privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

VEGAS/nar-serve: improvements, nixos.org support

Browse source
This commit is contained in:
Max Headroom 2021-12-12 04:52:18 +01:00
parent e0394c5348
commit 68d5dd1d63
2 changed files with 40 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
hosts/VEGAS/services/nix/binary-cache.nix
View file

@ -8,11 +8,31 @@ let
port = builtins.head (builtins.tail addrSplit);
in
{
services.nginx.upstreams.nar-serve.extraConfig = ''
random;
server 127.0.0.1:${config.portsStr.nar-serve-self} fail_timeout=0;
server 127.0.0.1:${config.portsStr.nar-serve-nixos-org} fail_timeout=0;
'';
services.nginx.appendHttpConfig = ''
proxy_cache_path /var/cache/nginx/nixstore levels=1:2 keys_zone=nixstore:10m max_size=10g inactive=24h use_temp_path=off;
'';
services.nginx.virtualHosts."cache.${tools.meta.domain}" = vhosts.basic // {
locations = {
"= /".return = "302 /404";
"/".proxyPass = "http://${host}:${port}/nix-store$request_uri";
"/nix/store".proxyPass = "http://127.0.0.1:${builtins.toString config.services.nar-serve.port}";
"/nix/store" = {
proxyPass = "http://nar-serve";
extraConfig = ''
proxy_next_upstream error http_500 http_404;
'';
};
};
extraConfig = ''
proxy_cache nixstore;
proxy_cache_use_stale error timeout http_500 http_502;
proxy_cache_lock on;
proxy_cache_key $request_uri;
proxy_cache_valid 200 24h;
'';
};
}

29
hosts/VEGAS/services/nix/nar-serve.nix
View file

@ -1,13 +1,22 @@
{ inputs, pkgs, tools, ... }:
{ config, inputs, pkgs, tools, ... }:
{
systemd.services.nar-serve = {
enable = true;
serviceConfig = {
DynamicUser = true;
User = "nar-serve";
let
mkNarServe = NAR_CACHE_URL: PORT: {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = true;
ExecStart = "${inputs.nar-serve.defaultPackage."${pkgs.system}"}/bin/nar-serve";
};
environment = { inherit NAR_CACHE_URL PORT; };
};
script = "${inputs.nar-serve.defaultPackage."${pkgs.system}"}/bin/nar-serve";
environment.NAR_CACHE_URL = "https://cache.${tools.meta.domain}";
};
in
{
reservePortsFor = [
"nar-serve-self"
"nar-serve-nixos-org"
];
systemd.services.nar-serve-self = mkNarServe "https://cache.${tools.meta.domain}" config.portsStr.nar-serve-self;
systemd.services.nar-serve-nixos-org = mkNarServe "https://cache.nixos.org" config.portsStr.nar-serve-nixos-org;
}