From 51788a4041712c188cda46633ec93354df2e61ac Mon Sep 17 00:00:00 2001 From: Price Hiller Date: Wed, 7 Aug 2024 18:17:21 -0500 Subject: [PATCH] feat(host/luna): add lakewatch api and scraper --- flake.lock | 351 ++++++++++++++++++++-- flake.nix | 10 + hosts/luna/modules/services/lakewatch.nix | 22 ++ secrets/default.nix | 1 + secrets/hosts/luna/lakewatch-db-pass.age | 16 + 5 files changed, 372 insertions(+), 28 deletions(-) create mode 100644 hosts/luna/modules/services/lakewatch.nix create mode 100644 secrets/hosts/luna/lakewatch-db-pass.age diff --git a/flake.lock b/flake.lock index 422f4b0f..92b95395 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "advisory-db": { + "flake": false, + "locked": { + "lastModified": 1718457093, + "narHash": "sha256-UpZdIss5nqm2Gl3swnmRTPqIpxVpMq/IP7RpMnSEPE0=", + "owner": "rustsec", + "repo": "advisory-db", + "rev": "463e8405f85bb74eef17149f7e704b07723ce46e", + "type": "github" + }, + "original": { + "owner": "rustsec", + "repo": "advisory-db", + "type": "github" + } + }, "agenix": { "inputs": { "agenix": "agenix_2", @@ -72,11 +88,11 @@ "bob": { "flake": false, "locked": { - "lastModified": 1721114185, - "narHash": "sha256-/mR0bjCr3Rfi9sJWzzNdNDwkSBq6fwN7ItrTFb8ZWdU=", + "lastModified": 1722510844, + "narHash": "sha256-2NVhqwP8vVeTbCp+jSq2KB0HCts2AebQDjwRDbagej8=", "owner": "MordechaiHadad", "repo": "bob", - "rev": "0119f3be0098bf67dd880c0e84a23da93be67d1d", + "rev": "fa36734f73c609323310a29fe8e29a395535761d", "type": "github" }, "original": { @@ -106,6 +122,27 @@ "type": "github" } }, + "crane_2": { + "inputs": { + "nixpkgs": [ + "lakewatch-api", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1718474113, + "narHash": "sha256-UKrfy/46YF2TRnxTtKCYzqf2f5ZPRRWwKCCJb7O5X8U=", + "owner": "ipetkov", + "repo": "crane", + "rev": "0095fd8ea00ae0a9e6014f39c375e40c2fbd3386", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "darwin": { "inputs": { "nixpkgs": [ @@ -156,11 +193,11 @@ ] }, "locked": { - "lastModified": 1721871128, - "narHash": "sha256-NyWVCnSeePnJHGJxZ0l3zdGQGrVjUcx2IJbV8KIsPf0=", + "lastModified": 1722821805, + "narHash": "sha256-FGrUPUD+LMDwJsYyNSxNIzFMldtCm8wXiQuyL2PHSrM=", "owner": "nix-community", "repo": "disko", - "rev": "55e874b9c14764cb791e5740f0e92202e41393fc", + "rev": "0257e44f4ad472b54f19a6dd1615aee7fa48ed49", "type": "github" }, "original": { @@ -180,11 +217,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1722012991, - "narHash": "sha256-YVmVoRpMHDlWAWcwOc1Nr6mDMMVsR9CdUUkCrMWtR4I=", + "lastModified": 1722964308, + "narHash": "sha256-EmSqUCbv8uqz5WiE5zk/I443UXUyvyE5K4uD7H1AV1c=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "44914c003e0e3287f913621b1ef5cc995af465ef", + "rev": "1a0e4480b35557950f3f427888da596d85fbdbf1", "type": "github" }, "original": { @@ -193,6 +230,30 @@ "type": "github" } }, + "fenix": { + "inputs": { + "nixpkgs": [ + "lakewatch-api", + "nixpkgs" + ], + "rust-analyzer-src": [ + "lakewatch-api" + ] + }, + "locked": { + "lastModified": 1723012113, + "narHash": "sha256-AJGsmwDnheWMjZWUqgiGtBjbxMmvLvMp5WJhmTRhJ4w=", + "owner": "nix-community", + "repo": "fenix", + "rev": "3dab4ada5b0c5a22d56dbfd7e140c16f3df2e69a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -334,6 +395,60 @@ "type": "github" } }, + "flake-utils_5": { + "inputs": { + "systems": "systems_7" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_6": { + "inputs": { + "systems": "systems_8" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_7": { + "inputs": { + "systems": "systems_10" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "freetype2": { "flake": false, "locked": { @@ -428,11 +543,11 @@ ] }, "locked": { - "lastModified": 1721996913, - "narHash": "sha256-eqbhEBObarS6WsI0J1PVACQ8fXeq9OmSS0+iXBegoOI=", + "lastModified": 1722936497, + "narHash": "sha256-UBst8PkhY0kqTgdKiR8MtTBt4c1XmjJoOV11efjsC/o=", "owner": "nix-community", "repo": "home-manager", - "rev": "bc2b96acda50229bc99925dde5c8e561e90b0b00", + "rev": "a6c743980e23f4cef6c2a377f9ffab506568413a", "type": "github" }, "original": { @@ -456,6 +571,56 @@ "type": "github" } }, + "lakewatch-api": { + "inputs": { + "advisory-db": "advisory-db", + "crane": "crane_2", + "fenix": "fenix", + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "dir": "LakeWatchAPI", + "lastModified": 1723072340, + "narHash": "sha256-PeXLTbKclSQm+HeoGFjkE3K6DbMxk3ya5gwkCdV2HHk=", + "ref": "refs/heads/main", + "rev": "4250443162f670939f8d1a2c5e30977e35be98cb", + "revCount": 120, + "type": "git", + "url": "ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchAPI" + }, + "original": { + "dir": "LakeWatchAPI", + "type": "git", + "url": "ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchAPI" + } + }, + "lakewatch-scraper": { + "inputs": { + "flake-utils": "flake-utils_5", + "nixpkgs": [ + "nixpkgs" + ], + "poetry2nix": "poetry2nix" + }, + "locked": { + "dir": "LakeWatchScraper", + "lastModified": 1723072340, + "narHash": "sha256-PeXLTbKclSQm+HeoGFjkE3K6DbMxk3ya5gwkCdV2HHk=", + "ref": "refs/heads/main", + "rev": "4250443162f670939f8d1a2c5e30977e35be98cb", + "revCount": 120, + "type": "git", + "url": "ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchScraper" + }, + "original": { + "dir": "LakeWatchScraper", + "type": "git", + "url": "ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchScraper" + } + }, "libgit2": { "flake": false, "locked": { @@ -501,11 +666,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1721936838, - "narHash": "sha256-M/qhs/MXXU7KOh/1yH+NjQ0cHNN7DheLdxPeIGo/yTU=", + "lastModified": 1722933206, + "narHash": "sha256-7bw+yrQ1mD+10C3XmPyA1xq2tKrXVBZ9Vm0R1dDD/1o=", "owner": "nixos", "repo": "nix", - "rev": "c274e005b6f05c809b844a9a4792fe9ff8622514", + "rev": "2ed075ffc0f4e22f6bc6c083ef7c84e77c687605", "type": "github" }, "original": { @@ -514,6 +679,28 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "lakewatch-scraper", + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703863825, + "narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "5163432afc817cf8bd1f031418d1869e4c9d5547", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1702272962, @@ -564,11 +751,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1721949857, - "narHash": "sha256-DID446r8KsmJhbCzx4el8d9SnPiE8qa6+eEQOJ40vR0=", + "lastModified": 1722869614, + "narHash": "sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a1cc729dcbc31d9b0d11d86dc7436163548a9665", + "rev": "883180e6550c1723395a3a342f830bfc5c371f6b", "type": "github" }, "original": { @@ -596,11 +783,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1721924956, - "narHash": "sha256-Sb1jlyRO+N8jBXEX9Pg9Z1Qb8Bw9QyOgLDNMEpmjZ2M=", + "lastModified": 1722813957, + "narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5ad6a14c6bf098e98800b091668718c336effc95", + "rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa", "type": "github" }, "original": { @@ -610,6 +797,31 @@ "type": "github" } }, + "poetry2nix": { + "inputs": { + "flake-utils": "flake-utils_6", + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "lakewatch-scraper", + "nixpkgs" + ], + "systems": "systems_9", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1723017738, + "narHash": "sha256-Ihz23eqyiCX4CABf9r84BLKDw3T9Yv1UCgV3+aJ7mjg=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "cc0af1948e0887cd280496bd891fd40e52b40ff4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "poetry2nix", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", @@ -621,6 +833,8 @@ "flake-utils": "flake-utils_3", "home-manager": "home-manager_2", "impermanence": "impermanence", + "lakewatch-api": "lakewatch-api", + "lakewatch-scraper": "lakewatch-scraper", "nix": "nix", "nixpkgs": "nixpkgs_3", "waybar": "waybar", @@ -688,6 +902,21 @@ "type": "github" } }, + "systems_10": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "systems_2": { "locked": { "lastModified": 1681028828, @@ -763,6 +992,72 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_9": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "lakewatch-scraper", + "poetry2nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1719749022, + "narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems_4" @@ -789,11 +1084,11 @@ ] }, "locked": { - "lastModified": 1721631968, - "narHash": "sha256-BwBRNmGv2nX1nEhitOKyoOvmk+G6WoBaBHAlKYy5Edg=", + "lastModified": 1722844295, + "narHash": "sha256-SaokQfNpyo+fgpEtIVTesZsmy5B5zzMZ0yygejqt3ug=", "owner": "Alexays", "repo": "Waybar", - "rev": "003dd3a9a260a212648b6ab4a70f058c6437d40d", + "rev": "79d3a1a2962cdad1ad02195916790ae1e63122c6", "type": "github" }, "original": { @@ -804,7 +1099,7 @@ }, "wezterm": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_7", "freetype2": "freetype2", "harfbuzz": "harfbuzz", "libpng": "libpng", @@ -816,11 +1111,11 @@ }, "locked": { "dir": "nix", - "lastModified": 1721660996, - "narHash": "sha256-einWGKcn7zLSCYChDXN1aKrw1nz3P89dF/gK+OPD0Qw=", + "lastModified": 1722353247, + "narHash": "sha256-pPH+IJ8pljR+PmeOdckoHvbQVfSBdStKbgXcaqdkTRk=", "owner": "wez", "repo": "wezterm", - "rev": "7e8fdc118d2d7ceb51c720a966090f6cb65089b7", + "rev": "56a27e93a9ee50aab50ff4d78308f9b3154b5122", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 263d3317..807b934f 100644 --- a/flake.nix +++ b/flake.nix @@ -6,6 +6,14 @@ deploy-rs.url = "github:serokell/deploy-rs"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; + lakewatch-api = { + url = "git+ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchAPI"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + lakewatch-scraper = { + url = "git+ssh://git@github.com/UTSA-CS-3443/LakeWatch?dir=LakeWatchScraper"; + inputs.nixpkgs.follows = "nixpkgs"; + }; bob = { flake = false; url = "github:MordechaiHadad/bob"; @@ -252,6 +260,8 @@ inputs.impermanence.nixosModules.impermanence inputs.agenix.nixosModules.default inputs.disko.nixosModules.disko + inputs.lakewatch-api.nixosModules.default + inputs.lakewatch-scraper.nixosModules.default { config = (import "${self}/secrets" { diff --git a/hosts/luna/modules/services/lakewatch.nix b/hosts/luna/modules/services/lakewatch.nix new file mode 100644 index 00000000..83f11840 --- /dev/null +++ b/hosts/luna/modules/services/lakewatch.nix @@ -0,0 +1,22 @@ +{ config, fqdn, ... }: +{ + services.lakewatch-api = { + enable = true; + db = { + createService = true; + passwordFile = config.age.secrets.lakewatch-db-pass.path; + }; + }; + + services.lakewatch-scraper = { + enable = true; + db = { + passwordFile = config.age.secrets.lakewatch-db-pass.path; + }; + }; + services.nginx.virtualHosts."lakewatch.${fqdn}" = { + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://${config.services.lakewatch-api.host}:${builtins.toString config.services.lakewatch-api.port}"; + }; +} diff --git a/secrets/default.nix b/secrets/default.nix index d373d028..a038940e 100644 --- a/secrets/default.nix +++ b/secrets/default.nix @@ -15,6 +15,7 @@ let { users-root-pw = "${secrets}/users-root-pw.age"; users-price-pw = "${secrets}/users-price-pw.age"; + lakewatch-db-pass = "${secrets}/lakewatch-db-pass.age"; gitea-db-pass = "${secrets}/gitea-db-pass.age"; gitea-runner-token = "${secrets}/gitea-runner-token.age"; gh-ts-autotag-runner-token = "${secrets}/gh-ts-autotag-runner-token.age"; diff --git a/secrets/hosts/luna/lakewatch-db-pass.age b/secrets/hosts/luna/lakewatch-db-pass.age new file mode 100644 index 00000000..a40e3cd2 --- /dev/null +++ b/secrets/hosts/luna/lakewatch-db-pass.age @@ -0,0 +1,16 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFdvUU04QSBpb1lE +Q1lXcmV1empEZ1JsOTZBb2JMaEJocGVqMXFJZllKTHRsMm4xUVhZClRqeG5uS29Y +OTlzNVBHYjVQdDRramVMNE5qSmMzdFpUUE01bFpkMjBEMXMKLT4gWDI1NTE5IHBY +SmtIYlhxMzRudThIOUZ3VXhmOWpLcEdMMVhsSVlJQTRYV0YrT3lxQ0UKbnZQcW9I +amFnSEY5T2JPdnI1QWZKUU5vbTNhSFVWZWw4WEJ3SlgzTkFmWQotPiBwaXYtcDI1 +NiBySnMxSEEgQTVqNXo3ZCtCTSt1Y1hEVjBGQTVuQUVpOEFzamNZaFBIT0Q4Nm4z +Zy82aGQKeWFxdXo3VXJOTU84QTZlS2VaeVJ5a1A0WlMyVVpXV3F0N24rdHBwZE5j +RQotPiA8JGpWSEVBLWdyZWFzZQo4aVV6Wm13TEpwdndFQTZFZXdKaEhuSnBYR3Y2 +ZWZzCi0tLSBQdmpWNDhKa0had3BsZXVEWWU2Nno5MmVwYXcwdlEyVU85RWZDNkFB +a1k0CoRywK/qQXplmc5WMBipGK9vE4ZLonfP1PaUIf1a+njha/zlLlFf6cV+1FLj +X3E6eTVgImXyABhT1VNaPZEHLEsVErhHeQuuVltXiXiINHKL8wuJNXNEROlsNm0A +sCxw/vQB2ZgYe2WCMR75xj4PYe36fxR3T9++jizGzRDzBKa6poyO1IrENvmXZBNt +A9rsQFza14QJAcYlvPGYVQBk9PB/ooM4yQ3F4ISSKMJcbuoeYIcDqAhjh6ytd+Ro +Uf5ouMnKeFhnghV2bLWw1jk= +-----END AGE ENCRYPTED FILE-----