start making flake container

Signed-off-by: Xe <me@christine.website>
2022-03-26 16:59:48 +00:00 · 2022-03-26 16:59:48 +00:00 · 7dc0421ed8
parent 042bc8b53c
commit 7dc0421ed8
3 changed files with 30 additions and 15 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 result
 .direnv
+.tmp
--- a/flake.lock
+++ b/flake.lock
@ -2,11 +2,11 @@
  "nodes": {
    "nixpkgs": {
      "locked": {
-        "lastModified": 1645433236,
-        "narHash": "sha256-4va4MvJ076XyPp5h8sm5eMQvCrJ6yZAbBmyw95dGyw4=",
+        "lastModified": 1648069223,
+        "narHash": "sha256-BXzQV8p/RR440EB9qY0ULYfTH0zSW1stjUCYeP4SF+E=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "7f9b6e2babf232412682c09e57ed666d8f84ac2d",
+        "rev": "1d08ea2bd83abef174fb43cbfb8a856b8ef2ce26",
        "type": "github"
      },
      "original": {
@ -40,11 +40,11 @@
    },
    "utils": {
      "locked": {
-        "lastModified": 1644229661,
-        "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
+        "lastModified": 1648297722,
+        "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
+        "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -36,7 +36,8 @@
            # To begin with it is recommended to set this, but one must
            # remeber to bump this hash when your dependencies change.
            #vendorSha256 = pkgs.lib.fakeSha256;
-            vendorSha256 = "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo=";
+            vendorSha256 =
+              "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo=";
          };

          docker = let web = self.packages.${system}.default;
@ -84,7 +85,7 @@
              systemd.services."xeserv.gohello" = {
                wantedBy = [ "multi-user.target" ];

-                serviceConfig = let pkg = self.packages.${system}.default;
+                serviceConfig = let pkg = pkgs.hello; #self.packages.${system}.default;
                in {
                  Restart = "on-failure";
                  ExecStart = "${pkg}/bin/web-server";
@ -99,17 +100,30 @@
              };

              services.nginx.virtualHosts.${cfg.domain} = {
-                locations."/" = {
-                  proxyPass = "http://127.0.0.1:3031";
-                };
+                locations."/" = { proxyPass = "http://127.0.0.1:3031"; };
              };
            };
          };
-
-        defaultApp = utils.lib.mkApp { drv = self.defaultPackage.${system}; };
+        defaultApp = utils.lib.mkApp { drv = self.packages.${system}.default; };

        devShells.default = pkgs.mkShell {
-          buildInputs = with pkgs; [ go gopls goimports go-tools ];
+          buildInputs = with pkgs; [ go gopls gotools go-tools ];
        };
-      });
+      }) // {
+        nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = [
+            self.nixosModule
+            ({ pkgs, ... }: {
+              # Only allow this to boot as a container
+              boot.isContainer = true;
+
+              # Allow nginx through the firewall
+              networking.firewall.allowedTCPPorts = [ 80 ];
+
+              services.nginx.enable = true;
+            })
+          ];
+        };
+      };
 }