~abcdw/trop.in

39131cf0845ffb929c1f7015309a4b57691a857e — Andrew Tropin 1 year, 2 months ago ca0a467
Commit all stale stuff.
6 files changed, 229 insertions(+), 65 deletions(-)

M .envrc
M Makefile
M channels-lock.scm
M guix/pinky.scm
M guix/restream.scm
M scripts/build-site.el
M .envrc => .envrc +2 -2
@@ 7,5 7,5 @@ export TEST_PEERTUBE_RTMP_KEY=key2

export EMACSLOADPATH=

use guixs

# use guixs
eval `guix shell jq emacs-htmlize emacs-next-pgtk-stable --search-paths`

M Makefile => Makefile +24 -15
@@ 1,3 1,12 @@
GUIX_EXTRA_ARGS=-L ./src \
--substitute-urls="https://ci.guix.trop.in https://substitutes.nonguix.org"

include profiles.mk

GUIX_PROFILE=target/profiles/guix
GUIX=${GUIX_PROFILE}/bin/guix
PINKY_CONFIGURATION=src/tropin/machines.scm

RDE_DIR=~/work/abcdw/rde
GUIX_DIR=~/work/gnu/guix



@@ 12,7 21,7 @@ deploy-guix-home-docs: target/guix-home-docs.tar.gz
	    -Fcontent=@target/guix-home-docs.tar.gz \
	    https://pages.sr.ht/publish/guix-home.trop.in

target/rde-readme.html: target
target/rde-readme.html: target ${RDE_DIR}/README.html
	cp ${RDE_DIR}/README.html ./target/rde-readme.html

deploy-rde-readme: target/rde-readme.html


@@ 21,16 30,14 @@ deploy-rde-readme: target/rde-readme.html
	    -H "Content-Type: application/json" \
	    -d@- https://git.sr.ht/query

deploy-restream:
	guix deploy ./guix/restream.scm

deploy-pinky:
	guix deploy ./guix/pinky.scm
	guix deploy ./guix/pinky.scm -x -- sudo herd restart nginx
deploy-pinky: guix
	${GUIX} deploy ${PINKY_CONFIGURATION} ${GUIX_EXTRA_ARGS}
	${GUIX} deploy ${PINKY_CONFIGURATION} ${GUIX_EXTRA_ARGS} \
	-x -- sudo herd restart nginx

rde-manual: target ../rde/doc/rde.html
	mkdir -p ./target/site/html/rde
	cp ../rde/doc/rde.html ./target/site/html/rde/manual
	cp ../rde/doc/rde.html ./target/site/html/rde/manual.html

site/html: target rde-manual
	echo ${EMACSLOADPATH}


@@ 38,17 45,19 @@ site/html: target rde-manual
	emacs -Q --script scripts/build-site.el

site/html.tar.gz: site/html
	cp ./target/site/html/index ./target/site/html/index.html
	cp ./target/site/html/rde/index ./target/site/html/rde/index.html
	cp ./target/site/html/notes/index ./target/site/html/notes/index.html
	# cp ./target/site/html/index ./target/site/html/index.html
	# cp ./target/site/html/rde/index ./target/site/html/rde/index.html
	# cp ./target/site/html/notes/index ./target/site/html/notes/index.html
	tar -cvzf ./target/site/html.tar.gz -C ./target/site/html .

site: site/html

deploy-site: site/html.tar.gz
	curl --oauth2-bearer `pass show sr.ht/guix-pages-token | head -n1` \
	    -Fcontent=@target/site/html.tar.gz \
	    https://pages.sr.ht/publish/trop.in
deploy-site:
	scp -r ./target/site/html/* pinky:/srv/nginx/trop.in
	# site/html.tar.gz
	# curl --oauth2-bearer `pass show sr.ht/guix-pages-token | head -n1` \
	#     -Fcontent=@target/site/html.tar.gz \
	#     https://pages.sr.ht/publish/abcdw.srht.site

clean:
	rm -rf target/

M channels-lock.scm => channels-lock.scm +2 -3
@@ 1,9 1,8 @@
(list (channel
        (name 'guix)
        (url "file:///home/bob/work/gnu/guix")
        (url "https://git.savannah.gnu.org/git/guix.git")
        (branch "master")
        (commit
          "adad94dca9f8693207b59da2abd06781a45d9ace")
        (commit "c546a776d59e0950d65530dd6d4b8f21f789783f")
        (introduction
          (make-channel-introduction
            "9edb3f66fd807b096b48283debdcddccfea34bad"

M guix/pinky.scm => guix/pinky.scm +158 -14
@@ 1,5 1,6 @@
(use-modules (gnu) (guix) (gnu services) (gnu system))
(use-service-modules networking ssh web)

(use-modules (gnu) (guix) (gnu services) (gnu system) (gnu system pam))
(use-service-modules networking ssh web shepherd)
(use-package-modules bootloaders ssh web)

;; Operating system description


@@ 44,13 45,33 @@

   (services
    (append (list
             (service dhcp-client-service-type)
             ;; (service static-networking-service-type
             ;;          (list
             ;;           (static-networking
             ;;            (addresses '())
             ;;            (name-servers '("208.67.222.222"
             ;;                            "2001:470:1f07:38b::1")))))
;             (service dhcp-client-service-type)
             (service
              static-networking-service-type
              (list
               (static-networking
                (addresses (list (network-address
                                  (device "eth0")
                                  (value "23.137.249.202/24"))
                                 (network-address
                                  (device "eth0")
                                  (value "2602:fc24:11:541b:0:0:0:13/64"))))
                (routes (list (network-route
                               (destination "default")
                               (gateway "23.137.249.1"))
                              (network-route
                               (destination "2602:fc24:11::1/128")
                               (device "eth0"))
                              (network-route
                               (destination "default")
                               (gateway "2602:fc24:11::1"))))
                (name-servers '("2620:fe::fe"
                                "2620:fe::9"
                                ;; "9.9.9.9"
                                ;; "149.112.112.112"
                                )))))
             ;; nameserver 9.9.9.9
             ;; nameserver 149.112.112.112
             (service tor-service-type)
             (service yggdrasil-service-type
                      (yggdrasil-configuration


@@ 70,12 91,44 @@
                       (authorized-keys
                        `((,user ,(local-file "ssh.key"))))))

             (pam-limits-service
              (list
               (pam-limits-entry "bob" 'both 'nofile 50000)
               (pam-limits-entry "@users" 'both 'nofile 50000)))
             (simple-service
              'hundredrps-bot
              shepherd-root-service-type
              (list
               (shepherd-service
                (documentation "hundredrps cards bot.")
                (provision '(hundredrps))
                (start #~(make-forkexec-constructor
                          (list #$(file-append
                                   (@ (gnu packages java) openjdk)
                                   "/bin/java") "-jar"
                                   #$(local-file "/home/bob/work/abcdw/hundredrps-tg-bot/target/hundredrps-standalone.jar"))
                          #:user "bob"
                          #:group "users"
                          #:environment-variables
                          (list "PORT=50080"
                                (string-append
                                 "PAYMENT_PROVIDER_TOKEN="
                                 #$(getenv "HUNDREDRPS_PAYMENT_PROVIDER_TOKEN"))
                                (string-append
                                 "AMPLITUDE_TOKEN="
                                 #$(getenv "HUNDREDRPS_AMPLITUDE_TOKEN"))
                                (string-append
                                 "TELEGRAM_TOKEN="
                                 #$(getenv "HUNDREDRPS_TELEGRAM_TOKEN")))
                          #:log-file "/tmp/hundredrps.log"))
                (stop #~(make-kill-destructor)))))

            (service nginx-service-type
                     (nginx-configuration
;;                       (modules
;;                        (list
;;                         (file-append nginx-rtmp-module "\
;; /etc/nginx/modules/ngx_rtmp_module.so")))
                      (modules
                       (list
                        (file-append nginx-rtmp-module "\
/etc/nginx/modules/ngx_rtmp_module.so")))
                      (extra-content
                       (format #f "\
server {


@@ 105,6 158,12 @@ server {
server {
    listen 80;
    listen [::]:80;
    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate /srv/nginx/ssl/hundredrps.pem;
    ssl_certificate_key /srv/nginx/ssl/hundredrps.key;
    ssl_protocols TLSv1.2;

    server_name ci.guix.trop.in ci.guix.ygg.trop.in;



@@ 118,11 177,88 @@ server {
    listen 80;
    listen [::]:80;

    listen 443 ssl;
    listen [::]:443 ssl;

    ssl_certificate     /etc/letsencrypt/live/trop.in/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/trop.in/privkey.pem;
    ssl_protocols TLSv1.2;

    server_name trop.in *.trop.in;

    location / {
        root /srv/nginx/trop.in;
        if ($request_uri ~~ ^/(.*)\\.html(\\?|$)) {
            return 302 /$1;
        }
        try_files $uri $uri.html $uri/ =404;
    }

    # rtmp stat
    location /stat {
        rtmp_stat all;
        rtmp_stat_stylesheet stat.xsl;
    }

    location /stat.xsl {
        root /var/www/html/rtmp;
    }

    # rtmp control
    location /control {
        rtmp_control all;
    }

}

server {
    listen 80;
    listen [::]:80;

    server_name files.trop.in files.ygg.trop.in;
    root /srv/nginx/public;
    autoindex on;
}
")))))

server {
    listen 80;
    listen [::]:80;

    server_name hundredrps.project.trop.in;
    root /srv/nginx/public;
    autoindex on;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name hundredrps.project.trop.in;
    ssl_certificate /srv/nginx/ssl/hundredrps.pem;
    ssl_certificate_key /srv/nginx/ssl/hundredrps.key;
    ssl_protocols TLSv1.2;

    location / {
        proxy_pass http://localhost:50080;
    }
}

}
rtmp {
        server {
                listen 1935;
                chunk_size 4096;

                application live {
                        live on;
                        record off;
                        push rtmp://a.rtmp.youtube.com/live2/~a;
                        push rtmp://diode.zone:1935/live/~a;
                }
        }
"
                               (getenv "YOUTUBE_RTMP_KEY")
                               (getenv "PEERTUBE_RTMP_KEY"))))))

            (modify-services %base-services
              (guix-service-type


@@ 133,6 269,14 @@ server {
                 (append (list (local-file "/etc/guix/signing-key.pub"))
                         %default-authorized-guix-keys)))))))))

;;; my nginx config
;; TODO: Add gzip for big static files
;; TODO: Cache big files?
;; TODO: Image filter module for resizing images
;; TODO: Add expire directives to cache files on client side
;; TODO: Add monitoring https://github.com/vozlt/nginx-module-vts
;; https://www.nginx.com/resources/wiki/modules/

(define host "pinky")
(define user "bob")
(define os

M guix/restream.scm => guix/restream.scm +17 -8
@@ 1,5 1,5 @@
;; Module imports
(use-modules (gnu) (guix))
(use-modules (gnu) (guix) (gnu services))
(use-service-modules networking ssh web)
(use-package-modules bootloaders ssh web)



@@ 36,6 36,17 @@
                       (extra-content
                        (format #f "\
}
server {
    listen 80;
    location / {
        # internal;
        proxy_pass https://guix.gnu.org/;
        proxy_set_header X-SERVER-PORT $server_port;
        proxy_set_header X-SERVER-ADDR $server_addr;
        proxy_set_header HOST $http_host;
        proxy_set_header X-REAL-IP $remote_addr;
    }
}
rtmp {
        server {
                listen 1935;


@@ 52,16 63,13 @@ rtmp {

                       (server-blocks
                        (list (nginx-server-configuration
                               ;; (locations
                               ;;  (list
                               ;;   (nginx-location-configuration
                               ;;    (uri "/stat")
                               ;;    (body '("rtmp_stat all;"
                               ;;            "rtmp_stat_stylesheet stat.xsl;")))))
                               (server-name `(,ip))
                               (listen '("8088"))
                               (root "/var/www/"))))))

             ;; (simple-service
             ;;  'restart-nginx-on-activation
             ;;  activation-service-type
             ;;  #~(invoke/quiet "sh" "-c" "sleep 5s && herd restart nginx"))
             (service openssh-service-type
                      (openssh-configuration
                       (openssh openssh-sans-x)


@@ 89,6 97,7 @@ rtmp {
       (environment managed-host-environment-type)
       (configuration (machine-ssh-configuration
                       (host-name host)
                       (allow-downgrades? #t)
                       (system "x86_64-linux")
                       (host-key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWfLPNTst91Ezts/bsdEGsMoknXz8NDltBHR+zjDmZO")
                       (user "root")

M scripts/build-site.el => scripts/build-site.el +26 -23
@@ 3,23 3,26 @@

;; There is a bug in ox-html, which doesn't check for empty string in
;; properties, so `org-html-extension' should set using variable.
(setq org-html-extension "")
;; (setq org-html-extension "")

(let ((org-roam-v2-ack t))
  (require 'org-roam))
(setq org-roam-directory "../notes/notes")
;; (let ((org-roam-v2-ack t))
;;   (require 'org-roam))
;; (setq org-roam-directory "../notes/notes")
;; (org-roam-db-autosync-enable)
(org-roam-update-org-id-locations)
;; (org-roam-update-org-id-locations)

(require 'find-lisp)
(setq org-publish-timestamp-directory "./target/")

(setq pub-dir "./target/site/html/")
;; (setq pub-dir "/ssh:pinky:~/")

(setq
 org-publish-project-alist
 '(("pages"
 `(("pages"
    :base-directory "./pages/"
    :base-extension "org"
    :publishing-directory "./target/site/html/"
    :publishing-directory ,pub-dir
    :publishing-function org-html-publish-to-html
    :html-head "<link rel=\"stylesheet\" href=\"/assets/simple.min.css\" type=\"text/css\"/>"
    :recursive t


@@ 31,28 34,28 @@
    :html-head-include-default-style nil
    :html-head-include-scripts nil
    :time-stamp-file nil)
   ("notes"
    :base-directory "../notes/notes/"
    :base-extension "org"
    :publishing-directory "./target/site/html/notes/"
    :publishing-function org-html-publish-to-html
    :html-head "<link rel=\"stylesheet\" href=\"/assets/simple.min.css\" type=\"text/css\"/>"
    :section-numbers nil
    :with-author nil
    :with-creator nil
    :with-toc nil
    :html-validation-link nil
    :html-head-include-default-style nil
    :html-head-include-scripts nil
    :time-stamp-file nil)
   ;; ("notes"
   ;;  :base-directory "../notes/notes/"
   ;;  :base-extension "org"
   ;;  :publishing-directory "./target/site/html/notes/"
   ;;  :publishing-function org-html-publish-to-html
   ;;  :html-head "<link rel=\"stylesheet\" href=\"/assets/simple.min.css\" type=\"text/css\"/>"
   ;;  :section-numbers nil
   ;;  :with-author nil
   ;;  :with-creator nil
   ;;  :with-toc nil
   ;;  :html-validation-link nil
   ;;  :html-head-include-default-style nil
   ;;  :html-head-include-scripts nil
   ;;  :time-stamp-file nil)

   ("assets"
    :base-directory "./assets/"
    :base-extension any
    :publishing-directory "./target/site/html/assets/"
    :publishing-directory ,(concat pub-dir "/assets")
    :publishing-function org-publish-attachment)

   ("site" :components ("pages" "assets" "notes"))))
   ("site" :components ("pages" "assets"))))

;; (let ((org-id-extra-files (find-lisp-find-files "../notes/notes/" "\.org$")))
;; )