From 7e1b33d2bc4d57efb62df5d80146c05d1b1cbdad Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Tue, 22 Aug 2023 16:42:37 +0200
Subject: [PATCH] hosts/TITAN: cachix-upload -> attic-upload

---
 hosts/TITAN/extras/attic-upload-daemon.nix  | 38 +++++++++++++++++++++
 hosts/TITAN/extras/cachix-upload-daemon.nix | 21 ------------
 hosts/TITAN/system.nix                      |  2 +-
 secrets/attic-upload-key.age                | 13 +++++++
 secrets/cachix-upload-key.age               | 13 -------
 secrets/secrets.nix                         |  2 +-
 6 files changed, 53 insertions(+), 36 deletions(-)
 create mode 100644 hosts/TITAN/extras/attic-upload-daemon.nix
 delete mode 100644 hosts/TITAN/extras/cachix-upload-daemon.nix
 create mode 100644 secrets/attic-upload-key.age
 delete mode 100644 secrets/cachix-upload-key.age

diff --git a/hosts/TITAN/extras/attic-upload-daemon.nix b/hosts/TITAN/extras/attic-upload-daemon.nix
new file mode 100644
index 0000000..5eb4f8c
--- /dev/null
+++ b/hosts/TITAN/extras/attic-upload-daemon.nix
@@ -0,0 +1,38 @@
+{ config, pkgs, inputs, ... }:
+
+let
+  toml = pkgs.formats.toml {};
+  atticConfig = toml.generate "attic-upload-config.toml" {
+    default-server = "cache";
+    servers.cache.endpoint = "https://cache-api.privatevoid.net";
+  };
+
+  inherit (inputs.attic.packages.${pkgs.system}) attic;
+in
+
+{
+  age.secrets.attic-upload-key = {
+    file = ../../../secrets/attic-upload-key.age;
+    mode = "0400";
+  };
+
+  systemd.services.attic-upload = {
+    description = "Attic Uploader";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network-online.target" ];
+    path = [ config.nix.package ];
+    environment.XDG_CONFIG_HOME = "/tmp/attic-upload";
+    preStart = ''
+      install -dm700 "$XDG_CONFIG_HOME/attic"
+      cp --no-preserve=mode ${atticConfig} "$XDG_CONFIG_HOME/attic/config.toml"
+      echo "token = \"$ATTIC_TOKEN\"" >> "$XDG_CONFIG_HOME/attic/config.toml"
+    '';
+    serviceConfig = {
+      ExecStart = "${attic}/bin/attic watch-store nix-store";
+      Restart = "always";
+      RestartSec = "10s";
+      DynamicUser = true;
+      EnvironmentFile = config.age.secrets.attic-upload-key.path;
+    };
+  };
+}
diff --git a/hosts/TITAN/extras/cachix-upload-daemon.nix b/hosts/TITAN/extras/cachix-upload-daemon.nix
deleted file mode 100644
index 8df23c7..0000000
--- a/hosts/TITAN/extras/cachix-upload-daemon.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  age.secrets.cachix-upload-key = {
-    file = ../../../secrets/cachix-upload-key.age;
-    mode = "0400";
-  };
-
-  systemd.services.cachix-upload = {
-    description = "Cachix Uploader";
-    wantedBy = [ "multi-user.target" ];
-    after = [ "network-online.target" ];
-    path = [ config.nix.package ];
-    serviceConfig = {
-      ExecStart = "${pkgs.cachix}/bin/cachix watch-store max";
-      Restart = "always";
-      DynamicUser = true;
-      EnvironmentFile = config.age.secrets.cachix-upload-key.path;
-    };
-  };
-}
diff --git a/hosts/TITAN/system.nix b/hosts/TITAN/system.nix
index 05efe01..a9d477c 100644
--- a/hosts/TITAN/system.nix
+++ b/hosts/TITAN/system.nix
@@ -7,7 +7,7 @@ in
 
   imports = [
     ./hardware-configuration.nix
-    ./extras/cachix-upload-daemon.nix
+    ./extras/attic-upload-daemon.nix
     ./extras/custom-kernel.nix
     ./extras/ddcci-backlight.nix
     ./extras/fbi-downloader.nix
diff --git a/secrets/attic-upload-key.age b/secrets/attic-upload-key.age
new file mode 100644
index 0000000..8add0d3
--- /dev/null
+++ b/secrets/attic-upload-key.age
@@ -0,0 +1,13 @@
+age-encryption.org/v1
+-> ssh-ed25519 NO562A OgAfkFt4Ci04p79LJfpiQXwncb+sGhq0X/mzFAZOnVg
+zRzcS6oJV4oJ0O7mMnqPEJg/guM7GIMwzfSDE74Nuqk
+-> ssh-ed25519 5/zT0w qbRtOTh2C07+k2J22PJoXiYFKWXgJ18DfA29eqxkrwI
+BGoqjK6cpdQtZj6UeOZh687YoygiUieaqOiUZddo/UU
+-> ssh-ed25519 OxDh5w eey4Vi1yMtWsjPwkyAzRP7tTVX8VcgTN9FQzvEV+l28
+Ju7/bk0cyMxVbLaOAGOJwGepTUxPH8ZTHLCHkl3b2lc
+-> ~/d9](zV-grease .@B2-29 5[@V }' a}
+uk1w2UeRswloABr+O5qT4r5wnw0i6buVut1xBngqftw7/kKfELL734vVKq0tAwXH
+iHCzaekooAIHSmIEfRI6wGKO
+--- 0gf7R4wx3Md3blNkOd5m25d4yiDjmepv0ZPCT11qFUc
+I�_\i�3Ce�>�
+�~����>f|�NB��M�t2��<�F��q�N�\��N&�
�#!X���4.[y���� 3�=P�40oэ�0}�>��
��}���8I�6m�I�0cX�l�E��A�{��J����8s_�LEH]���lQ�A"acW�9СB\��۬!"�h>� �7k���N~��4���C�������E���v�C�tmbkTԅE�
�12g8}��T$�!�=��3���
\ No newline at end of file
diff --git a/secrets/cachix-upload-key.age b/secrets/cachix-upload-key.age
deleted file mode 100644
index c884269..0000000
--- a/secrets/cachix-upload-key.age
+++ /dev/null
@@ -1,13 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 NO562A wdYUFvxvT7qtZ2GjKvH5LMqwst83kiWb4wLfx7T6QSs
-4Bpe9C3B11Hmqv8bk7khao+AeG+qrDBe4io477y+mCg
--> ssh-ed25519 5/zT0w r7KSc3LLqCQiGXBNgnav0StNfnVg5F9VIw2Pzw8UQhI
-pMkSqshAwDLsy2IhP00E8xYTZOMDPUNRJiisH9ArUoU
--> ssh-ed25519 OxDh5w mb6tt+K0i73aGmPUzwR7+d+vjOQGfJcxHx2udZ6Q9nw
-1icXi5j9nOI5zkwVzu/1K22CxBpbp6ioU9j3uNZgpBo
--> 9s8B-grease %Dt pw[YavZ RY((bY>
-WL92Bw95H0c3dM+H0iUhYtoefQbM0guP69x1vCX8zxT+NTdKtAeK/Nu1RVaR4qdL
-/yj5
---- psVhYZPeJN0cgQi882QC7JSj6IejJUTAkdnCHw5cRQQ
-\��e��R�
l��Y��*^9�Y�J��%����͢�Jߊ���ATWE:ME�Q�:�Ix	��}�<�v�)p�,�0�`�$
��,��w�e�a�N��80��o���ך�6ܸ��a�+B�"�
�t�z~�{�� j��<�
Ȳ�\�
-_"��+8�2\�)<�	�eFd2sK�S������Y�Z,	5U��n�Z�W>�'
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index ea115e0..6ca497b 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -5,7 +5,7 @@ let
 in with hosts;
 {
   "builder_key.age".publicKeys = max ++ map systemKeys [ TITAN jericho ];
-  "cachix-upload-key.age".publicKeys = max ++ map systemKeys [ TITAN ];
+  "attic-upload-key.age".publicKeys = max ++ map systemKeys [ TITAN ];
   "hyprspace-key-TITAN.age".publicKeys = max ++ map systemKeys [ TITAN ];
   "hyprspace-key-jericho.age".publicKeys = max ++ map systemKeys [ jericho ];
   "ipfs-cluster-secret.age".publicKeys = max ++ map systemKeys [ TITAN ];