nixos-config/modules/services/dmz/hydra.nix

{ lib, config, pkgs, ... }:

{
    services.hydra = {
      enable = true;
      hydraURL = "http://localhost:3000";
      notificationSender = "hydra@localhost";
      useSubstitutes = true;
    };
    
    networking.firewall = {
      enable = true;
      #allowedUDPPorts = [  ];
      allowedTCPPorts = [ 3000 ];
    };

    nix = {
      settings.trusted-users = [
        "hydra"
      ];

      extraOptions = ''
        secret-key-files = ${config.age.secrets."keys/nixsign".path}
      '';
    };
    
    age.secrets."keys/nixsign" = {
      file = ../../../secrets/keys/nixservepriv.age;
      owner = "hydra";
    };


}
hosts: dmz: enable hydra 2024-05-05 19:39:35 +02:00			`{ lib, config, pkgs, ... }:`

			`{`
			`services.hydra = {`
			`enable = true;`
			`hydraURL = "http://localhost:3000";`
			`notificationSender = "hydra@localhost";`
			`useSubstitutes = true;`
			`};`
hydra add signing key 2024-05-25 10:50:37 +02:00
			`networking.firewall = {`
			`enable = true;`
			`#allowedUDPPorts = [ ];`
			`allowedTCPPorts = [ 3000 ];`
			`};`

			`nix = {`
			`settings.trusted-users = [`
			`"hydra"`
			`];`

			`extraOptions = ''`
services: hydra: typo in nix.conf 2024-05-26 09:07:19 +02:00			`secret-key-files = ${config.age.secrets."keys/nixsign".path}`
hydra add signing key 2024-05-25 10:50:37 +02:00			`'';`
			`};`

hydra fix key path 2024-05-25 12:50:05 +02:00			`age.secrets."keys/nixsign" = {`
hydra add signing key 2024-05-25 10:50:37 +02:00			`file = ../../../secrets/keys/nixservepriv.age;`
			`owner = "hydra";`
			`};`

hosts: dmz: enable hydra 2024-05-05 19:39:35 +02:00
			`}`