From d482eb01e4847d31075c7a14c1febf511e78919c Mon Sep 17 00:00:00 2001 From: Hari <73809867+harivansh-afk@users.noreply.github.com> Date: Tue, 14 Apr 2026 12:44:16 -0400 Subject: [PATCH] feat" diffkit self host" (#72) --- hosts/netty/configuration.nix | 1 + hosts/netty/diffkit.nix | 71 +++++++++++++++++++++++++++++++++++ hosts/netty/nginx.nix | 10 +++++ modules/devshells.nix | 2 +- 4 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 hosts/netty/diffkit.nix diff --git a/hosts/netty/configuration.nix b/hosts/netty/configuration.nix index b0c12b5..3af1a4a 100644 --- a/hosts/netty/configuration.nix +++ b/hosts/netty/configuration.nix @@ -17,6 +17,7 @@ in ./nginx.nix ./vaultwarden.nix ./forgejo.nix + ./diffkit.nix ./betternas.nix ./hermes-gateway.nix ./forgejo-runner.nix diff --git a/hosts/netty/diffkit.nix b/hosts/netty/diffkit.nix new file mode 100644 index 0000000..94107f7 --- /dev/null +++ b/hosts/netty/diffkit.nix @@ -0,0 +1,71 @@ +{ + pkgs, + username, + ... +}: +let + diffkitPort = "3200"; + stateDir = "/var/lib/diffkit"; + repoDir = "/home/${username}/Documents/GitHub/diffkit"; + envFile = "${stateDir}/diffkit.env"; + dbPath = "${stateDir}/diffkit.db"; + migrationsDir = "${repoDir}/apps/dashboard/drizzle"; + + migrationScript = pkgs.writeShellScript "diffkit-migrate" '' + set -euo pipefail + DB="${dbPath}" + MIGRATIONS="${migrationsDir}" + + ${pkgs.sqlite}/bin/sqlite3 "$DB" "SELECT 1;" > /dev/null 2>&1 || true + ${pkgs.sqlite}/bin/sqlite3 "$DB" \ + "CREATE TABLE IF NOT EXISTS __drizzle_migrations (tag TEXT PRIMARY KEY, applied_at INTEGER NOT NULL);" + + for sql_file in "$MIGRATIONS"/[0-9]*.sql; do + [ -f "$sql_file" ] || continue + tag=$(basename "$sql_file" .sql) + applied=$(${pkgs.sqlite}/bin/sqlite3 "$DB" "SELECT COUNT(*) FROM __drizzle_migrations WHERE tag='$tag';") + if [ "$applied" = "0" ]; then + echo "Applying migration: $tag" + ${pkgs.gnused}/bin/sed 's/--> statement-breakpoint/;/g' "$sql_file" \ + | ${pkgs.sqlite}/bin/sqlite3 "$DB" + ${pkgs.sqlite}/bin/sqlite3 "$DB" \ + "INSERT INTO __drizzle_migrations (tag, applied_at) VALUES ('$tag', strftime('%s','now'));" + fi + done + echo "Migrations complete." + ''; +in +{ + systemd.tmpfiles.rules = [ + "d ${stateDir} 0750 ${username} users -" + "z ${envFile} 0600 ${username} users -" + ]; + + systemd.services.diffkit = { + description = "diffkit GitHub Diff Viewer"; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + + environment = { + NODE_ENV = "production"; + HOST = "127.0.0.1"; + PORT = diffkitPort; + DATABASE_PATH = dbPath; + BETTER_AUTH_URL = "https://diffs.harivan.sh"; + GITHUB_APP_PRIVATE_KEY_FILE = "${stateDir}/github-app-key.pem"; + }; + + serviceConfig = { + Type = "simple"; + User = username; + Group = "users"; + WorkingDirectory = "${repoDir}/apps/dashboard"; + ExecStartPre = migrationScript; + ExecStart = "${pkgs.nodejs_22}/bin/node node-server.mjs"; + EnvironmentFile = "-${envFile}"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; +} diff --git a/hosts/netty/nginx.nix b/hosts/netty/nginx.nix index 874351d..a2c556a 100644 --- a/hosts/netty/nginx.nix +++ b/hosts/netty/nginx.nix @@ -6,6 +6,7 @@ let forgejoDomain = "git.harivan.sh"; vaultDomain = "vault.harivan.sh"; betternasDomain = "api.betternas.com"; + diffkitDomain = "diffs.harivan.sh"; in { security.acme = { @@ -43,6 +44,15 @@ in locations."/".proxyPass = "http://127.0.0.1:8222"; }; + virtualHosts.${diffkitDomain} = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3200"; + proxyWebsockets = true; + }; + }; + virtualHosts.${betternasDomain} = { enableACME = true; forceSSL = true; diff --git a/modules/devshells.nix b/modules/devshells.nix index 925c045..db6bc90 100644 --- a/modules/devshells.nix +++ b/modules/devshells.nix @@ -11,7 +11,7 @@ git just nixfmt-tree - nodePackages.prettier + prettier pre-commit selene shfmt