depot/cluster/services/attic/binary-cache.nix

91 lines
2.7 KiB
Nix
Raw Normal View History

2024-08-02 23:46:45 +03:00
{ config, cluster, depot, lib, ... }:
2023-08-31 01:55:45 +03:00
with depot.lib.nginx;
2021-10-16 21:24:13 +03:00
{
2024-08-02 23:46:45 +03:00
links = {
atticNixStoreInternalRedirect.protocol = "http";
garageNixStoreInternalRedirect.protocol = "http";
};
2024-08-02 23:46:45 +03:00
security.acme.certs."cache.${depot.lib.meta.domain}" = {
dnsProvider = "exec";
webroot = lib.mkForce null;
};
services.nginx.upstreams = {
nar-serve.extraConfig = ''
random;
server ${config.links.nar-serve-self.tuple} fail_timeout=0;
server ${config.links.nar-serve-nixos-org.tuple} fail_timeout=0;
'';
nix-store.servers = {
2024-08-02 23:46:45 +03:00
"${config.links.garageNixStoreInternalRedirect.tuple}" = {
fail_timeout = 0;
};
2024-08-02 23:46:45 +03:00
"${config.links.atticNixStoreInternalRedirect.tuple}" = {
fail_timeout = 0;
};
};
};
services.nginx.appendHttpConfig = ''
proxy_cache_path /var/cache/nginx/nixstore levels=1:2 keys_zone=nixstore:10m max_size=10g inactive=24h use_temp_path=off;
'';
services.nginx.virtualHosts = {
"cache.${depot.lib.meta.domain}" = vhosts.basic // {
locations = {
"= /".return = "302 /404";
"/" = {
2024-08-02 23:46:45 +03:00
proxyPass = "http://nix-store";
extraConfig = ''
proxy_next_upstream error http_500 http_502 http_404;
'';
};
"/nix/store" = {
proxyPass = "http://nar-serve";
extraConfig = ''
proxy_next_upstream error http_500 http_404;
'';
};
};
extraConfig = ''
proxy_cache nixstore;
proxy_cache_use_stale error timeout http_500 http_502;
proxy_cache_lock on;
proxy_cache_key $request_uri;
proxy_cache_valid 200 24h;
'';
};
"garage-nix-store.internal.${depot.lib.meta.domain}" = {
serverName = "127.0.0.1";
listen = [
{
addr = "127.0.0.1";
inherit (config.links.garageNixStoreInternalRedirect) port;
}
];
2024-08-02 23:46:45 +03:00
locations."/" = {
proxyPass = with cluster.config.links.garageWeb; "${protocol}://nix-store.${hostname}";
recommendedProxySettings = false;
extraConfig = ''
proxy_set_header Host "nix-store.${cluster.config.links.garageWeb.hostname}";
'';
};
2021-10-16 21:24:13 +03:00
};
2024-08-02 23:46:45 +03:00
"attic-nix-store.internal.${depot.lib.meta.domain}" = {
serverName = "127.0.0.1";
listen = [
{
addr = "127.0.0.1";
inherit (config.links.atticNixStoreInternalRedirect) port;
}
];
locations."/" = {
proxyPass = "https://cache-api.${depot.lib.meta.domain}/nix-store$request_uri";
recommendedProxySettings = false;
extraConfig = ''
proxy_set_header Host "cache-api.${depot.lib.meta.domain}";
'';
};
};
2021-10-16 21:24:13 +03:00
};
}