From ac09d221adb927773bd3d2774097c29b158d60f0 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Thu, 6 Jun 2024 11:39:20 +0200 Subject: [PATCH] feat: Upgrade machines to nixos-24.05 --- machines/web01/crabfit/default.nix | 26 +++++++++++++++++++++++--- meta/README.md | 15 +++++++++++++++ meta/nixpkgs.nix | 1 + meta/nodes.nix | 10 ++++++---- npins/sources.json | 8 +++++++- 5 files changed, 52 insertions(+), 8 deletions(-) diff --git a/machines/web01/crabfit/default.nix b/machines/web01/crabfit/default.nix index c162800..879ac36 100644 --- a/machines/web01/crabfit/default.nix +++ b/machines/web01/crabfit/default.nix @@ -1,4 +1,4 @@ -_: +{ config, ... }: { imports = [ ./packages ]; @@ -8,9 +8,29 @@ _: api.host = "api.meet.dgnum.eu"; frontend.host = "meet.dgnum.eu"; - - configureNginx = true; }; dgn-backups.postgresDatabases = [ "crabfit" ]; + + services.nginx = + let + cfg = config.services.crabfit; + in + { + enable = true; + + virtualHosts.${cfg.frontend.host} = { + enableACME = true; + forceSSL = true; + + locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.frontend.port}"; + }; + + virtualHosts.${cfg.api.host} = { + enableACME = true; + forceSSL = true; + + locations."/".proxyPass = "http://127.0.0.1:${builtins.toString cfg.api.port}"; + }; + }; } diff --git a/meta/README.md b/meta/README.md index 5e42560..5446d5a 100644 --- a/meta/README.md +++ b/meta/README.md @@ -34,6 +34,21 @@ TODO. Machines can use different versions of NixOS, the supported and default ones are specified here. +## How to add a new version + +- Switch to a new branch `nixos-$VERSION` +- Run the following command + +```bash +npins add channel nixos-$VERSION +``` + +- Edit `meta/nixpkgs.nix` and add `$VERSION` to the supported version. +- Read the release notes and check for changes. +- Update the nodes versions +- Create a PR so that the CI check that it builds + + # Nodes The nodes are declared statically, several options can be configured: diff --git a/meta/nixpkgs.nix b/meta/nixpkgs.nix index b8c6b43..4a90a79 100644 --- a/meta/nixpkgs.nix +++ b/meta/nixpkgs.nix @@ -6,5 +6,6 @@ supported = [ "unstable" "23.11" + "24.05" ]; } diff --git a/meta/nodes.nix b/meta/nodes.nix index 27449e4..f222066 100644 --- a/meta/nodes.nix +++ b/meta/nodes.nix @@ -27,7 +27,7 @@ stateVersion = "23.05"; vm-cluster = "Hyperviseur NPS"; - nix-modules = [ "services/crabfit" ]; + nixpkgs = "24.05"; }; compute01 = { @@ -35,6 +35,7 @@ stateVersion = "23.05"; nix-modules = [ "services/stirling-pdf" ]; + nixpkgs = "24.05"; }; geo01 = { @@ -42,7 +43,7 @@ deployment.tags = [ "geo" ]; stateVersion = "24.05"; - nixpkgs = "unstable"; + nixpkgs = "24.05"; }; geo02 = { @@ -50,12 +51,13 @@ deployment.tags = [ "geo" ]; stateVersion = "24.05"; - nixpkgs = "unstable"; + nixpkgs = "24.05"; }; storage01 = { site = "pav01"; stateVersion = "23.11"; + nixpkgs = "24.05"; nix-modules = [ "services/forgejo-nix-runners" ]; }; @@ -65,7 +67,7 @@ deployment.targetHost = "vault01.hyp01.infra.dgnum.eu"; stateVersion = "23.11"; - nixpkgs = "unstable"; + nixpkgs = "24.05"; adminGroups = [ "fai" ]; }; diff --git a/npins/sources.json b/npins/sources.json index e332a3c..9aab1e2 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -154,6 +154,12 @@ "url": "https://releases.nixos.org/nixos/23.11/nixos-23.11.6981.27c13997bf45/nixexprs.tar.xz", "hash": "1s4wn0m6bdzxl4rcxzmyy2fdschrdj3nqy6zl85xynaxkb0n1gpj" }, + "nixos-24.05": { + "type": "Channel", + "name": "nixos-24.05", + "url": "https://releases.nixos.org/nixos/24.05/nixos-24.05.984.0b8e7a1ae5a9/nixexprs.tar.xz", + "hash": "138iipwzsrpsnlvfhix76lgc3k1hv6k8i5a8hj15m3j5zm2snpmy" + }, "nixos-generators": { "type": "Git", "repository": { @@ -226,4 +232,4 @@ } }, "version": 3 -} \ No newline at end of file +}