mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

merge

Browse Source
This commit is contained in:
mjallen18
2025-08-23 10:26:12 -05:00
parent a96b8ddf86
commit bc18b0775b
43 changed files with 796 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
modules/nixos/attic/default.nix Normal file
View File

@@ -0,0 +1,132 @@
{
config,
lib,
pkgs,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.services.attic;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
services.atticd = {
enable = true;
environmentFile = cfg.environmentFile;
settings = {
listen = "${cfg.listenAddress}:${toString cfg.port}";
};
};
# Open firewall for attic if enabled
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
allowedUDPPorts = [ cfg.port ];
};
# Include the attic watch-store service and rebuild cache services
systemd.services = {
attic-watch-store = {
enable = true;
description = "watch store for cache";
serviceConfig = {
Type = "simple";
User = "admin";
Group = "jallen-nas";
WorkingDirectory = "/etc/nixos";
StandardOutput = "journal+console";
StandardError = "journal+console";
Restart = "always";
RestartSec = "5";
};
path = with pkgs; [
bash
attic-client
];
script = ''
#!/usr/bin/env bash
attic watch-store nas-cache
'';
};
nix-rebuild-cache-desktop = {
enable = true;
description = "Rebuild desktop NixOS configurations for cache";
serviceConfig = {
Type = "oneshot";
User = "admin";
Group = "jallen-nas";
WorkingDirectory = "/etc/nixos";
StandardOutput = "journal+console";
StandardError = "journal+console";
Restart = "no";
TimeoutStartSec = "2h";
};
path = with pkgs; [
nix
git
coreutils
gnugrep
gnused
openssh
];
script = ''
#!/usr/bin/env bash
if [ -d .git ]; then
git pull || echo "Warning: Could not pull latest changes"
fi
echo "Starting build of matt-nixos at $(date)"
if nix flake update desktop-nixpkgs desktop-chaotic desktop-home-manager desktop-impermanence desktop-lanzaboote desktop-nixos-hardware desktop-sops-nix desktop-steam-rom-manager nixpkgs-unstable nixpkgs-stable nix-darwin; then
echo "matt-nixos flake updated successfully at $(date)"
else
echo "matt-nixos failed to build at $(date)"
fi
if nix build .\#nixosConfigurations.matt-nixos.config.system.build.toplevel --no-link; then
echo "matt-nixos built successfully at $(date)"
git add .
git commit -m "Desktop Updates $(date)"
else
echo "matt-nixos failed to build at $(date)"
git reset --hard
fi
'';
};
};
# Include timers for cache rebuilds
systemd.timers = {
nix-rebuild-cache-desktop = {
description = "Timer for rebuilding desktop NixOS configurations cache";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "weekly";
Persistent = true;
RandomizedDelaySec = "24h";
};
};
};
# Configure distributed builds
nix = {
settings.builders-use-substitutes = true;
distributedBuilds = true;
buildMachines = [
{
hostName = "pi5.local";
system = "aarch64-linux";
maxJobs = 4;
sshUser = "matt";
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
}
];
};
};
}

31
modules/nixos/attic/options.nix Normal file
View File

@@ -0,0 +1,31 @@
{ lib, namespace, ... }:
with lib;
{
options.${namespace}.services.attic = {
enable = mkEnableOption "attic binary cache daemon";
port = mkOption {
type = types.port;
default = 9012;
description = "Port for attic cache daemon";
};
openFirewall = mkOption {
type = types.bool;
default = true;
description = "Whether to open firewall for attic";
};
environmentFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to environment file containing attic secrets";
};
listenAddress = mkOption {
type = types.str;
default = "[::1]";
description = "Address to listen on";
};
};
}