153 lines
5.5 KiB
Nix
Executable File
153 lines
5.5 KiB
Nix
Executable File
{ pkgs, ... }:
|
|
{
|
|
# "https://cache.mjallen.dev"
|
|
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
|
|
services.nix-serve = {
|
|
enable = true;
|
|
package = pkgs.nix-serve-ng;
|
|
secretKeyFile = "/etc/nix/cache-priv-key.pem";
|
|
port = 5000; # Choose your preferred port
|
|
openFirewall = true;
|
|
};
|
|
|
|
# Improved systemd service with better error handling
|
|
systemd.services.nix-rebuild-cache = {
|
|
enable = true;
|
|
description = "Rebuild all NixOS configurations for cache";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
User = "root";
|
|
WorkingDirectory = "/etc/nixos";
|
|
StandardOutput = "journal+console";
|
|
StandardError = "journal+console";
|
|
Restart = "no";
|
|
# Increase timeout for large builds
|
|
TimeoutStartSec = "2h";
|
|
};
|
|
path = with pkgs; [
|
|
nix
|
|
git
|
|
uutils-coreutils
|
|
gnugrep
|
|
gnused
|
|
];
|
|
script = ''
|
|
#!/usr/bin/env bash
|
|
|
|
# Pull latest changes if in a git repo
|
|
if [ -d .git ]; then
|
|
git pull || echo "Warning: Could not pull latest changes"
|
|
fi
|
|
|
|
echo "Starting build of matt-nixos at $(date)"
|
|
if nix flake update desktop-nixpkgs desktop-chaotic desktop-home-manager desktop-impermanence desktop-lanzaboote desktop-nixos-hardware desktop-sops-nix desktop-steam-rom-manager nixpkgs-unstable nixpkgs-stable nix-darwin; then
|
|
echo "matt-nixos flake updated successfully at $(date)"
|
|
else
|
|
echo "matt-nixos failed to build at $(date)"
|
|
fi
|
|
if nix build .\#nixosConfigurations.matt-nixos.config.system.build.toplevel --no-link; then
|
|
echo "matt-nixos built successfully at $(date)"
|
|
git add .
|
|
git commit -m "Desktop Updates $(date)"
|
|
else
|
|
echo "matt-nixos failed to build at $(date)"
|
|
git reset --hard
|
|
fi
|
|
|
|
echo "Starting build of steamdeck at $(date)"
|
|
if nix flake update steamdeck-nixpkgs steamdeck-chaotic steamdeck-home-manager steamdeck-impermanence steamdeck-jovian steamdeck-lanzaboote steamdeck-nixos-hardware steamdeck-sops-nix steamdeck-steam-rom-manager; then
|
|
echo "steamdeck flake updated successfully at $(date)"
|
|
else
|
|
echo "steamdeck flake failed to update at $(date)"
|
|
git reset --hard
|
|
fi
|
|
if nix build .\#nixosConfigurations.steamdeck.config.system.build.toplevel --no-link; then
|
|
echo "steamdeck built successfully at $(date)"
|
|
git add .
|
|
git commit -m "Dteamdeck Updates $(date)"
|
|
else
|
|
echo "steamdeck failed to build at $(date)"
|
|
git reset --hard
|
|
fi
|
|
|
|
echo "Starting build of pi4 at $(date)"
|
|
if nix flake update pi4-nixpkgs pi4-home-manager pi4-impermanence pi4-sops-nix pi4-nixos-hardware pi4-nixos-raspberrypi pi4-disko; then
|
|
echo "pi4 flake updated successfully at $(date)"
|
|
else
|
|
echo "pif flake failed to update at $(date)"
|
|
fi
|
|
if nix build .\#nixosConfigurations.pi4.config.system.build.toplevel --no-link --impure; then
|
|
echo "pi4 built successfully at $(date)"
|
|
git add .
|
|
git commit -m "Pi4 Updates $(date)"
|
|
else
|
|
echo "pi4 failed to build at $(date)"
|
|
git reset --hard
|
|
fi
|
|
|
|
echo "Starting build of pi5 at $(date)"
|
|
if nix flake update pi5-nixpkgs pi5-home-manager pi5-impermanence pi5-nixos-hardware pi5-sops-nix nixos-raspberrypi; then
|
|
echo "pi5 flake updated successfully at $(date)"
|
|
else
|
|
echo "pi5 flake failed to update at $(date)"
|
|
fi
|
|
if nix build .\#nixosConfigurations.pi5.config.system.build.toplevel --no-link; then
|
|
echo "pi5 built successfully at $(date)"
|
|
git add .
|
|
git commit -m "Pi5 Updates $(date)"
|
|
else
|
|
echo "pi5 failed to build at $(date)"
|
|
git reset --hard
|
|
fi
|
|
|
|
echo "Starting build of jallen-nas at $(date)"
|
|
if nix flake update nas-nixpkgs nas-authentik-nix nas-cosmic nas-crowdsec nas-home-manager nas-impermanence nas-lanzaboote nas-nixos-hardware nas-sops-nix; then
|
|
echo "jallen-nas flake updated successfully at $(date)"
|
|
else
|
|
echo "jallen-nas flake failed to update at $(date)"
|
|
fi
|
|
export NIXPKGS_ALLOW_UNFREE=1
|
|
if nix build .\#nixosConfigurations.jallen-nas.config.system.build.toplevel --no-link --impure; then
|
|
echo "jallen-nas built successfully at $(date)"
|
|
git add .
|
|
git commit -m "Jallen-NAS Updates $(date)"
|
|
else
|
|
echo "jallen-nas failed to build at $(date)"
|
|
git reset --hard
|
|
fi
|
|
|
|
# git push
|
|
'';
|
|
# # Send an email on failure (optional)
|
|
# startPost = ''
|
|
# if [ $SERVICE_RESULT != "success" ]; then
|
|
# ${pkgs.mailutils}/bin/mail -s "NixOS cache rebuild failed" your-email@example.com <<EOF
|
|
# The nix-rebuild-cache service failed at $(date).
|
|
# Please check the logs with: journalctl -u nix-rebuild-cache
|
|
# EOF
|
|
# fi
|
|
# '';
|
|
};
|
|
|
|
systemd.timers.nix-rebuild-cache = {
|
|
description = "Timer for rebuilding NixOS configurations cache";
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnCalendar = "weekly"; # Or your preferred schedule
|
|
Persistent = true;
|
|
RandomizedDelaySec = "1h"; # Spread load
|
|
};
|
|
};
|
|
|
|
nix.settings.builders-use-substitutes = true;
|
|
nix.distributedBuilds = true;
|
|
nix.buildMachines = [
|
|
{
|
|
hostName = "pi5.local";
|
|
system = "aarch64-linux";
|
|
maxJobs = 4;
|
|
sshUser = "matt";
|
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
}
|
|
];
|
|
} |