about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2020-07-12T11·54+0100
committertazjin <mail@tazj.in>2020-07-12T13·36+0000
commit93575158c64e3400860a8f99b534f84b71ed68a6 (patch)
tree506c53a386b2a19472d3572897a5fa2ce2b08232
parent6ed4e7d4d12cc15777d3f05e04ff240df3986d8e (diff)
feat(whitby): Enable SourceGraph server r/1262
Change-Id: Ia8a20d54a4ac77d64f5e3fd2255ffad78dce0fb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1067
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
-rw-r--r--ops/nixos/whitby/default.nix7
-rw-r--r--ops/nixos/www/cs.tvl.fyi.nix30
2 files changed, 36 insertions, 1 deletions
diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix
index 145b2137b051..7c10719450a8 100644
--- a/ops/nixos/whitby/default.nix
+++ b/ops/nixos/whitby/default.nix
@@ -18,8 +18,10 @@ in {
     "${depot.depotPath}/ops/nixos/clbot.nix"
     "${depot.depotPath}/ops/nixos/depot.nix"
     "${depot.depotPath}/ops/nixos/smtprelay.nix"
+    "${depot.depotPath}/ops/nixos/sourcegraph.nix"
     "${depot.depotPath}/ops/nixos/tvl-slapd/default.nix"
     "${depot.depotPath}/ops/nixos/tvl-sso/default.nix"
+    "${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix"
     "${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix"
     "${depot.depotPath}/ops/nixos/www/tvl.fyi.nix"
   ];
@@ -108,7 +110,7 @@ in {
       interface = "enp196s0";
     };
 
-    firewall.allowedTCPPorts = [ 22 80 443 ];
+    firewall.allowedTCPPorts = [ 22 80 443 4238 ];
 
     interfaces.enp196s0.useDHCP = true;
     interfaces.enp196s0.ipv6.addresses = [
@@ -187,6 +189,9 @@ in {
     };
   };
 
+  # Run a SourceGraph code search instance
+  services.depot.sourcegraph.enable = true;
+
   environment.systemPackages = with nixpkgs; [
     bb
     curl
diff --git a/ops/nixos/www/cs.tvl.fyi.nix b/ops/nixos/www/cs.tvl.fyi.nix
new file mode 100644
index 000000000000..ed2adcbf8294
--- /dev/null
+++ b/ops/nixos/www/cs.tvl.fyi.nix
@@ -0,0 +1,30 @@
+{ config, ... }:
+
+{
+  imports = [
+    ./base.nix
+  ];
+
+  config = {
+    services.nginx.virtualHosts."cs.tvl.fyi" = {
+      serverName = "cs.tvl.fyi";
+      enableACME = true;
+      forceSSL = true;
+
+      extraConfig = ''
+        location = / {
+          return 301 https://cs.tvl.fyi/depot;
+        }
+
+        location / {
+          proxy_set_header X-Sg-Auth "Anonymous";
+          proxy_pass http://localhost:${toString config.services.depot.sourcegraph.port};
+        }
+
+        location /users/Anonymous/settings {
+          return 301 https://cs.tvl.fyi;
+        }
+      '';
+    };
+  };
+}