Move cache back to HTTPS
This commit is contained in:
parent
ae10053eeb
commit
f3b8ea78de
2 changed files with 17 additions and 1 deletions
|
@ -31,7 +31,7 @@ in
|
|||
];
|
||||
distributedBuilds = true;
|
||||
settings = {
|
||||
substituters = [ "ssh://nix-ssh@cache.sinerva.eu" ];
|
||||
substituters = [ "https://cache.sinerva.eu" ];
|
||||
trusted-public-keys = [ "cache.sinerva.eu:TaIhyAKozO/r88EBWMSdbp+TB0YlcXT/EADunYoYLVc=" ];
|
||||
builders-use-substitutes = true;
|
||||
max-jobs = lib.mkIf cfg.disableLocalBuilds 0;
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.custom.services.nixCacheServer;
|
||||
cacheDomain = "cache.sinerva.eu";
|
||||
in
|
||||
{
|
||||
options.custom.services.nixCacheServer.enable = lib.mkEnableOption "Nix SSH cache server";
|
||||
|
@ -8,6 +9,21 @@ in
|
|||
config = lib.mkIf cfg.enable {
|
||||
sops.secrets.priv-cache-key.sopsFile = ../../secrets/ci.yaml;
|
||||
|
||||
services = {
|
||||
nix-serve = {
|
||||
enable = true;
|
||||
bindAddress = "127.0.0.2";
|
||||
port = 8081;
|
||||
secretKeyFile = config.sops.secrets.priv-cache-key.path;
|
||||
};
|
||||
|
||||
nginx.virtualHosts = {
|
||||
${cacheDomain}.locations."/" = {
|
||||
proxyPass = "http://127.0.0.2:8081";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
extraOptions = ''
|
||||
secret-key-files = ${config.sops.secrets.priv-cache-key.path}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue