privatevoid.net/depot
1
1
Fork 0
Code Issues 23 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/attic: also use the garage bucket for the binary cache

Browse source
This commit is contained in:
Max Headroom 2024-04-21 23:43:28 +02:00
parent 964ab05fad
commit 9ae4ed5ce9
1 changed files with 45 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
cluster/services/attic/binary-cache.nix
View file

@ -1,4 +1,4 @@
{ config, depot, ... }: { config, cluster, depot, ... }:
with depot.lib.nginx; with depot.lib.nginx;
let let
addrSplit' = builtins.split ":" config.services.minio.listenAddress; addrSplit' = builtins.split ":" config.services.minio.listenAddress;
@ -8,6 +8,10 @@ let
port = builtins.head (builtins.tail addrSplit); port = builtins.head (builtins.tail addrSplit);
in in
{ {
links.garageNixStoreInternalRedirect = {
protocol = "http";
path = "/nix-store";
};
services.nginx.upstreams = { services.nginx.upstreams = {
nar-serve.extraConfig = '' nar-serve.extraConfig = ''
random; random;
@ -15,7 +19,10 @@ in
server ${config.links.nar-serve-nixos-org.tuple} fail_timeout=0; server ${config.links.nar-serve-nixos-org.tuple} fail_timeout=0;
''; '';
nix-store.servers = { nix-store.servers = {
"${config.links.atticServer.tuple}" = { "${cluster.config.hostLinks.${config.networking.hostName}.garageWeb.tuple}" = {
fail_timeout = 0;
};
"${config.links.garageNixStoreInternalRedirect.tuple}" = {
fail_timeout = 0; fail_timeout = 0;
}; };
"${host}:${port}" = { "${host}:${port}" = {
@ -27,28 +34,46 @@ in
services.nginx.appendHttpConfig = '' services.nginx.appendHttpConfig = ''
proxy_cache_path /var/cache/nginx/nixstore levels=1:2 keys_zone=nixstore:10m max_size=10g inactive=24h use_temp_path=off; proxy_cache_path /var/cache/nginx/nixstore levels=1:2 keys_zone=nixstore:10m max_size=10g inactive=24h use_temp_path=off;
''; '';
services.nginx.virtualHosts."cache.${depot.lib.meta.domain}" = vhosts.basic // { services.nginx.virtualHosts = {
locations = { "cache.${depot.lib.meta.domain}" = vhosts.basic // {
"= /".return = "302 /404"; locations = {
"/" = { "= /".return = "302 /404";
proxyPass = "http://nix-store/nix-store$request_uri"; "/" = {
extraConfig = '' proxyPass = "http://nix-store/nix-store$request_uri";
proxy_next_upstream error http_500 http_404; extraConfig = ''
''; proxy_next_upstream error http_500 http_502 http_404;
'';
};
"/nix/store" = {
proxyPass = "http://nar-serve";
extraConfig = ''
proxy_next_upstream error http_500 http_404;
'';
};
}; };
"/nix/store" = { extraConfig = ''
proxyPass = "http://nar-serve"; proxy_cache nixstore;
proxy_cache_use_stale error timeout http_500 http_502;
proxy_cache_lock on;
proxy_cache_key $request_uri;
proxy_cache_valid 200 24h;
'';
};
"garage-nix-store.internal.${depot.lib.meta.domain}" = {
serverName = "127.0.0.1";
listen = [
{
addr = "127.0.0.1";
inherit (config.links.garageNixStoreInternalRedirect) port;
}
];
locations."~ ^${config.links.garageNixStoreInternalRedirect.path}/(.*)" = {
proxyPass = with cluster.config.links.garageWeb; "${protocol}://nix-store.${hostname}/$1";
recommendedProxySettings = false;
extraConfig = '' extraConfig = ''
proxy_next_upstream error http_500 http_404; proxy_set_header Host "nix-store.${cluster.config.links.garageWeb.hostname}";
''; '';
}; };
}; };
extraConfig = ''
proxy_cache nixstore;
proxy_cache_use_stale error timeout http_500 http_502;
proxy_cache_lock on;
proxy_cache_key $request_uri;
proxy_cache_valid 200 24h;
'';
}; };
} }