From a48414255f73a236877f2579786e93a38f6d1ae0 Mon Sep 17 00:00:00 2001
From: "Jeffrey C. Ollie" <jeff@ocjtech.us>
Date: Tue, 23 May 2023 22:07:16 -0500
Subject: [PATCH] update, add sendreports, use attic cache

---
 .drone.yml | 30 ++++++++++++++++++++++++------
 flake.lock |  6 +++---
 flake.nix  | 40 +++++++++++++++++++++++++++-------------
 3 files changed, 54 insertions(+), 22 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index 8af1647..6be00e6 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -11,6 +11,18 @@ get:
   path: local
   name: password
 ---
+kind: secret
+name: attic_url
+get:
+  path: attic
+  name: url
+---
+kind: secret
+name: attic_key
+get:
+  path: attic
+  name: key
+---
 kind: pipeline
 type: kubernetes
 name: build
@@ -19,17 +31,19 @@ steps:
     image: docker.io/jcollie/nixos-runner:latest
     pull: always
     commands:
-      - nix build -L .#webserver
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#webserver
       - push-container result --repository network/healthchecks-webserver
-      - nix build -L .#smtpd
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#smtpd
       - push-container result --repository network/healthchecks-smtpd
-      - nix build -L .#sendalerts
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#sendalerts
       - push-container result --repository network/healthchecks-sendalerts
-      - nix build -L .#maintenance
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#sendreports
+      - push-container result --repository network/healthchecks-sendreports
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#maintenance
       - push-container result --repository network/healthchecks-maintenance
-      - nix build -L .#migrate
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#migrate
       - push-container result --repository network/healthchecks-migrate
-      - nix build -L .#static
+      - nix --extra-substituters $PLUGIN_ATTIC_URL --extra-trusted-public-keys $PLUGIN_ATTIC_KEY build -L .#static
       - push-container result --repository network/healthchecks-static
     settings:
       registry: r.ocj.io
@@ -37,6 +51,10 @@ steps:
         from_secret: local_username
       password:
         from_secret: local_password
+      attic_url:
+        from_secret: attic_url
+      attic_key:
+        from_secret: attic_key
   - name: notify
     image: plugins/webhook
     failure: ignore
diff --git a/flake.lock b/flake.lock
index 430df0b..098bbea 100644
--- a/flake.lock
+++ b/flake.lock
@@ -2,11 +2,11 @@
   "nodes": {
     "nixpkgs": {
       "locked": {
-        "lastModified": 1682879489,
-        "narHash": "sha256-sASwo8gBt7JDnOOstnps90K1wxmVfyhsTPPNTGBPjjg=",
+        "lastModified": 1684754342,
+        "narHash": "sha256-plGnjnbnPLoZCTdQX21oT7xliQhFtgcWlkuDHgtEb1o=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "da45bf6ec7bbcc5d1e14d3795c025199f28e0de0",
+        "rev": "7084250df3d7f9735087d3234407f3c1fc2400e3",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 44b2d9c..fd9be1c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -151,6 +151,20 @@
           }
         );
 
+        sendreports = pkgs.dockerTools.buildLayeredImage (
+          pkgs.lib.attrsets.recursiveUpdate baseImage {
+            name = "healthchecks-sendreports";
+            config = {
+              Cmd = [
+                "${self.packages.${system}.healthchecks}/app/manage.py"
+                "sendreports"
+                "--loop"
+              ];
+              ExposedPorts = { };
+            };
+          }
+        );
+
         maintenance =
           let
             script = pkgs.writeShellScript "maintenance" ''
@@ -163,18 +177,17 @@
               ${pkgs.curl}/bin/curl $CURL_OPTIONS http://webserver.healthchecks.svc/ping/$MAINTENANCE_CHECK_UUID
             '';
           in
-          pkgs.dockerTools.buildLayeredImage
-            (
-              pkgs.lib.attrsets.recursiveUpdate baseImage {
-                name = "healthchecks-maintenance";
-                config = {
-                  Cmd = [
-                    "${script}"
-                  ];
-                  ExposedPorts = { };
-                };
-              }
-            );
+          pkgs.dockerTools.buildLayeredImage (
+            pkgs.lib.attrsets.recursiveUpdate baseImage {
+              name = "healthchecks-maintenance";
+              config = {
+                Cmd = [
+                  "${script}"
+                ];
+                ExposedPorts = { };
+              };
+            }
+          );
 
         migrate = pkgs.dockerTools.buildLayeredImage (
           pkgs.lib.attrsets.recursiveUpdate baseImage {
@@ -206,10 +219,11 @@
                 harakiri = 10
                 http-socket = :8000
                 master
+                max-fd = 10000
                 mime-file = ${pkgs.mailcap}/etc/nginx/mime.types
                 module = hc.wsgi:application
                 plugins = python3
-                post-buffering = 4096
+                post-buffering = 16192
                 processes = 4
                 threads = 1
                 thunder-lock