{ config, lib, ... }: let cfg = config.custom.services.hydra; hydraDomain = "ci.sinerva.eu"; in { options.custom.services.hydra.enable = lib.mkOption { type = lib.types.bool; default = false; }; config = lib.mkIf cfg.enable { custom.services = { nginxHttpsServer.enable = true; acmeHttpClient.enable = true; }; systemd.tmpfiles.settings."hydra-home"."/var/lib/hydra".d = { user = "hydra"; group = "hydra"; mode = "0750"; }; environment.persistence."/persist" = { directories = [ { directory = "/var/lib/postgresql"; user = "postgresql"; group = "postgresql"; mode = "u=rwx,g=rx,o="; } ]; files = [ "/var/lib/hydra/.db-created" ]; }; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; services = { hydra = { enable = true; hydraURL = "https://${hydraDomain}"; listenHost = "localhost"; notificationSender = "hydra@sinerva.eu"; port = 8080; useSubstitutes = true; extraConfig = '' enable = 1 ''; }; nginx.virtualHosts = { ${hydraDomain}.locations."/" = { proxyPass = "http://localhost:8080"; }; }; }; systemd.services.hydra-server = { after = [ "network-online.target" ]; wants = [ "network-online.target" ]; }; nix = { settings.allowed-uris = [ "github:" "git+https://github.com/" "git+ssh://github.com/" ]; buildMachines = [ { hostName = "localhost"; protocol = null; systems = [ "x86_64-linux" "aarch64-linux" ]; supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; maxJobs = 4; } ]; gc = { options = lib.mkForce "--delete-older-than 1d"; dates = lib.mkForce "hourly"; randomizedDelaySec = lib.mkForce "0"; }; }; }; }