Rewrite site backend in Rust (#178)

* add shell.nix changes for Rust #176

* set up base crate layout

* add first set of dependencies

* start adding basic app modules

* start html templates

* serve index page

* add contact and feeds pages

* add resume rendering support

* resume cleanups

* get signalboost page working

* rewrite config to be in dhall

* more work

* basic generic post loading

* more tests

* initial blog index support

* fix routing?

* render blogposts

* X-Clacks-Overhead

* split blog handlers into blog.rs

* gallery index

* gallery posts

* fix hashtags

* remove instantpage (it messes up the metrics)

* talk support + prometheus

* Create rust.yml

* Update rust.yml

* Update codeql-analysis.yml

* add jsonfeed library

* jsonfeed support

* rss/atom

* go mod tidy

* atom: add posted date

* rss: add publishing date

* nix: build rust program

* rip out go code

* rip out go templates

* prepare for serving in docker

* create kubernetes deployment

* create automagic deployment

* build docker images on non-master

* more fixes

* fix timestamps

* fix RSS/Atom/JSONFeed validation errors

* add go vanity import redirecting

* templates/header: remove this

* atom feed: fixes

* fix?

* fix??

* fix rust tests

* Update rust.yml

* automatically show snow during the winter

* fix dates

* show commit link in footer

* sitemap support

* fix compiler warning

* start basic patreon client

* integrate kankyo

* fix patreon client

* add patrons page

* remove this

* handle patron errors better

* fix build

* clean up deploy

* sort envvars for deploy

* remove deps.nix

* shell.nix: remove go

* update README

* fix envvars for tests

* nice

* blog: add rewrite in rust post

* blog/site-update: more words

5 files changed, 61 insertions, 150 deletions

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 5e7db4c..0000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-name: "Code scanning - action"
-
-on:
-  push:
-  pull_request:
-  schedule:
-    - cron: '0 18 * * 6'
-
-jobs:
-  CodeQL-Build:
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-      
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      # Override language selection by uncommenting this and choosing your languages
-      with:
-        languages: go
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
deleted file mode 100644
index e1e986f..0000000
--- a/.github/workflows/go.yml
+++ /dev/null
@@ -1,21 +0,0 @@
-name: Go
-on: 
-  - push
-  - pull_request
-jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-    - name: Set up Go 1.14
-      uses: actions/setup-go@v1
-      with:
-        go-version: 1.14
-      id: go
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@v1
-    - name: Test
-      run: go test -v ./...
-      env:
-        GO111MODULE: on
-        GOPROXY: https://cache.greedo.xeserv.us
diff --git a/.github/workflows/kubernetes-cd.yml b/.github/workflows/kubernetes-cd.yml
deleted file mode 100644
index 37f47b1..0000000
--- a/.github/workflows/kubernetes-cd.yml
+++ /dev/null
@@ -1,80 +0,0 @@
-name: "CI/CD"
-on: 
-  push:
-    branches:
-    - master
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v1
-    - name: Build container image
-      run: |
-        docker build -t xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) .
-        echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin
-        docker push xena/christinewebsite
-      env:
-        DOCKER_USERNAME: "xena"
-        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-    - name: Download secrets/Install/Configure/Use Dyson
-      run: |
-        mkdir ~/.ssh
-        echo $FILE_DATA | base64 -d > ~/.ssh/id_rsa
-        md5sum ~/.ssh/id_rsa 
-        chmod 600 ~/.ssh/id_rsa
-        git clone git@ssh.tulpa.dev:cadey/within-terraform-secret
-        curl https://xena.greedo.xeserv.us/files/dyson-linux-amd64-0.1.0.tgz | tar xz 
-        cp ./dyson-linux-amd64-0.1.1/dyson .
-        rm -rf dyson-linux-amd64-0.1.1
-        mkdir -p ~/.config/dyson
-        
-        echo '[DigitalOcean]
-        Token = ""
-        
-        [Cloudflare]
-        Email = ""
-        Token = ""
-        
-        [Secrets]
-        GitCheckout = "./within-terraform-secret"' > ~/.config/dyson/dyson.ini
-        
-        ./dyson manifest \
-          --name=christinewebsite \
-          --domain=christine.website \
-          --dockerImage=xena/christinewebsite:$(echo $GITHUB_SHA | head -c7) \
-          --containerPort=5000 \
-          --replicas=2 \
-          --useProdLE=true > $GITHUB_WORKSPACE/deploy.yml
-      env:
-        FILE_DATA: ${{ secrets.SSH_PRIVATE_KEY }}
-        GIT_SSH_COMMAND: "ssh -i ~/.ssh/id_rsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
-    - name: Save DigitalOcean kubeconfig
-      uses: digitalocean/action-doctl@master
-      env:
-        DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
-      with:
-        args: kubernetes cluster kubeconfig show kubermemes > $GITHUB_WORKSPACE/.kubeconfig
-    - name: Deploy to DigitalOcean Kubernetes
-      uses: docker://lachlanevenson/k8s-kubectl
-      with:
-        args: --kubeconfig=/github/workspace/.kubeconfig apply -n apps -f /github/workspace/deploy.yml
-    - name: Verify deployment
-      uses: docker://lachlanevenson/k8s-kubectl
-      with:
-        args: --kubeconfig=/github/workspace/.kubeconfig rollout status -n apps deployment/christinewebsite
-    - name: Ping Google
-      uses: docker://lachlanevenson/k8s-kubectl
-      with:
-        args: --kubeconfig=/github/workspace/.kubeconfig apply -f /github/workspace/k8s/job.yml
-    - name: Sleep
-      run: |
-        sleep 5
-    - name: Don't Ping Google
-      uses: docker://lachlanevenson/k8s-kubectl
-      with:
-        args: --kubeconfig=/github/workspace/.kubeconfig delete -f /github/workspace/k8s/job.yml
-    - name: POSSE
-      env:
-        MI_TOKEN: ${{ secrets.MI_TOKEN }}
-      run: |
-        curl -H "Authorization: $MI_TOKEN" --data "https://christine.website/blog.json" https://mi.within.website/blog/refresh
diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 1c09d87..a2e3a4a 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -1,16 +1,42 @@
 name: "Nix"
 on:
   push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
 jobs:
-  tests:
+  docker-build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v1
-    - uses: cachix/install-nix-action@v6
-    - uses: cachix/cachix-action@v3
-      with:
-        name: xe
-    - run: |
-        nix-build docker.nix
-        docker load -i result
-        docker tag xena/christinewebsite:latest xena/christinewebsite:$(echo $GITHUB_SHA | head -c7)
+      - uses: actions/checkout@v1
+      - uses: cachix/install-nix-action@v6
+      - uses: cachix/cachix-action@v3
+        with:
+          name: xe
+          signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+      - run: |
+          docker load -i result
+          docker tag xena/christinewebsite:latest xena/christinewebsite:$GITHUB_SHA
+          echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin
+          docker push xena/christinewebsite
+        env:
+          DOCKER_USERNAME: "xena"
+          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+  release:
+    runs-on: ubuntu-latest
+    needs: docker-build
+    if: github.ref == 'refs/heads/master'
+    steps:
+      - uses: cachix/install-nix-action@v6
+      - name: deploy
+        run: ./scripts/release.sh
+        env:
+          DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
+          MI_TOKEN: ${{ secrets.MI_TOKEN }}
+          PATREON_ACCESS_TOKEN: ${{ secrets.PATREON_ACCESS_TOKEN }}
+          PATREON_CLIENT_ID: ${{ secrets.PATREON_CLIENT_ID }}
+          PATREON_CLIENT_SECRET: ${{ secrets.PATREON_CLIENT_SECRET }}
+          PATREON_REFRESH_TOKEN: ${{ secrets.PATREON_REFRESH_TOKEN }}
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
new file mode 100644
index 0000000..1e18d23
--- /dev/null
+++ b/.github/workflows/rust.yml
@@ -0,0 +1,25 @@
+name: Rust
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+env:
+  CARGO_TERM_COLOR: always
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Build
+        run: cargo build --all
+      - name: Run tests
+        run: |
+          cargo test
+          (cd lib/jsonfeed && cargo test)
+          (cd lib/patreon && cargo test)
+        env:
+          PATREON_ACCESS_TOKEN: ${{ secrets.PATREON_ACCESS_TOKEN }}
+          PATREON_CLIENT_ID: ${{ secrets.PATREON_CLIENT_ID }}
+          PATREON_CLIENT_SECRET: ${{ secrets.PATREON_CLIENT_SECRET }}
+          PATREON_REFRESH_TOKEN: ${{ secrets.PATREON_REFRESH_TOKEN }}