nki/nix-home
1
0
Fork 0
Code Issues Pull requests 2 Packages Projects Releases Wiki Activity

Switch nix-serve for harmonia

Browse source
This commit is contained in:
Natsu Kagami 2024-08-16 17:03:12 +02:00
parent e79217aa02
commit 733388ec86
Signed by: nki
GPG key ID: 55A032EB38B49ADB
3 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
modules/services/nix-cache/default.nix
View file

@ -3,6 +3,8 @@
with { inherit (lib) mkEnableOption mkOption types mkIf; }; with { inherit (lib) mkEnableOption mkOption types mkIf; };
let let
cfg = config.nki.services.nix-cache; cfg = config.nki.services.nix-cache;
bindAddr = "127.0.0.1:5000";
in in
{ {
options.nki.services.nix-cache = { options.nki.services.nix-cache = {
@ -31,18 +33,17 @@ in
config = { config = {
nix.settings = mkIf cfg.enableClient { nix.settings = mkIf cfg.enableClient {
substituters = [ "http://${cfg.host}" ]; substituters = lib.mkAfter [ "http://${cfg.host}" ];
trusted-public-keys = [ cfg.publicKey ]; trusted-public-keys = [ cfg.publicKey ];
}; };
services.nix-serve = mkIf cfg.enableServer { services.harmonia = mkIf cfg.enableServer {
enable = true; enable = true;
secretKeyFile = cfg.privateKeyFile; signKeyPaths = [ cfg.privateKeyFile ];
}; settings = {
bind = bindAddr;
users = mkIf cfg.enableServer { priority = 45;
users.nix-serve = { group = "nix-serve"; isSystemUser = true; }; };
groups.nix-serve = { };
}; };
services.nginx = mkIf cfg.enableServer { services.nginx = mkIf cfg.enableServer {
@ -51,7 +52,7 @@ in
virtualHosts = { virtualHosts = {
# ... existing hosts config etc. ... # ... existing hosts config etc. ...
"${cfg.host}" = { "${cfg.host}" = {
locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; locations."/".proxyPass = "http://${bindAddr}";
}; };
}; };
}; };

2
nki-framework/configuration.nix
View file

@ -21,6 +21,8 @@
common.linux.sops.enable = true; common.linux.sops.enable = true;
common.linux.sops.file = ./secrets.yaml; common.linux.sops.file = ./secrets.yaml;
services.nix-build-farm.enable = false;
# services.xserver.enable = true; # services.xserver.enable = true;
# services.xserver.displayManager.sddm.enable = true; # services.xserver.displayManager.sddm.enable = true;
# services.xserver.displayManager.sddm.wayland.enable = true; # services.xserver.displayManager.sddm.wayland.enable = true;

2
nki-home/configuration.nix
View file

@ -32,7 +32,7 @@ with lib;
common.linux.sops.file = ./secrets.yaml; common.linux.sops.file = ./secrets.yaml;
# Nix cache server # Nix cache server
sops.secrets."nix-cache/private-key" = { owner = "nix-serve"; group = "nix-serve"; mode = "0600"; }; sops.secrets."nix-cache/private-key" = { owner = "harmonia"; group = "harmonia"; mode = "0600"; };
nki.services.nix-cache = { nki.services.nix-cache = {
enableServer = true; enableServer = true;
privateKeyFile = config.sops.secrets."nix-cache/private-key".path; privateKeyFile = config.sops.secrets."nix-cache/private-key".path;