[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: hydra: bayfront: Enable new bordeaux coordinator domain.
|
From: |
Christopher Baines |
|
Subject: |
01/02: hydra: bayfront: Enable new bordeaux coordinator domain. |
|
Date: |
Tue, 30 Jan 2024 14:33:00 -0500 (EST) |
cbaines pushed a commit to branch master
in repository maintenance.
commit edeccd34e8af083fa62ea7ba46de2dacdc10a55d
Author: Christopher Baines <mail@cbaines.net>
AuthorDate: Tue Jan 30 19:13:34 2024 +0000
hydra: bayfront: Enable new bordeaux coordinator domain.
Intended to gradually replace coordinator.bayfront and make a little
more sense since the coordinator is connected to the bordeaux build
farm, rather than bayfront as a machine.
* hydra/bayfront.scm (%certbot-configuration): Add new cert.
(%coordinator.bayfront.guix.gnu.org-nginx-servers): New variable.
<nginx-service-type>: Use it.
---
hydra/bayfront.scm | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 52 insertions(+), 1 deletion(-)
diff --git a/hydra/bayfront.scm b/hydra/bayfront.scm
index 89f4d9c..4fb6045 100644
--- a/hydra/bayfront.scm
+++ b/hydra/bayfront.scm
@@ -67,6 +67,9 @@
(certificate-configuration
(domains '("qa.guix.gnu.org"))
(deploy-hook %nginx-deploy-hook))
+ (certificate-configuration
+ (domains '("coordinator.bordeaux.guix.gnu.org"))
+ (deploy-hook %nginx-deploy-hook))
(certificate-configuration
(domains '("bordeaux.guix.gnu.org"))
(deploy-hook %nginx-deploy-hook))))))
@@ -602,6 +605,8 @@ access_log /var/log/nginx/logs.access.log;"))
"access_log /var/log/nginx/logs.access.log;"))
(locations common-locations)))))
+;; This is the old but still used domain for the bordeaux coordinator,
+;; it can be removed once it's unused.
(define %coordinator.bayfront.guix.gnu.org-nginx-servers
(list
(nginx-server-configuration
@@ -628,6 +633,51 @@ client_body_buffer_size 128K;
access_log /var/log/nginx/coordinator.access.log;
+proxy_set_header X-Forwarded-Host $host;
+proxy_set_header X-Forwarded-Port $server_port;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;"))
+ (locations
+ (list (nginx-location-configuration
+ (uri "/")
+ (body '("try_files $uri $uri/ @guix-build-coordinator;")))
+ (nginx-named-location-configuration
+ (name "guix-build-coordinator")
+ (body '("proxy_pass http://guix-build-coordinator-proxy;";
+ "proxy_http_version 1.1;"
+ "proxy_set_header Host $host;"
+ "proxy_set_header X-Forwarded-For $remote_addr;"
+ "proxy_request_buffering off;"
+
+ "gzip on;"
+ "gzip_types text/html application/json;"
+ "gzip_proxied any;"))))))))
+
+(define %coordinator.bordeaux.guix.gnu.org-nginx-servers
+ (list
+ (nginx-server-configuration
+ (server-name '("coordinator.bordeaux.guix.gnu.org"))
+ (listen '("80" "[::]:80"))
+ (locations
+ (list
+ (nginx-location-configuration ; For use by Certbot
+ (uri "/.well-known")
+ (body '(("root /var/www;")))))))
+
+ (nginx-server-configuration
+ (server-name '("coordinator.bordeaux.guix.gnu.org"))
+ (listen '("443 ssl" "[::]:443 ssl"))
+ (ssl-certificate
+ "/etc/letsencrypt/live/coordinator.bordeaux.guix.gnu.org/fullchain.pem")
+ (ssl-certificate-key
+ "/etc/letsencrypt/live/coordinator.bordeaux.guix.gnu.org/privkey.pem")
+ (raw-content
+ (list %common-tls-options
+ "\
+client_max_body_size 0;
+client_body_buffer_size 128K;
+
+access_log /var/log/nginx/coordinator.access.log;
+
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;"))
@@ -1443,7 +1493,8 @@ proxy_set_header Via $via;"
%bordeaux.guix.gnu.org-nginx-servers
%qa.guix.gnu.org-nginx-servers
%packages.guix.gnu.org-nginx-servers
- %coordinator.bayfront.guix.gnu.org-nginx-servers))))
+ %coordinator.bayfront.guix.gnu.org-nginx-servers
+ %coordinator.bordeaux.guix.gnu.org-nginx-servers))))
(service nar-herder-service-type
(nar-herder-configuration