nki/nix-home
1
0
Fork 0
Code Issues Pull requests 2 Packages Projects Releases Wiki Activity

Set up build farm #3

Merged
nki merged 11 commits from build-farm into master 2024-08-19 14:04:54 +00:00
Conversation 0 Commits 11 Files changed 13 +13 -10
3 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 733388ec86 - Show all commits

19
modules/services/nix-cache/default.nix
View file

@ -3,6 +3,8 @@
with { inherit (lib) mkEnableOption mkOption types mkIf; };
let
cfg = config.nki.services.nix-cache;
bindAddr = "127.0.0.1:5000";
in
{
options.nki.services.nix-cache = {
@ -31,18 +33,17 @@ in
config = {
nix.settings = mkIf cfg.enableClient {
substituters = [ "http://${cfg.host}" ];
substituters = lib.mkAfter [ "http://${cfg.host}" ];
trusted-public-keys = [ cfg.publicKey ];
};
services.nix-serve = mkIf cfg.enableServer {
services.harmonia = mkIf cfg.enableServer {
enable = true;
secretKeyFile = cfg.privateKeyFile;
};
users = mkIf cfg.enableServer {
users.nix-serve = { group = "nix-serve"; isSystemUser = true; };
groups.nix-serve = { };
signKeyPaths = [ cfg.privateKeyFile ];
settings = {
bind = bindAddr;
priority = 45;
};
};
services.nginx = mkIf cfg.enableServer {
@ -51,7 +52,7 @@ in
virtualHosts = {
# ... existing hosts config etc. ...
"${cfg.host}" = {
locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
locations."/".proxyPass = "http://${bindAddr}";
};
};
};

2
nki-framework/configuration.nix
View file

@ -21,6 +21,8 @@
common.linux.sops.enable = true;
common.linux.sops.file = ./secrets.yaml;
services.nix-build-farm.enable = false;
# services.xserver.enable = true;
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.displayManager.sddm.wayland.enable = true;

2
nki-home/configuration.nix
View file

@ -32,7 +32,7 @@ with lib;
common.linux.sops.file = ./secrets.yaml;
# Nix cache server
sops.secrets."nix-cache/private-key" = { owner = "nix-serve"; group = "nix-serve"; mode = "0600"; };
sops.secrets."nix-cache/private-key" = { owner = "harmonia"; group = "harmonia"; mode = "0600"; };
nki.services.nix-cache = {
enableServer = true;
privateKeyFile = config.sops.secrets."nix-cache/private-key".path;