no more tls in warp (nginx handles it now)

2023-08-21 17:58:07 -07:00 · 2023-08-21 17:58:07 -07:00 · f793e26b34
commit f793e26b34
parent fff0b6175a
4 changed files with 64 additions and 101 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,78 +1,58 @@
 {
  "nodes": {
-    "flake-parts": {
+    "flake-utils": {
      "inputs": {
-        "nixpkgs-lib": "nixpkgs-lib"
+        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1690933134,
-        "narHash": "sha256-ab989mN63fQZBFrkk4Q8bYxQCktuHmBIBqUG1jl6/FQ=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "59cf3f1447cfc75087e7273b04b31e689a8599fb",
+        "lastModified": 1689068808,
+        "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
        "type": "github"
      },
      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
-    "haskell-flake": {
-      "locked": {
-        "lastModified": 1690398210,
-        "narHash": "sha256-1wnx2K3U2xmUI5rUulOZ66tcIva+OGWS47dyHdZJjsA=",
-        "owner": "srid",
-        "repo": "haskell-flake",
-        "rev": "d3c8d8be31d3a5dcf9d49e9dacfc570b5c736658",
-        "type": "github"
-      },
-      "original": {
-        "owner": "srid",
-        "repo": "haskell-flake",
+        "owner": "numtide",
+        "repo": "flake-utils",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1691403902,
-        "narHash": "sha256-J74y4xWtKPDPyVtF4arzrwuSOGznlFlJ+uB9RwNNnbo=",
-        "owner": "nixos",
+        "lastModified": 1692665005,
+        "narHash": "sha256-wJ2OF51EYNbTGwuI3EmJWAJV9K5pNuP1aBpD9DXeNb4=",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "c91024273f020df2dcb209cc133461ca17848026",
+        "rev": "50097d75fa0dcc6be7271bc390e612fa0363a38d",
        "type": "github"
      },
      "original": {
-        "owner": "nixos",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-lib": {
-      "locked": {
-        "dir": "lib",
-        "lastModified": 1690881714,
-        "narHash": "sha256-h/nXluEqdiQHs1oSgkOOWF+j8gcJMWhwnZ9PFabN6q0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "9e1960bc196baf6881340d53dccb203a951745a2",
-        "type": "github"
-      },
-      "original": {
-        "dir": "lib",
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
-        "flake-parts": "flake-parts",
-        "haskell-flake": "haskell-flake",
+        "flake-utils": "flake-utils",
        "nixpkgs": "nixpkgs"
      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -1,53 +1,43 @@
+# SPDX-FileCopyrightText: 2021 Serokell <https://serokell.io/>
+#
+# SPDX-License-Identifier: CC0-1.0
+
 {
+  description = "My haskell application";
+
  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
-    flake-parts.url = "github:hercules-ci/flake-parts";
-    haskell-flake.url = "github:srid/haskell-flake";
-  };
-  outputs = inputs@{ self, nixpkgs, flake-parts, ... }:
-    flake-parts.lib.mkFlake { inherit inputs; } {
-      systems = nixpkgs.lib.systems.flakeExposed;
-      imports = [ inputs.haskell-flake.flakeModule ];
-
-      perSystem = { self', pkgs, ... }: {
-
-        # Typically, you just want a single project named "default". But
-        # multiple projects are also possible, each using different GHC version.
-        haskellProjects.default = {
-          # The base package set representing a specific GHC version.
-          # By default, this is pkgs.haskellPackages.
-          # You may also create your own. See https://zero-to-flakes.com/haskell-flake/package-set
-          # basePackages = pkgs.haskellPackages;
-
-          # Extra package information. See https://zero-to-flakes.com/haskell-flake/dependency
-          #
-          # Note that local packages are automatically included in `packages`
-          # (defined by `defaults.packages` option).
-          #
-          # packages = {
-          #   base.source = "4.17.0.0"; # Hackage version override
-          # };
-          # settings = {
-          #   beam = {
-          #     broken = false;
-          #     jailbreak = true;
-          #   };
-          # };
-
-          devShell = {
-           # Enabled by default
-           enable = true;
-
-           # Programs you want to make available in the shell.
-           # Default programs can be disabled by setting to 'null'
-           tools = hp: { sqlite = pkgs.sqlite; haskell-language-server = pkgs.haskell-language-server ; ghcid = null; };
-
-           hlsCheck.enable = true;
-          };
+    nixpkgs.url = "github:NixOS/nixpkgs";
+    flake-utils.url = "github:numtide/flake-utils";
  };

-        # haskell-flake doesn't set the default package, but you can do it here.
-        packages.default = self'.packages.rcv-site;
+  outputs = { self, nixpkgs, flake-utils }:
+    flake-utils.lib.eachDefaultSystem (system:
+      let
+        pkgs = nixpkgs.legacyPackages.${system};
+
+        haskellPackages = pkgs.haskellPackages;
+
+        jailbreakUnbreak = pkg:
+          pkgs.haskell.lib.doJailbreak (pkg.overrideAttrs (_: { meta = { }; }));
+
+        # DON'T FORGET TO PUT YOUR PACKAGE NAME HERE, REMOVING `throw`
+        packageName = "rcv-site";
+      in {
+        packages.${packageName} =
+          haskellPackages.callCabal2nix packageName self rec {
+            # Dependency overrides go here
          };
+
+        packages.default = self.packages.${system}.${packageName};
+        defaultPackage = self.packages.${system}.default;
+
+        devShells.default = pkgs.mkShell {
+          buildInputs = with pkgs; [
+            haskellPackages.haskell-language-server # you must build it with your ghc to work
+            cabal-install
+          ];
+          inputsFrom = map (__getAttr "env") (__attrValues self.packages.${system});
        };
+        devShell = self.devShells.${system}.default;
+      });
 }
--- a/rcv-site.cabal
+++ b/rcv-site.cabal
@ -66,8 +66,8 @@ executable rcv-site
    wai,
    wai-app-static,
    wai-extra,
-    warp,
-    warp-tls
+    warp
+    -- warp-tls
  default-language:
    Haskell2010
  other-modules:
--- a/src/Main.hs
+++ b/src/Main.hs
@ -21,7 +21,6 @@ import qualified Database as DB
 import qualified Error as Er
 import qualified InstantRunoff as IR
 import qualified Network.Wai.Handler.Warp as W
-import qualified Network.Wai.Handler.WarpTLS as WTLS
 import qualified Poll as P
 import qualified System.Environment as S
 import qualified Data.Text.IO as TIO
@ -203,12 +202,6 @@ getEnv = do
 runWithEnv :: Env -> AppM a -> Handler a
 runWithEnv = flip Rd.runReaderT

-tlsSettings :: WTLS.TLSSettings
-tlsSettings = WTLS.tlsSettingsChain
-  "/etc/letsencrypt/live/rankedchoice.net/cert.pem"
-  ["/etc/letsencrypt/live/rankedchoice.net/fullchain.pem"]
-  "/etc/letsencrypt/live/rankedchoice.net/privkey.pem"
-
 warpSettings :: W.Settings
 warpSettings = W.setPort 443 W.defaultSettings