diff --git a/configuration.nix b/configuration.nix index 211e81d..e2018c2 100644 --- a/configuration.nix +++ b/configuration.nix @@ -27,7 +27,7 @@ }; system = { - stateVersion = "25.05"; + stateVersion = "24.11"; # enable auto updates autoUpgrade = { enable = true; diff --git a/flake.lock b/flake.lock index e2456de..6941600 100644 --- a/flake.lock +++ b/flake.lock @@ -1,9 +1,30 @@ { "nodes": { - "cccb-www": { + "cccb-www-production": { "inputs": { "nixpkgs": "nixpkgs" }, + "locked": { + "lastModified": 1749149612, + "narHash": "sha256-pJupKln0bASMiE/ysmx4vN7+JOpNc1apXBfTvGpDA04=", + "ref": "production", + "rev": "85ce3943793c4b200566dfa11b4997682eca30d6", + "revCount": 425, + "submodules": true, + "type": "git", + "url": "https://git.berlin.ccc.de/cccb-website-team/www.git" + }, + "original": { + "ref": "production", + "submodules": true, + "type": "git", + "url": "https://git.berlin.ccc.de/cccb-website-team/www.git" + } + }, + "cccb-www-staging": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, "locked": { "lastModified": 1749316976, "narHash": "sha256-9SI0mbcquU9XPa2J1/NCABnfQVu8wPr/3xP8Pi6FYoY=", @@ -22,6 +43,22 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1741332913, + "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "20755fa05115c84be00b04690630cb38f0a203ad", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1748995628, "narHash": "sha256-bFufQGSAEYQgjtc4wMrobS5HWN0hDP+ZX+zthYcml9U=", @@ -37,7 +74,7 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs_3": { "locked": { "lastModified": 1749086602, "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", @@ -55,8 +92,9 @@ }, "root": { "inputs": { - "cccb-www": "cccb-www", - "nixpkgs": "nixpkgs_2" + "cccb-www-production": "cccb-www-production", + "cccb-www-staging": "cccb-www-staging", + "nixpkgs": "nixpkgs_3" } } }, diff --git a/flake.nix b/flake.nix index 60d872b..43af5e0 100644 --- a/flake.nix +++ b/flake.nix @@ -3,23 +3,24 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05"; - cccb-www = { - url = "git+https://git.berlin.ccc.de/cccb-website-team/www.git?ref=staging&submodules=1"; - # inputs.nixpkgs.follows = "nixpkgs"; - }; + cccb-www-staging.url = "git+https://git.berlin.ccc.de/cccb-website-team/www.git?ref=staging&submodules=1"; + # TODO: change to staging + cccb-www-production.url = "git+https://git.berlin.ccc.de/cccb-website-team/www.git?ref=staging&submodules=1"; }; outputs = { self, nixpkgs, - cccb-www, + cccb-www-staging, + cccb-www-production, }: { nixosConfigurations.nix-www = nixpkgs.lib.nixosSystem { system = "aarch64-linux"; specialArgs = { - mkWwwContent = cccb-www.lib.mkWwwContent; + mkWwwContentStaging = cccb-www-staging.lib.mkWwwContent; + mkWwwContentProduction = cccb-www-production.lib.mkWwwContent; }; modules = [ ./configuration.nix diff --git a/nginx.nix b/nginx.nix index ed460ff..6391d6a 100644 --- a/nginx.nix +++ b/nginx.nix @@ -1,4 +1,9 @@ -{ pkgs, mkWwwContent, ... }: +{ + pkgs, + mkWwwContentStaging, + mkWwwContentProduction, + ... +}: { security.acme = { acceptTerms = true; @@ -20,11 +25,19 @@ recommendedOptimisation = true; virtualHosts = { - "nix-www.cccb.zerforschen.plus" = { + "staging.cccb.zerforschen.plus" = { addSSL = true; enableACME = true; - root = mkWwwContent { - domain = "nix-www.cccb.zerforschen.plus"; + root = mkWwwContentStaging { + domain = "staging.cccb.zerforschen.plus"; + inherit (pkgs) system; + }; + }; + "production.cccb.zerforschen.plus" = { + addSSL = true; + enableACME = true; + root = mkWwwContentProduction { + domain = "production.cccb.zerforschen.plus"; inherit (pkgs) system; }; };