2024-08-16 12:36:11 +00:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
with { inherit (lib) mkEnableOption mkOption types mkIf; };
|
|
|
|
|
let
|
|
|
|
|
cfg = config.nki.services.nix-cache;
|
2024-08-19 14:04:52 +00:00
|
|
|
|
|
|
|
|
bindAddr = "127.0.0.1:5000";
|
2024-08-16 12:36:11 +00:00
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
options.nki.services.nix-cache = {
|
|
|
|
|
enableClient = mkOption {
|
|
|
|
|
type = types.bool;
|
|
|
|
|
default = !cfg.enableServer;
|
|
|
|
|
description = "Enable nix-cache client";
|
|
|
|
|
};
|
|
|
|
|
enableServer = mkEnableOption "Enable nix-cache server";
|
|
|
|
|
|
|
|
|
|
host = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = "nix.home.tinc";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
publicKey = mkOption {
|
|
|
|
|
type = types.str;
|
|
|
|
|
default = builtins.readFile ./cache-pub-key.pem;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
privateKeyFile = mkOption {
|
|
|
|
|
type = types.path;
|
|
|
|
|
description = "Path to the private key .pem file";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = {
|
|
|
|
|
nix.settings = mkIf cfg.enableClient {
|
2024-08-19 14:04:52 +00:00
|
|
|
substituters = lib.mkAfter [ "http://${cfg.host}" ];
|
2024-08-16 12:36:11 +00:00
|
|
|
trusted-public-keys = [ cfg.publicKey ];
|
|
|
|
|
};
|
|
|
|
|
|
2024-08-19 14:04:52 +00:00
|
|
|
services.harmonia = mkIf cfg.enableServer {
|
2024-08-16 12:36:11 +00:00
|
|
|
enable = true;
|
2024-08-19 14:04:52 +00:00
|
|
|
signKeyPath = cfg.privateKeyFile;
|
|
|
|
|
settings = {
|
|
|
|
|
bind = bindAddr;
|
|
|
|
|
priority = 45;
|
|
|
|
|
};
|
2024-08-16 12:36:11 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx = mkIf cfg.enableServer {
|
|
|
|
|
enable = true;
|
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
|
virtualHosts = {
|
|
|
|
|
# ... existing hosts config etc. ...
|
|
|
|
|
"${cfg.host}" = {
|
2024-08-19 14:04:52 +00:00
|
|
|
locations."/".proxyPass = "http://${bindAddr}";
|
2024-08-16 12:36:11 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
