2024-05-09 20:21:49 +02:00
|
|
|
{ config, ... }: {
|
2024-05-11 16:02:39 +02:00
|
|
|
imports = [
|
|
|
|
./nix-config.nix
|
|
|
|
];
|
2024-05-10 20:09:39 +02:00
|
|
|
sops.secrets."services/hydra/signKey" = {
|
|
|
|
owner = "hydra-queue-runner";
|
|
|
|
sopsFile = ../../secrets/services/hydra.yaml;
|
|
|
|
};
|
2024-05-09 20:21:49 +02:00
|
|
|
services.hydra = {
|
|
|
|
enable = true;
|
|
|
|
hydraURL = "https://hydra.kyouma.net";
|
|
|
|
listenHost = "localhost";
|
|
|
|
notificationSender = "hydra@hydra.kyouma.net";
|
|
|
|
minimumDiskFree = 2;
|
|
|
|
useSubstitutes = true;
|
2024-05-10 20:09:39 +02:00
|
|
|
extraConfig = ''
|
|
|
|
store_uri = file:///var/cache/hydra?secret-key=${config.sops.secrets."services/hydra/signKey".path}&write-nar-listing=1&ls-compression=xz&log-compression=xz&want-mass-query=1&priority=41
|
|
|
|
upload_logs_to_binary_cache = true
|
|
|
|
server_store_uri = https://cache.kyouma.net
|
|
|
|
binary_cache_public_uri = https://cache.kyouma.net
|
|
|
|
'';
|
2024-05-09 20:21:49 +02:00
|
|
|
};
|
2024-05-11 16:02:39 +02:00
|
|
|
kyouma.nginx.defaultForbidden = "hydra.kyouma.net";
|
2024-05-10 20:09:39 +02:00
|
|
|
kyouma.nginx.virtualHosts = {
|
|
|
|
"hydra.kyouma.net" = {
|
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://localhost:3000";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
"cache.kyouma.net" = {
|
|
|
|
root = "/var/cache/hydra";
|
|
|
|
locations."= /" = {
|
|
|
|
return = ''200 'Public key:\n\ncache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg='
|
|
|
|
'';
|
|
|
|
extraConfig = ''
|
|
|
|
types { } default_type "text/plain; charset=utf-8";
|
|
|
|
'';
|
|
|
|
};
|
2024-05-09 20:21:49 +02:00
|
|
|
};
|
|
|
|
};
|
2024-05-11 16:02:39 +02:00
|
|
|
security.acme.certs."hydra.kyouma.net".extraDomainNames = [ "cache.kyouma.net" ];
|
2024-05-09 20:21:49 +02:00
|
|
|
}
|