nix-serve maybe

2025-03-03 15:37:18 -06:00
parent 8dca0cd14a
commit 208f9e5730
191 changed files with 224 additions and 4 deletions
--- a/hosts/nas/nix-serve.nix
+++ b/hosts/nas/nix-serve.nix
@@ -0,0 +1,73 @@
+{ pkgs, ... }:
+{
+  # "https://cache.mjallen.dev"
+  # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
+  services.nix-serve = {
+    enable = true;
+    secretKeyFile = "/etc/nix/cache-priv-key.pem";
+    port = 5000;  # Choose your preferred port
+    openFirewall = true;
+  };
+  
+  # Improved systemd service with better error handling
+  systemd.services.nix-rebuild-cache = {
+    description = "Rebuild all NixOS configurations for cache";
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
+      WorkingDirectory = "/etc/nixos";  # Update this path
+      StandardOutput = "journal+console";
+      StandardError = "journal+console";
+      Restart = "no";
+      # Increase timeout for large builds
+      TimeoutStartSec = "2h";
+    };
+    path = with pkgs; [
+      nix
+      git
+      coreutils
+      gnugrep
+      gnused
+    ];
+    script = ''
+      #!/usr/bin/env bash
+      set -euo pipefail
+      
+      # Pull latest changes if in a git repo
+      if [ -d .git ]; then
+        git pull || echo "Warning: Could not pull latest changes"
+      fi
+      
+      # Run the build-all script
+      echo "Starting build of all systems at $(date)"
+      if nix run .#build-all; then
+        echo "All systems built successfully at $(date)"
+      else
+        echo "Some systems failed to build at $(date)"
+        exit 1
+      fi
+    '';
+    # # Send an email on failure (optional)
+    # startPost = ''
+    #   if [ $SERVICE_RESULT != "success" ]; then
+    #     ${pkgs.mailutils}/bin/mail -s "NixOS cache rebuild failed" your-email@example.com <<EOF
+    #   The nix-rebuild-cache service failed at $(date).
+    #   Please check the logs with: journalctl -u nix-rebuild-cache
+    #   EOF
+    #   fi
+    # '';
+  };
+
+  systemd.timers.nix-rebuild-cache = {
+    description = "Timer for rebuilding NixOS configurations cache";
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnCalendar = "weekly";  # Or your preferred schedule
+      Persistent = true;
+      RandomizedDelaySec = "1h";  # Spread load
+    };
+  };
+  
+  # Monitor the cache service
+  services.prometheus.exporters.node.enabledCollectors = [ "systemd" ];
+}