nix-home/modules/services/nix-cache/default.nix

61 lines
1.4 KiB
Nix
Raw Permalink Normal View History

2024-08-16 12:36:11 +00:00
{ config, pkgs, lib, ... }:
with { inherit (lib) mkEnableOption mkOption types mkIf; };
let
cfg = config.nki.services.nix-cache;
bindAddr = "127.0.0.1:5000";
2024-08-16 12:36:11 +00:00
in
{
options.nki.services.nix-cache = {
enableClient = mkOption {
type = types.bool;
default = !cfg.enableServer;
description = "Enable nix-cache client";
};
enableServer = mkEnableOption "Enable nix-cache server";
host = mkOption {
type = types.str;
default = "nix.home.tinc";
};
publicKey = mkOption {
type = types.str;
default = builtins.readFile ./cache-pub-key.pem;
};
privateKeyFile = mkOption {
type = types.path;
description = "Path to the private key .pem file";
};
};
config = {
nix.settings = mkIf cfg.enableClient {
substituters = lib.mkAfter [ "http://${cfg.host}" ];
2024-08-16 12:36:11 +00:00
trusted-public-keys = [ cfg.publicKey ];
};
services.harmonia = mkIf cfg.enableServer {
2024-08-16 12:36:11 +00:00
enable = true;
signKeyPath = cfg.privateKeyFile;
settings = {
bind = bindAddr;
priority = 45;
};
2024-08-16 12:36:11 +00:00
};
services.nginx = mkIf cfg.enableServer {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
# ... existing hosts config etc. ...
"${cfg.host}" = {
locations."/".proxyPass = "http://${bindAddr}";
2024-08-16 12:36:11 +00:00
};
};
};
};
}