summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-11-24 23:07:48 +0100
committertv <tv@krebsco.de>2016-11-24 23:07:48 +0100
commit8f946dd2fc4d2577fa2ae0c251a1d672bc139077 (patch)
tree5112a89b57390137b8cdd9f106cc731c9bf7d422
parentedb899745b701c717e9d44785c304f9b791b84d0 (diff)
tv binary-cache: replace wu by xu and use hosts.binary-cache.pubkey
-rw-r--r--krebs/3modules/tv/default.nix8
-rw-r--r--tv/1systems/nomic.nix1
-rw-r--r--tv/1systems/wu.nix1
-rw-r--r--tv/1systems/xu.nix2
-rw-r--r--tv/1systems/zu.nix1
-rw-r--r--tv/2configs/binary-cache/default.nix (renamed from tv/2configs/wu-binary-cache/default.nix)16
-rw-r--r--tv/2configs/wu-binary-cache/client.nix7
7 files changed, 20 insertions, 16 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 8e266e1b3..b29553c79 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -351,11 +351,17 @@ with import <stockholm/lib>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa";
};
xu = {
+ binary-cache = {
+ pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s=";
+ };
cores = 4;
nets = {
gg23 = {
ip4.addr = "10.23.1.38";
- aliases = ["xu.gg23"];
+ aliases = [
+ "cache.xu.gg23"
+ "xu.gg23"
+ ];
ssh.port = 11423;
};
retiolum = {
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix
index 6669b5dcf..7d6a1d682 100644
--- a/tv/1systems/nomic.nix
+++ b/tv/1systems/nomic.nix
@@ -15,7 +15,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix
../2configs/pulse.nix
../2configs/retiolum.nix
- ../2configs/wu-binary-cache/client.nix
../2configs/xserver
];
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index 19db559f1..d5be57bb8 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -16,7 +16,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix
../2configs/pulse.nix
../2configs/retiolum.nix
- ../2configs/wu-binary-cache
../2configs/xserver
{
environment.systemPackages = with pkgs; [
diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix
index a7e0b839d..b6fe6dc5c 100644
--- a/tv/1systems/xu.nix
+++ b/tv/1systems/xu.nix
@@ -15,7 +15,7 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix
../2configs/pulse.nix
../2configs/retiolum.nix
- ../2configs/wu-binary-cache/client.nix
+ ../2configs/binary-cache
../2configs/xserver
../2configs/xu-qemu0.nix
{
diff --git a/tv/1systems/zu.nix b/tv/1systems/zu.nix
index 056652e4b..59e8b1c7f 100644
--- a/tv/1systems/zu.nix
+++ b/tv/1systems/zu.nix
@@ -21,7 +21,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix
../2configs/pulse.nix
../2configs/retiolum.nix
- ../2configs/wu-binary-cache/client.nix
../2configs/xserver
{
environment.systemPackages = with pkgs; [
diff --git a/tv/2configs/wu-binary-cache/default.nix b/tv/2configs/binary-cache/default.nix
index f039a552b..5902f1895 100644
--- a/tv/2configs/wu-binary-cache/default.nix
+++ b/tv/2configs/binary-cache/default.nix
@@ -1,22 +1,30 @@
{ config, lib, pkgs, ... }: with import <stockholm/lib>;
{
- services.nix-serve = assert config.krebs.build.host.name == "wu"; {
+ environment.etc."binary-cache.pubkey".text =
+ config.krebs.build.host.binary-cache.pubkey;
+
+ services.nix-serve = {
enable = true;
- secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
+ secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path;
};
+
systemd.services.nix-serve = {
requires = ["secret.service"];
after = ["secret.service"];
};
- krebs.secret.files.nix-serve-key = {
+
+ krebs.secret.files.binary-cache-seckey = {
path = "/run/secret/nix-serve.key";
owner.name = "nix-serve";
source-path = toString <secrets> + "/nix-serve.key";
};
+
krebs.nginx = {
enable = true;
servers.nix-serve = {
- server-names = [ "cache.wu.gg23" ];
+ server-names = [
+ "cache.${config.krebs.build.host.name}.gg23"
+ ];
locations = singleton (nameValuePair "/" ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
'');
diff --git a/tv/2configs/wu-binary-cache/client.nix b/tv/2configs/wu-binary-cache/client.nix
deleted file mode 100644
index 9634c21d4..000000000
--- a/tv/2configs/wu-binary-cache/client.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-_:
-{
- nix = {
- binaryCaches = ["http://cache.wu.gg23"];
- binaryCachePublicKeys = ["cache.wu-1:cdhA201O2R2Ect463vhJFmhpMaNyT/tOvzYvtceT9q8="];
- };
-}