fix(web03/redirections): import module

fix(django-apps): Disable statedir backup until it is fixed
feat(django-apps): Add automatic backup
2024-12-22 15:16:48 +01:00 · 2024-12-21 17:18:32 +01:00 · 2024-12-21 08:24:11 +01:00 · 2024-12-20 16:45:53 +01:00 · 2024-12-20 13:33:57 +01:00
10 changed files with 65 additions and 6 deletions
--- a/machines/nixos/web03/_configuration.nix
+++ b/machines/nixos/web03/_configuration.nix
@ -13,6 +13,7 @@ lib.extra.mkConfig {
  enabledServices = [
    # List of services to enable
    "django-apps"
+    "redirections"
  ];

  extraConfig = {
--- a/machines/nixos/web03/django-apps/ernestophone.nix
+++ b/machines/nixos/web03/django-apps/ernestophone.nix
@ -17,7 +17,7 @@ in
  services.django-apps.sites.ernestophone = {
    source = "https://git.dgnum.eu/DGNum/ernestophone.ens.fr";
    branch = "update";
-    domain = "beta.ernestophone.fr";
+    domain = "ernestophone.ens.fr";

    nginx = {
      enableACME = true;
@ -59,7 +59,7 @@ in

    environment = {
      DJANGO_SETTINGS_MODULE = "Ernestophone.settings";
-      ERNESTOPHONE_ALLOWED_HOSTS = [ "beta.ernestophone.fr" ];
+      ERNESTOPHONE_ALLOWED_HOSTS = [ "ernestophone.ens.fr" ];
    };
  };
 }
--- a/machines/nixos/web03/redirections.nix
+++ b/machines/nixos/web03/redirections.nix
@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: 2024 Maurice Debray <maurice.debray@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-redirections = {
+    permanent = {
+      "www.ernestophone.ens.fr" = "ernestophone.ens.fr";
+    };
+  };
+}
--- a/machines/nixos/web03/secrets/bupstash-put_key
+++ b/machines/nixos/web03/secrets/bupstash-put_key
--- a/machines/nixos/web03/secrets/secrets.nix
+++ b/machines/nixos/web03/secrets/secrets.nix
@ -4,6 +4,7 @@

 (import ../../../../keys).mkSecrets [ "web03" ] [
  # List of secrets for web03
+  "bupstash-put_key"
  "dj_annuaire-secret_key_file"
  "dj_bocal-secret_key_file"
  "dj_ernestophone-secret_key_file"
--- a/modules/nixos/dgn-backups/default.nix
+++ b/modules/nixos/dgn-backups/default.nix
@ -11,7 +11,12 @@
 }:

 let
-  inherit (lib) mkEnableOption mkOption remove;
+  inherit (lib)
+    getExe'
+    mkEnableOption
+    mkOption
+    remove
+    ;

  inherit (lib.types)
    attrs
@ -34,6 +39,7 @@ let
    compute01 = "*-*-* *:38:00";
    storage01 = "*-*-* *:21:00";
    web01 = "*-*-* *:47:00";
+    web03 = "*-*-* *:13:00";
  };

  mkJobs = builtins.mapAttrs (
@ -93,7 +99,7 @@ in
      "${db}-db".settings = {
        user = "postgres";
        command = [
-          "${lib.getExe' config.services.postgresql.package "pg_dump"}"
+          (getExe' config.services.postgresql.package "pg_dump")
          db
        ];
      };
@ -113,6 +119,8 @@ in
              "storage01"
              "vault01"
              "web01"
+              "web02"
+              "web03"
            ];
            allowed = [ "put" ];
          }
--- a/modules/nixos/dgn-backups/keys/secrets.nix
+++ b/modules/nixos/dgn-backups/keys/secrets.nix
@ -6,4 +6,5 @@
  "compute01.key"
  "storage01.key"
  "web01.key"
+  "web03.key"
 ]
--- a/modules/nixos/dgn-backups/keys/web03.key
+++ b/modules/nixos/dgn-backups/keys/web03.key
@ -0,0 +1,28 @@
+age-encryption.org/v1
+-> ssh-ed25519 jIXfPA CuALmA0MhxnWOn91YhtxAyn1h3xkoiuRoo4Ew1Eu32Q
+TRZxY9rF3NM9ulaA6s6SUetVcLT0He9yGaDZ38T9F6A
+-> ssh-ed25519 QlRB9Q TNA65R5tFs+KXJklNgfPPF12W52Fk6w7epstVzk9Ojw
+SD3IW1+ngBUkbBJz+53zDFVhne6b5rfVi2ym0UjTwLM
+-> ssh-ed25519 r+nK/Q b67auhVkYiVwthLGP3z719Ql/kHZQbxuJJgL7NzZiVc
+kl0ML0yd+QqBm9VZwMcMrZ8uuQkbJySaa9kI4RQFOak
+-> ssh-rsa krWCLQ
+NfHVOPshS0CR3ATrPcYAAiX/kAbgqw6mEVhxdTnvbWa8cPpblUpO/gm4UqW2vP0Q
+XUfvOCgH6ur3joLf/NylqwZ0UkQhmNj2hu8cOtjC4KgTohkMkZZmHlFKM9e3PuSS
+ZMx0GraugdTUD/ViCplwVxFPBUUblLcAuYx/BcV1hTb0ctbN9afi8DVzuSxoalDj
+Jy1UakJU0OwguB+ctv9kZcyLyV7zjchiq+dAoIDvkw0Z9bTCz7xhQ6uXAE7ahp3H
+rvycD/ZkK7h6yhg78x2lIBHP3sPaY3DFMFW9bDLtHYox22RVcm6/7oPbv0hTQ8ob
+n4Q7MWPF4vL1Xz9zyksetQ
+-> ssh-ed25519 /vwQcQ YvQmf/qYc6DVQT0gFPGuakvgDg/A76tor3f0+nTjbH4
+lMQoOb/kimcsSmNnUsUW7XmVdhLMee/s4NACiKi0Xls
+-> ssh-ed25519 0R97PA LzA+wuKlE3cEOpvGEW29/rx3qCU1X32F8HwJNic2Glg
+VOBmCcrtGrUk3ERWJL4QszdDtJrfoI/f1xA+X+a+PQk
+-> ssh-ed25519 JGx7Ng MIxNmk0eTtCUMHiWzklS2zNWdf16EHeOtere8cRoNSk
+X+gf1Ts9n2U+h6a0herR+WuiRXFS5BhicGKxpHQtQzM
+-> ssh-ed25519 bUjjig uSweFovyFxnz7Pqc/MCEE5/ZKgEblqs8xb1Ni+qrhS0
+AUhBDt7YN4x6k34g7mERYbn7rPVPZMmVvmZD668blRs
+-> m-grease \ %<B.PbZ ^G= >nhHA<}
+KhUslr0J28p4r62y0bCKOg2jGOx6M7deQ9Y8gfQ9oi7WYiEygoMghWdUP0lnzh3i
+a+rpJNPtRCIFScDWMazSvnmN6y5Y7W3dmOgLH8aN
+--- +/Cw6vq7b3Kn4D3/ogaSPxfxHBF0YxLXTxiskuD0vHg
+ðÎN½UÉÏôbÈ!D~Ò<>¬‰æ¿AàµŸ¥1¯,ÙÍòe;y)N$Ô–NøO]9C_l{ œÎ„'Ù-÷q³‹<È°¢:¯ÊMÕ¯Á%ïqŒ¸Œ™í®“‰"Ûªð¦˜A®ÜMhè,iì<69>¦<EFBFBD>S9šÜyp&r	/ŒÜÃ‚lÙîÂ!.oƒ…ô¥èAº‰µ{#ƒt<08>ú¶–é4eA-ÆFšßÔ9+ˆ—"¿e¥7»pÏüN”¢BÚ×Ë¶¾Úþ•OÝŸæOIÊ
kDèŒæ‹ˆZ=Pq—ðšQ üGB’²OÅj×ÒhHû+¡ëX<C3AB>¿‰LÎ¬¶ÎP™ 4ÿÐX$¢Áy©÷ßÀxoÞáÄÍ	<09>Æ–Üˆ]Ã¢»_‚µ³
\¼M<C2BC>7m.ByŽºlCr†-ŽHM¤“ãuªùu…+X}¦oÛgg.ÌŠG/$¯LXözÁBâ…¾¿¹sÔá©DÉÈK„Ç>þeü~2‡+WÂ–ÿ‚©¹ƒÏq<C38F>Ï¢òPßSÕîRÆIñD  {"jD¡‹ƒÉŸ9 åÈ<C3A5>¥= ¬SüÒ=<3D>®—HtHÕêbs¬Ÿµ£+èTÑãà0OŒ :¬£}˜mÓp«©ž¶
+z¥DÄ‹ƒÇ§±÷žmSå™8èïa±ípë2ÝÞ”° d°ÈÍÕSùròz½²í	v#ÇÎœsñíÎÕ‰
0æMù¿ÂÎfÚA%Ó
™Ö³ïçD…ë‰†P<E280A0>drŠ£ÌX’IW±HôG©¾\IÑ8_ª„Lœ8Š	Ù1MÚÚíôµMêz)ö$ì{ªM{S|b=ÙÃªÏkô*ïO”{Úêz•ª2:6}#–>_¨Ë-$ÇªÈÑV‰ãp¨²("Wé«U[>>¤žÌ0Qh°-‰ê]¤§ªÞ†r;d&T¡£vÝ-i†Å]šû$ó°$<24>½aè™E94žéé`žçÐ<>í=!p©Æ[£ºqÖÏ›¦?U•/ÏkÀ… ÍwÓ^¥ZµÚIJèG¬lœiÇâè‘…€ö4C÷áb…ÑF÷´ªà+!Ót<C393>\¶t1ôc¡¯îSÇ~ž€+Òwª‘Ñ·[5¡jùû
g6†&©¯o¼´˜±ôÃ
--- a/modules/nixos/django-apps/default.nix
+++ b/modules/nixos/django-apps/default.nix
@ -732,5 +732,14 @@ in
          ) config.extraServices)
        ) cfg.sites);
    };
+
+    dgn-backups = {
+      # jobs = mapAttrs' (
+      #   name: _: nameValuePair "dj-${name}" { settings.paths = [ "/var/lib/private/django-apps/${name}" ]; }
+      # ) cfg.sites;
+      postgresDatabases = builtins.map (name: "dj-${name}") (
+        attrNames (filterAttrs (_: { dbType, ... }: dbType == "postgresql") cfg.sites)
+      );
+    };
  };
 }
--- a/npins/sources.json
+++ b/npins/sources.json
@ -346,9 +346,9 @@
        "url": "https://git.dgnum.eu/mdebray/stateless-uptime-kuma"
      },
      "branch": "master",
-      "revision": "880f444ff7862d6127b051cf1a993ad1585b1652",
+      "revision": "d378d1ce00c676fa22ef0808cf73f3e1c34e0191",
      "url": null,
-      "hash": "166057469hhxnyqbpd7jjlccdmigzch51616n1d5r617xg0y1mwp"
+      "hash": "00k5i3n1g869g4070ryfdwqnk3k78fan1s8pqmnbq2m7m29hmb8f"
    },
    "wp4nix": {
      "type": "Git",
Author	SHA1	Message	Date
sinavir	383911d619	fix(web03/redirections): import module All checks were successful Build all the nodes / ap01 (push) Successful in 1m31s Details Build all the nodes / geo01 (push) Successful in 2m11s Details Build all the nodes / bridge01 (push) Successful in 2m13s Details Build all the nodes / geo02 (push) Successful in 2m11s Details Build all the nodes / hypervisor01 (push) Successful in 2m19s Details Build all the nodes / compute01 (push) Successful in 2m41s Details Build all the nodes / netcore02 (push) Successful in 28s Details Build all the nodes / hypervisor02 (push) Successful in 1m31s Details Build all the nodes / hypervisor03 (push) Successful in 1m31s Details Build all the nodes / rescue01 (push) Successful in 1m49s Details Build all the nodes / storage01 (push) Successful in 1m51s Details Build all the nodes / vault01 (push) Successful in 1m52s Details Run pre-commit on all files / pre-commit (push) Successful in 39s Details Build all the nodes / web01 (push) Successful in 2m9s Details Build all the nodes / web02 (push) Successful in 1m38s Details Build all the nodes / web03 (push) Successful in 1m42s Details	2024-12-22 15:16:48 +01:00
Tom Hubrecht	5fa7ccb8e7	fix(django-apps): Disable statedir backup until it is fixed All checks were successful Build all the nodes / ap01 (push) Successful in 1m21s Details Build all the nodes / geo02 (push) Successful in 2m7s Details Build all the nodes / bridge01 (push) Successful in 2m9s Details Build all the nodes / geo01 (push) Successful in 2m9s Details Build all the nodes / hypervisor01 (push) Successful in 2m13s Details Build all the nodes / netcore02 (push) Successful in 33s Details Build all the nodes / compute01 (push) Successful in 2m46s Details Build all the nodes / hypervisor02 (push) Successful in 1m28s Details Build all the nodes / hypervisor03 (push) Successful in 1m55s Details Build all the nodes / rescue01 (push) Successful in 2m9s Details Build all the nodes / storage01 (push) Successful in 2m7s Details Build all the nodes / vault01 (push) Successful in 1m55s Details Build all the nodes / web02 (push) Successful in 1m59s Details Run pre-commit on all files / pre-commit (push) Successful in 37s Details Build all the nodes / web01 (push) Successful in 2m35s Details Build all the nodes / web03 (push) Successful in 1m36s Details	2024-12-21 17:18:32 +01:00
Tom Hubrecht	e19100f856	feat(django-apps): Add automatic backup All checks were successful Build all the nodes / geo01 (pull_request) Successful in 1m41s Details Build all the nodes / compute01 (pull_request) Successful in 2m19s Details Build all the nodes / geo02 (pull_request) Successful in 1m29s Details Build all the nodes / netcore02 (pull_request) Successful in 31s Details Build all the nodes / hypervisor01 (pull_request) Successful in 1m28s Details Build all the nodes / hypervisor02 (pull_request) Successful in 1m35s Details Build all the nodes / hypervisor03 (pull_request) Successful in 1m31s Details Build all the nodes / rescue01 (pull_request) Successful in 1m47s Details Build all the nodes / storage01 (pull_request) Successful in 1m50s Details Build all the nodes / vault01 (pull_request) Successful in 1m47s Details Run pre-commit on all files / pre-commit (pull_request) Successful in 35s Details Build all the nodes / web01 (pull_request) Successful in 2m16s Details Build all the nodes / web02 (pull_request) Successful in 1m36s Details Build all the nodes / web03 (pull_request) Successful in 1m53s Details Build all the nodes / ap01 (push) Successful in 1m17s Details Build all the nodes / geo02 (push) Successful in 1m53s Details Build all the nodes / geo01 (push) Successful in 1m56s Details Build all the nodes / bridge01 (push) Successful in 2m1s Details Build all the nodes / compute01 (push) Successful in 2m30s Details Build all the nodes / netcore02 (push) Successful in 30s Details Build all the nodes / hypervisor01 (push) Successful in 1m35s Details Build all the nodes / hypervisor02 (push) Successful in 1m43s Details Build all the nodes / hypervisor03 (push) Successful in 1m42s Details Build all the nodes / rescue01 (push) Successful in 2m5s Details Build all the nodes / storage01 (push) Successful in 2m8s Details Build all the nodes / vault01 (push) Successful in 1m51s Details Run pre-commit on all files / pre-commit (push) Successful in 37s Details Build all the nodes / web02 (push) Successful in 1m42s Details Build all the nodes / web01 (push) Successful in 2m18s Details Build all the nodes / web03 (push) Successful in 1m33s Details	2024-12-21 08:24:11 +01:00
sinavir	3085d9e3a8	feat(dj-apps/ernestophone): Switch to production All checks were successful Build all the nodes / ap01 (push) Successful in 1m14s Details Build all the nodes / bridge01 (push) Successful in 1m55s Details Build all the nodes / geo01 (push) Successful in 1m57s Details Build all the nodes / geo02 (push) Successful in 1m59s Details Build all the nodes / compute01 (push) Successful in 2m29s Details Build all the nodes / netcore02 (push) Successful in 32s Details Build all the nodes / hypervisor01 (push) Successful in 1m30s Details Build all the nodes / hypervisor02 (push) Successful in 1m34s Details Build all the nodes / hypervisor03 (push) Successful in 1m36s Details Build all the nodes / vault01 (push) Successful in 1m56s Details Build all the nodes / rescue01 (push) Successful in 2m10s Details Build all the nodes / storage01 (push) Successful in 2m10s Details Build all the nodes / web02 (push) Successful in 1m42s Details Run pre-commit on all files / pre-commit (push) Successful in 41s Details Build all the nodes / web01 (push) Successful in 2m15s Details Build all the nodes / web03 (push) Successful in 1m49s Details	2024-12-20 16:45:53 +01:00
Tom Hubrecht	31e3aabc8f	chore(npins): Update stateless-uptime-kuma All checks were successful Build all the nodes / ap01 (push) Successful in 1m4s Details Build all the nodes / bridge01 (push) Successful in 1m48s Details Build all the nodes / geo01 (push) Successful in 1m48s Details Build all the nodes / compute01 (push) Successful in 2m14s Details Build all the nodes / geo02 (push) Successful in 1m25s Details Build all the nodes / netcore02 (push) Successful in 36s Details Build all the nodes / hypervisor02 (push) Successful in 1m46s Details Build all the nodes / hypervisor01 (push) Successful in 1m47s Details Build all the nodes / hypervisor03 (push) Successful in 1m31s Details Build all the nodes / rescue01 (push) Successful in 1m54s Details Build all the nodes / vault01 (push) Successful in 1m45s Details Build all the nodes / storage01 (push) Successful in 1m50s Details Run pre-commit on all files / pre-commit (push) Successful in 36s Details Build all the nodes / web01 (push) Successful in 2m21s Details Build all the nodes / web02 (push) Successful in 1m53s Details Build all the nodes / web03 (push) Successful in 1m41s Details This version has exponential backoff for trying to connect to the upstream server	2024-12-20 13:33:57 +01:00