cbaines pushed a commit to branch master
in repository maintenance.
commit 312e0a66d56a29340c160104731f75b3f34306a2
Author: Christopher Baines <m...@cbaines.net>
AuthorDate: Mon Jun 10 12:15:59 2024 +0100
hydra: bishan: Remove file.
As this machine was turned off a while back.
* hydra/bishan.scm: Remove file.
---
hydra/bishan.scm | 211 -------------------------------------------------------
1 file changed, 211 deletions(-)
diff --git a/hydra/bishan.scm b/hydra/bishan.scm
deleted file mode 100644
index a4c32b2f..00000000
--- a/hydra/bishan.scm
+++ /dev/null
@@ -1,211 +0,0 @@
-(use-modules (gnu))
-(use-service-modules networking ssh monitoring web certbot guix)
-(use-package-modules screen ssh zile linux certs)
-
-(define %nginx-server-blocks
- (let ((common-locations
- (list
- (nginx-location-configuration
- (uri "= /nix-cache-info")
- (body '("
- return 200 'StoreDir: /gnu/store\nWantMassQuery: 0\nPriority: 100\n';
- add_header Content-Type text/plain;")))
- (nginx-location-configuration
- (uri "~ \\.narinfo$")
- (body '("
- proxy_pass http://nar-herder;
-
- # For HTTP pipelining. This has a dramatic impact on performance.
- client_body_buffer_size 128k;
-
- # Narinfos requests are short, serve many of them on a connection.
- keepalive_requests 20000;
-")))
- (nginx-location-configuration
- (uri "~ \\.narinfo/info$")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-location-configuration
- (uri "/nar/")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-location-configuration
- (uri "/file/")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-named-location-configuration
- (name "nar-storage-location")
- (body '("rewrite /internal/(.*) /$1 break;"
- "proxy_pass https://nar-storage;";
- "
-set $via \"1.1 bishan\";
-if ($http_via) {
- set $via \"$http_via, $via\";
-}
-proxy_set_header Via $via;"
- "proxy_set_header Host hydra-guix-129.guix.gnu.org:443;")))
- (nginx-location-configuration
- (uri "= /latest-database-dump")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-location-configuration
- (uri "= /recent-changes")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-location-configuration
- (uri "= /metrics")
- (body '("proxy_pass http://nar-herder;";)))
- (nginx-location-configuration
- (uri "~ ^/internal/nar/(.*)$")
- (body '("
- internal;
- root /var/lib/nars;
-
- try_files /nar/$1 @nar-storage-location;
-
- error_page 404 /404;
-
- client_body_buffer_size 256k;
-
- # Nars are already compressed.
- gzip off;
-")))
- (nginx-location-configuration
- (uri "~ ^/internal/cached-nar/(.*)$")
- (body '("
- internal;
- root /var/cache/nar-herder;
- try_files /nar/$1 =404;
-
- error_page 404 /404;
- client_body_buffer_size 256k;
- gzip off;
-")))
- (nginx-location-configuration
- (uri "~ ^/internal/database/(.*)$")
- (body '("internal;"
- "alias /var/lib/nar-herder/$1;"))))))
-
- (list
- (nginx-server-configuration
- (server-name '("bishan.guix.gnu.org"))
- (listen '("80" "[::]:80"))
- (root (local-file "nginx/html/bishan" #:recursive? #t))
- (locations
- (append
- common-locations
- (list
- (nginx-location-configuration ; For use by Certbot
- (uri "/.well-known")
- (body '(("root /var/www;"))))))))
-
- (nginx-server-configuration
- (server-name '("bishan.guix.gnu.org"))
- (listen '("443 ssl" "[::]:443 ssl"))
- (root (local-file "nginx/html/bishan" #:recursive? #t))
- (ssl-certificate
- "/etc/letsencrypt/live/bishan.guix.gnu.org/fullchain.pem")
- (ssl-certificate-key
- "/etc/letsencrypt/live/bishan.guix.gnu.org/privkey.pem")
- (raw-content
- '("
- # Make sure SSL is disabled.
- ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
-
- # Disable weak cipher suites.
- ssl_ciphers HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;"))
- (locations common-locations)))))
-
-(operating-system
- (host-name "bishan")
- (timezone "Europe/Berlin")
- (locale "en_US.utf8")
-
- (bootloader (bootloader-configuration
- (bootloader grub-bootloader)
- (targets '("/dev/sda"))))
-
- (file-systems (cons (file-system
- (device "/dev/sda2")
- (mount-point "/")
- (type "btrfs"))
- %base-file-systems))
-
- (users (cons (user-account
- (name "cbaines")
- (group "users")
-
- (supplementary-groups '("wheel"
- "audio" "video")))
- %base-user-accounts))
-
- (packages (cons* screen zile btrfs-progs %base-packages))
-
- (services
- (append
- (list
- (service static-networking-service-type
- (list
- (static-networking
- (addresses
- (list
- (network-address
- (device "enp1s0")
- (value "5.9.22.61/32"))
- (network-address
- (device "enp1s0")
- (ipv6? #t)
- (value "2a01:4f8:161:123::/64"))))
- (routes
- (list
- (network-route
- (destination "default")
- (device "enp1s0")
- (gateway "5.9.22.33"))
- (network-route
- (destination "default")
- (device "enp1s0")
- (ipv6? #t)
- (gateway "fe80::1"))))
- (name-servers
- '("2a01:4ff:ff00::add:1" "2a01:4ff:ff00::add:2")))))
-
- (service ntp-service-type)
-
- (service prometheus-node-exporter-service-type)
-
- (service certbot-service-type
- (certbot-configuration
- (certificates
- (list (certificate-configuration
- (domains '("bishan.guix.gnu.org")))))
- (email "m...@cbaines.net")
- (webroot "/var/www")))
-
- (service nar-herder-service-type
- (nar-herder-configuration
- (mirror "https://bordeaux.guix.gnu.org";)
- (storage "/var/lib/nars")
- (storage-limit 11615000000000) ; 10.8TiB
- (ttl "180d")
- (log-level 'INFO)))
-
- (service nginx-service-type
- (nginx-configuration
- (global-directives
- '((events . ((use . epoll)))
- (worker_processes . 8)))
- (upstream-blocks
- (list (nginx-upstream-configuration
- (name "nar-herder")
- (servers '("127.0.0.1:8734")))
- (nginx-upstream-configuration
- (name "nar-storage")
- (servers '("hydra-guix-129.guix.gnu.org:443")))))
- (server-blocks
- %nginx-server-blocks)))
-
- (service openssh-service-type
- (openssh-configuration
- (password-authentication? #f))))
- (modify-services %base-services
- (guix-service-type
- config => (guix-configuration
- (extra-options
- (list "--max-jobs" "2"))))))))
