Christopher Mühl
55652569b2
Content now served from S3 at runtime via shared static-server image. - deploy-static-site: reads creds from Nomad vars, builds site, pushes tarball to S3, generates per-domain Nomad job JSON, deploys - generate-job.py: emits Nomad job JSON for a static site deployment - site-lib/flake.nix: mkSite helper, packages.default + devShells only - images/flake.nix: shared static-server OCI image (sws + awscli2 + tools) - images CI: builds and pushes static-server on images/flake.nix changes - deploy-oci-site: removed (superseded by deploy-static-site) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
30 lines
857 B
Nix
30 lines
857 B
Nix
{
|
|
description = "Shared infrastructure OCI images";
|
|
|
|
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
|
|
|
outputs = { self, nixpkgs }:
|
|
let
|
|
system = "x86_64-linux";
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
|
in
|
|
{
|
|
# Single image used by every static-site Nomad job.
|
|
# At container startup it downloads the site tarball from S3, then serves it.
|
|
# The Nomad job spec overrides Cmd with the domain- and hash-specific fetch+serve command.
|
|
packages.${system}.staticServer = pkgs.dockerTools.buildLayeredImage {
|
|
name = "static-server";
|
|
tag = "latest";
|
|
contents = with pkgs; [
|
|
static-web-server
|
|
awscli2
|
|
bash
|
|
coreutils
|
|
gnutar
|
|
gzip
|
|
cacert
|
|
];
|
|
config.ExposedPorts."8080/tcp" = { };
|
|
};
|
|
};
|
|
}
|