Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

format the repo files

Browse Source
This commit is contained in:
Kabbone
2026-04-26 10:27:50 +02:00
parent 92fd97c9a2
commit b319cd93e9
116 changed files with 4726 additions and 4247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
modules/services/server/hydra.nix
View File

@@ -1,77 +1,79 @@
{ lib, config, pkgs, ... }:
{
services = {
hydra = {
enable = true;
hydraURL = "https://hydra.ci.kabtop.de";
listenHost = "127.0.0.1";
port = 3001;
notificationSender = "hydra@kabtop.de";
useSubstitutes = true;
minimumDiskFree = 50;
maxServers = 10;
};
nix-serve = {
enable = true;
port = 5001;
bindAddress = "127.0.0.1";
secretKeyFile = config.age.secrets."keys/nixsign".path;
};
nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts = {
"ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
default = true;
locations."/".return = "503";
};
"hydra.ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3001";
extraConfig = ''
proxy_set_header X-Forwarded-Port 443;
'';
};
};
"cache.ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
lib,
config,
pkgs,
...
}: {
services = {
hydra = {
enable = true;
hydraURL = "https://hydra.ci.kabtop.de";
listenHost = "127.0.0.1";
port = 3001;
notificationSender = "hydra@kabtop.de";
useSubstitutes = true;
minimumDiskFree = 50;
maxServers = 10;
};
nix-serve = {
enable = true;
port = 5001;
bindAddress = "127.0.0.1";
secretKeyFile = config.age.secrets."keys/nixsign".path;
};
nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts = {
"ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
default = true;
locations."/".return = "503";
};
"hydra.ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3001";
extraConfig = ''
proxy_set_header X-Forwarded-Port 443;
'';
};
};
"cache.ci.kabtop.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
};
};
};
};
nix = {
settings = {
cores = 5;
max-jobs = 1;
trusted-users = [
"hydra"
];
allowed-uris = [
"github:"
"https://github.com/"
"git+ssh://github.com/"
];
};
extraOptions = ''
secret-key-files = ${config.age.secrets."keys/nixsign".path}
'';
};
age.secrets."keys/nixsign" = {
file = ../../../secrets/keys/nixservepriv.age;
owner = "hydra";
nix = {
settings = {
cores = 5;
max-jobs = 1;
trusted-users = [
"hydra"
];
allowed-uris = [
"github:"
"https://github.com/"
"git+ssh://github.com/"
];
};
extraOptions = ''
secret-key-files = ${config.age.secrets."keys/nixsign".path}
'';
};
age.secrets."keys/nixsign" = {
file = ../../../secrets/keys/nixservepriv.age;
owner = "hydra";
};
}