services.ports]]
+    handlers = ["tls", "http"]
+    port = 443
+
+  [[services.tcp_checks]]
+    grace_period = "5s"
+    interval = "15s"
+    restart_limit = 0
+    timeout = "15s"
+
+[[services]]
+  http_checks = []
+  internal_port = 19999
+  processes = ["app"]
+  protocol = "tcp"
+  script_checks = []
+  [services.concurrency]
+    hard_limit = 25
+    soft_limit = 20
+    type = "connections"
+
+  [[services.ports]]
+    force_https = true
+    handlers = ["http"]
+    port = 19998
+
+  [[services.ports]]
+    handlers = ["tls", "http"]
+    port = 19999
+
+  [[services.tcp_checks]]
+    grace_period = "1s"
+    interval = "15s"
+    restart_limit = 0
+    timeout = "2s"
diff --git a/nitter.nix b/nitter.nix
@@ -6,11 +6,35 @@
         server = {
             title = "bird";
             port = 16969;
+            hostname = "bird.vvn.space";
+            https = true;
+        };
+        preferences = {
+            theme = "Dracula";
         };
         openFirewall = true;
         redisCreateLocally = true;
     };
 
+    services.netdata = {
+        enable = true;
+        config = {
+            global = {
+                hostname = "bird.vvn.space";
+            };
+            db = {
+                mode = "dbengine";
+                "update every" = 5;
+            };
+            web = {
+                "respect do not track policy" = "yes";
+            };
+            ml = {
+                enabled = "no";
+            };
+        };
+    };
+
     environment.systemPackages = with pkgs; [
         htop
         busybox

diff --git a/systemd-unit-scriptifier.py b/systemd-unit-scriptifier.py
@@ -37,7 +37,7 @@ def write_script(target_path, interpreter):
         mkdir_and_set_env_var(f, f"/run/{unit_name}", "RUNTIME_DIRECTORY")
         mkdir_and_set_env_var(f, f"/var/lib/{unit_name}", "STATE_DIRECTORY")
         mkdir_and_set_env_var(f, f"/var/cache/{unit_name}", "CACHE_DIRECTORY")
-        mkdir_and_set_env_var(f, f"/var/logs/{unit_name}", "LOGS_DIRECTORY")
+        mkdir_and_set_env_var(f, f"/var/log/{unit_name}", "LOGS_DIRECTORY")
         mkdir_and_set_env_var(f, f"/etc/{unit_name}", "CONFIGURATION_DIRECTORY")
 
         if "User" in unit["Service"]: