From 9c552931676c0a249d642e6d9319e2f97d4ddec1 Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Wed, 13 Dec 2023 13:37:43 +0200
Subject: [PATCH] binary-cache: configure params with cloudinit

Configure the domain and storage account name with cloud-init.
This allows keeping the same NixOS image across multiple deployments of
this image, serving another bucket at another domain.
---
 hosts/binary-cache/configuration.nix |  4 +---
 terraform/jenkins/binary_cache.tf    | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/hosts/binary-cache/configuration.nix b/hosts/binary-cache/configuration.nix
index 1f258d5b..1213159b 100644
--- a/hosts/binary-cache/configuration.nix
+++ b/hosts/binary-cache/configuration.nix
@@ -28,12 +28,10 @@
       RestartSec = 2;
       DynamicUser = true;
       RuntimeDirectory = "rclone-http";
-      # FUTUREWORK: set AZURE_STORAGE_ACCOUNT_NAME and storage container name through EnvironmentFile
       ExecStart =
         "${pkgs.rclone}/bin/rclone "
         + "serve http "
         + "--azureblob-env-auth "
-        + "--azureblob-account ghafbinarycache "
         + "--read-only "
         + "--addr unix://%t/rclone-http/socket "
         + ":azureblob:binary-cache-v1";
@@ -54,7 +52,7 @@
       }
 
       # Proxy a subset of requests to rclone.
-      ghaf-binary-cache.northeurope.cloudapp.azure.com {
+      https://{$SITE_ADDRESS} {
         handle /nix-cache-info {
           reverse_proxy unix///run/rclone-http/socket
         }
diff --git a/terraform/jenkins/binary_cache.tf b/terraform/jenkins/binary_cache.tf
index 8b867699..dbce90c6 100644
--- a/terraform/jenkins/binary_cache.tf
+++ b/terraform/jenkins/binary_cache.tf
@@ -53,6 +53,22 @@ module "binary_cache_vm" {
     mounts = [
       ["/dev/disk/by-label/caddy", "/var/lib/caddy"]
     ]
+    # TODO: this should be EnvironmentFile, so we don't need to restart
+    write_files = [
+      {
+        content = "[Service]\nEnvironment=AZURE_STORAGE_ACCOUNT_NAME=ghafbinarycache",
+        "path" = "/run/systemd/system/rclone-http.service.d/cloud-init.conf"
+      },
+      {
+        content = "[Service]\nEnvironment=SITE_ADDRESS=ghaf-binary-cache.northeurope.cloudapp.azure.com",
+        "path" = "/run/systemd/system/caddy.service.d/cloud-init.conf"
+      },
+    ],
+    runcmd = [
+      "systemctl daemon-reload", # pick up drop-ins
+      "systemctl restart caddy.service",
+      "systemctl restart rclone-http.service"
+    ]
   })])
 
   subnet_id = azurerm_subnet.binary_cache.id