diff --git a/modules/hardware/hydraCache.nix b/modules/hardware/hydraCache.nix index a851a25..4b9e21c 100644 --- a/modules/hardware/hydraCache.nix +++ b/modules/hardware/hydraCache.nix @@ -9,12 +9,10 @@ "steamdeck.cachix.org-1:BVoP4TEu3ECgotaO+3J3r9SSn62GkUDBwizOFU/q4Bc=" ]; extra-substituters = [ - "https://steamdeck.cachix.org" + "https://cache.home.opel-online.de" + "https://steamdeck.cachix.org" "https://cache.ci.kabtop.de" ]; - #extra-trusted-substituters = [ - # "https://cache.home.opel-online.de" - #]; }; }; diff --git a/modules/services/nas/nginx.nix b/modules/services/nas/nginx.nix index 2b1fec2..fd7ae35 100644 --- a/modules/services/nas/nginx.nix +++ b/modules/services/nas/nginx.nix @@ -11,6 +11,16 @@ recommendedTlsSettings = true; recommendedGzipSettings = true; recommendedOptimisation = true; + + appendHttpConfig = '' + proxy_cache_path /mnt/Pluto/nix-cache + levels=1:2 + keys_zone=nix_cache:10m + max_size=100g + inactive=180d + use_temp_path=off; + ''; + virtualHosts = { "home.opel-online.de" = { enableACME = true; @@ -18,6 +28,27 @@ default = true; locations."/".return = "503"; }; + "cache.home.opel-online.de" = { + useACMEHost = "home.opel-online.de"; + forceSSL = true; + locations."/" = { + proxyPass = "https://cache.ci.kabtop.de"; + extraConfig = '' + proxy_cache nix_cache; + proxy_cache_valid 200 14d; + proxy_cache_valid 404 1m; + proxy_cache_use_stale error timeout updating; + proxy_cache_lock on; + proxy_cache_lock_timeout 1h; + add_header X-Cache-Status $upstream_cache_status; + + proxy_buffering on; + proxy_buffer_size 128k; + proxy_buffers 8 1m; + proxy_max_temp_file_size 0; + ''; + }; + }; }; };