nixos/object: Initial working atticd cache
This commit is contained in:
parent
f72713410a
commit
36cd77c697
@ -27,5 +27,6 @@ in
|
|||||||
rage
|
rage
|
||||||
deploy-rs.deploy-rs
|
deploy-rs.deploy-rs
|
||||||
home-manager
|
home-manager
|
||||||
|
attic-client
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|||||||
@ -95,6 +95,7 @@
|
|||||||
inputs.ragenix.overlays.default
|
inputs.ragenix.overlays.default
|
||||||
inputs.deploy-rs.overlay
|
inputs.deploy-rs.overlay
|
||||||
(flakePackageOverlay inputs.home-manager-unstable system)
|
(flakePackageOverlay inputs.home-manager-unstable system)
|
||||||
|
inputs.attic.overlays.default
|
||||||
];
|
];
|
||||||
}))
|
}))
|
||||||
pkgsFlakes;
|
pkgsFlakes;
|
||||||
|
|||||||
@ -440,14 +440,10 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
"nix-cache.${pubDomain}" = {
|
"nix-cache.${pubDomain}" = {
|
||||||
extraConfig = ''
|
|
||||||
${extraConfig}
|
|
||||||
proxy_set_header Host "nix-cache.s3.nul.ie";
|
|
||||||
'';
|
|
||||||
locations = {
|
locations = {
|
||||||
"/".proxyPass = s3Upstream;
|
"/".proxyPass = "http://${host}:8069";
|
||||||
"~ ${nixCacheableRegex}" = {
|
"~ ${nixCacheableRegex}" = {
|
||||||
proxyPass = s3Upstream;
|
proxyPass = "http://${host}:8069";
|
||||||
extraConfig = nixCacheHeaders;
|
extraConfig = nixCacheHeaders;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
{ lib, ... }:
|
{ lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib.my) net;
|
inherit (lib.my) net;
|
||||||
|
inherit (lib.my.c) pubDomain;
|
||||||
inherit (lib.my.c.colony) domain prefixes;
|
inherit (lib.my.c.colony) domain prefixes;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
@ -23,7 +24,7 @@ in
|
|||||||
|
|
||||||
configuration = { lib, pkgs, config, assignments, ... }:
|
configuration = { lib, pkgs, config, assignments, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib) mkMerge mkIf;
|
inherit (lib) mkMerge mkIf mkForce;
|
||||||
inherit (config.my.user.homeConfig.lib.file) mkOutOfStoreSymlink;
|
inherit (config.my.user.homeConfig.lib.file) mkOutOfStoreSymlink;
|
||||||
inherit (lib.my) networkdAssignment systemdAwaitPostgres;
|
inherit (lib.my) networkdAssignment systemdAwaitPostgres;
|
||||||
in
|
in
|
||||||
@ -46,11 +47,12 @@ in
|
|||||||
owner = config.my.user.config.name;
|
owner = config.my.user.config.name;
|
||||||
group = config.my.user.config.group;
|
group = config.my.user.config.group;
|
||||||
};
|
};
|
||||||
|
"object/atticd.env" = {};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
firewall = {
|
firewall = {
|
||||||
tcp.allowed = [ 9000 9001 config.services.sharry.config.bind.port ];
|
tcp.allowed = [ 9000 9001 config.services.sharry.config.bind.port 8069 ];
|
||||||
};
|
};
|
||||||
|
|
||||||
user.homeConfig = {
|
user.homeConfig = {
|
||||||
@ -147,6 +149,29 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
atticd = {
|
||||||
|
enable = true;
|
||||||
|
credentialsFile = config.age.secrets."object/atticd.env".path;
|
||||||
|
settings = {
|
||||||
|
listen = "[::]:8069";
|
||||||
|
allowed-hosts = [ "nix-cache.${pubDomain}" ];
|
||||||
|
api-endpoint = "https://nix-cache.${pubDomain}/";
|
||||||
|
database = mkForce {}; # blank to pull from env
|
||||||
|
storage = {
|
||||||
|
type = "s3";
|
||||||
|
region = "eu-central-1";
|
||||||
|
bucket = "nix-attic";
|
||||||
|
endpoint = "http://localhost:9000";
|
||||||
|
};
|
||||||
|
chunking = {
|
||||||
|
nar-size-threshold = 65536;
|
||||||
|
min-size = 16384;
|
||||||
|
avg-size = 65536;
|
||||||
|
max-size = 262144;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
(mkIf config.my.build.isDevVM {
|
(mkIf config.my.build.isDevVM {
|
||||||
|
|||||||
19
secrets/object/atticd.env.age
Normal file
19
secrets/object/atticd.env.age
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IGhrYnR2ZyBFZGRt
|
||||||
|
cjlNMnY4eDJ6enMzbjRrYk9rdk5aUlpjUFhWUXhrL0N1RFhOVnp3CmJWNzJXV3RW
|
||||||
|
RGEzRTJxT01nZlIyTE84Y1poblUwa3VUUkxvK2ZUdHVFWlUKLT4gWDI1NTE5IEJn
|
||||||
|
NFVUNk9mZXpUUCtRc1E2WjFhY2k1K1RpTFBLSTZpZzkrRjZEMC9nRzgKRXQvR1ZY
|
||||||
|
d2gwOENSN283TlpBQlU3K2pndk5vZldqUmxQczloTEhFZFlFNAotPiBYMjU1MTkg
|
||||||
|
cURjVytMNU1xUFdWcVVVL2pweXE3VUFHdkZvcVk1eUFpcEVWQkk4NkFYbwpUZkJv
|
||||||
|
QnlXRFZmMi8wMUFOVHhIRVUxOG9VaENrbGwwUHI5YTBzbE5oMnVJCi0+IHMtZ3Jl
|
||||||
|
YXNlClp4NmpRSTlOUjF2MnZnZVFaYUltNVdEZmdxSFpYK1NDVUY4TGFXRTB6KzlW
|
||||||
|
dzBHVEs2TVdyNEpZTVU5ZktoMSsKNEtjUyttSVA5VTJoazg0ay9BCi0tLSBQbGx4
|
||||||
|
T3BVUmo2KzNzdFd2MmlVWHM3OUtvRTV5dm9Hc1ZtdW9KT1UrYmNRCleCUn5rMaT3
|
||||||
|
1eZtb7kLC2CATBgghXRv/ao9RAal9IrqEUiaeFk6H2IS5VL2ew97Chz2Rq48NQFG
|
||||||
|
WpVxdM/Uhc2mVHXhHA7tUcMkICPwRSZ/B++1CvYBfzpGq+B2rPmMKAGeIk+yGFgt
|
||||||
|
hWpssoaSMnaI58wBfT1SpNDPMm5ukQqcqb5LON/UZ4ExajNeTVEXZUJE6+cEfgrG
|
||||||
|
/1n4Jp86A0jI45/IF+kxzP8MMgQs6aZ4/iiynMubJE8D7dB51QhTfx8RMQ4zOPyT
|
||||||
|
Ak46cl7tZB+4sww7DE5sz5VXWMoEHig6qlLu0j/AonQCOMqoQj3dRiU0gfRJacu9
|
||||||
|
4TMeDiY3GS0AjIIO6ENgnsk6gCn8tZ8HOZ85a9EbOT+LVjnL3EVVSup81uquGoJf
|
||||||
|
Q6/0JkjFOWZuVJIaI2s6NFbfyA3vC1ig
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
Loading…
Reference in New Issue
Block a user