clerie/nixfiles
1
0
Fork 0
Code

hosts/hydra-1: Move nix cache config to seperate file

Browse Source
This commit is contained in:
clerie 2024-04-22 20:51:23 +02:00
parent c7769eaecb
commit 8ba55f1049
2 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
hosts/hydra-1/configuration.nix
View File

@ -9,6 +9,7 @@
./build-machines.nix ./build-machines.nix
./hydra.nix ./hydra.nix
./nix-cache.nix
]; ];
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
@ -29,34 +30,7 @@
networking.defaultGateway = { address = "192.168.10.1"; interface = "ens19"; }; networking.defaultGateway = { address = "192.168.10.1"; interface = "ens19"; };
networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ]; networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ];
services.harmonia = {
enable = true;
settings.bind = "[::1]:5005";
signKeyPath = config.sops.secrets.nix-cache-key.path;
};
services.nginx.enable = true; services.nginx.enable = true;
services.nginx.virtualHosts = {
"nix-cache.clerie.de" = {
enableACME = true;
forceSSL = true;
locations."= /" = {
return = ''200 'Nix Cache by clerie\n\nPublic key:\n\n nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=\n\nNixOS Configuration:\n\n nix.settings = {\n substituters = [\n "https://nix-cache.clerie.de"\n ];\n trusted-public-keys = [\n "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g="\n ];\n }\n\nTry:\n\n nix build --substituters "https://nix-cache.clerie.de" \\\n --trusted-public-keys "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=" \\\n "git+https://git.clerie.de/clerie/fieldpoc.git#fieldpoc"\n\n.-*..*-.' '';
extraConfig = ''
types { } default_type "text/plain; charset=utf-8";
'';
};
locations."/" = {
proxyPass = "http://[::1]:5005";
extraConfig = ''
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
};
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];

33
hosts/hydra-1/nix-cache.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
{
services.harmonia = {
enable = true;
settings.bind = "[::1]:5005";
signKeyPath = config.sops.secrets.nix-cache-key.path;
};
services.nginx.virtualHosts = {
"nix-cache.clerie.de" = {
enableACME = true;
forceSSL = true;
locations."= /" = {
return = ''200 'Nix Cache by clerie\n\nPublic key:\n\n nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=\n\nNixOS Configuration:\n\n nix.settings = {\n substituters = [\n "https://nix-cache.clerie.de"\n ];\n trusted-public-keys = [\n "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g="\n ];\n }\n\nTry:\n\n nix build --substituters "https://nix-cache.clerie.de" \\\n --trusted-public-keys "nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=" \\\n "git+https://git.clerie.de/clerie/fieldpoc.git#fieldpoc"\n\n.-*..*-.' '';
extraConfig = ''
types { } default_type "text/plain; charset=utf-8";
'';
};
locations."/" = {
proxyPass = "http://[::1]:5005";
extraConfig = ''
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
};
};
};
}