diff options
author | lassulus <lass@aidsballs.de> | 2016-06-08 18:22:15 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-06-08 18:22:15 +0200 |
commit | 72335ce00ec759e5b9d7a1468fe517e66948d8ed (patch) | |
tree | 9c21848a8ad0d19798fbf9d2ac82a0708e045072 /lass/1systems | |
parent | 8c1257facc7b599dd62a730cf35370d68ff8799b (diff) |
l 1 prism: serve nix-cache
Diffstat (limited to 'lass/1systems')
-rw-r--r-- | lass/1systems/prism.nix | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 6ed80ac39..9a9bd4730 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -210,6 +210,30 @@ in { '') ]; } + { + services.nix-serve = { + enable = true; + secretKeyFile = config.krebs.secret.files.nix-serve-key.path; + }; + systemd.services.nix-serve = { + requires = ["secret.service"]; + after = ["secret.service"]; + }; + krebs.secret.files.nix-serve-key = { + path = "/run/secret/nix-serve.key"; + owner.name = "nix-serve"; + source-path = toString <secrets> + "/nix-serve.key"; + }; + krebs.nginx = { + enable = true; + servers.nix-serve = { + server-names = [ "cache.prism.r" ]; + locations = lib.singleton (lib.nameValuePair "/" '' + proxy_pass http://localhost:${toString config.services.nix-serve.port}; + ''); + }; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; |