about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAspen Smith <root@gws.fyi>2023-11-06T21·02-0500
committerclbot <clbot@tvl.fyi>2023-11-06T21·17+0000
commitedea6dadddbc8d8484d5790dd3aed787630b8258 (patch)
tree5ecdf220df5a91cdf9bb4bbe51ac7cfc519e6b4f
parent97b63a84685442aebc859d1eec6efc094a810119 (diff)
feat(users/grfn/web): Purge cloudflare cache on deploy r/6969
Change-Id: Iebaff500bc7bbb92ff4344f185a3b446f9ce9eb9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9975
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
-rw-r--r--users/grfn/web/Makefile12
-rw-r--r--users/grfn/web/default.nix34
-rw-r--r--users/grfn/web/shell.nix2
3 files changed, 39 insertions, 9 deletions
diff --git a/users/grfn/web/Makefile b/users/grfn/web/Makefile
index 9da503fa26a4..0248685386c6 100644
--- a/users/grfn/web/Makefile
+++ b/users/grfn/web/Makefile
@@ -1,7 +1,13 @@
-.PHONY: deploy
+.PHONY: deploy purge_cf do_deploy renew backup open
+
+deploy: do_deploy purge_cf
+
+purge_cf:
+	@$(shell nix-build `git rev-parse --show-toplevel` -A 'users.grfn.web.purge-cf')/bin/purge-cf.sh
+
+do_deploy:
+	@$(shell nix-build `git rev-parse --show-toplevel` -A 'users.grfn.web')/bin/deploy.sh
 
-deploy:
-	@$(shell nix-build `git rev-parse --show-toplevel` -A 'users.grfn.web')
 
 renew:
 	@echo Renewing...
diff --git a/users/grfn/web/default.nix b/users/grfn/web/default.nix
index 5ab3614d7902..580e1c8cd1cd 100644
--- a/users/grfn/web/default.nix
+++ b/users/grfn/web/default.nix
@@ -28,10 +28,34 @@ let
       cp ${keys} $out/keys
     '';
 
+  purge-cf = writeShellApplication {
+    name = "purge-cf.sh";
+    runtimeInputs = [ httpie jq pass ];
+    text = ''
+      cfapi() {
+        http \
+          "https://api.cloudflare.com/client/v4/$1" \
+          X-Auth-Email:root@gws.fyi \
+          "X-Auth-Key: $(pass cloudflare-api-key)" \
+          "''${@:2}"
+      }
+
+      zone_id=$(
+        cfapi zones \
+          | jq -r '.result[] | select(.name == "gws.fyi") | .id'
+      )
+
+      cfapi "zones/$zone_id/purge_cache" purge_everything:=true
+    '';
+  };
 in
-(writeShellScript "deploy.sh" ''
-  ${awscli2}/bin/aws --profile personal s3 sync ${website}/ ${bucket}
-  echo "Deployed to http://gws.fyi"
-'') // {
-  inherit website site;
+(writeShellApplication {
+  name = "deploy.sh";
+  runtimeInputs = [ awscli2 ];
+  text = ''
+    aws --profile personal s3 sync ${website}/ ${bucket}
+    echo "Deployed to http://gws.fyi"
+  '';
+}).overrideAttrs {
+  passthru = { inherit website site purge-cf; };
 }
diff --git a/users/grfn/web/shell.nix b/users/grfn/web/shell.nix
index 846bdb6677a3..7e7fccdc939c 100644
--- a/users/grfn/web/shell.nix
+++ b/users/grfn/web/shell.nix
@@ -3,7 +3,7 @@ mkShell {
   buildInputs = [
     awscli
     gnumake
-    letsencrypt
     tarsnap
+    certbot
   ];
 }