From 38231eb6e0c3921bbe6c03baa11748ba090df9fe Mon Sep 17 00:00:00 2001 From: sinavir Date: Sun, 6 Oct 2024 18:33:04 +0200 Subject: [PATCH] feat(attic): Bye bye attic --- default.nix | 1 - machines/storage01/_configuration.nix | 1 - machines/storage01/atticd.nix | 82 ------------------- .../storage01/secrets/atticd-credentials_file | 30 ------- machines/storage01/secrets/secrets.nix | 1 - modules/default.nix | 1 - npins/sources.json | 12 --- scripts/cache.sh | 12 --- scripts/default.nix | 3 - scripts/push-to-cache.sh | 13 --- 10 files changed, 156 deletions(-) delete mode 100644 machines/storage01/atticd.nix delete mode 100644 machines/storage01/secrets/atticd-credentials_file delete mode 100755 scripts/cache.sh delete mode 100755 scripts/push-to-cache.sh diff --git a/default.nix b/default.nix index d1a9a61..093a7fb 100644 --- a/default.nix +++ b/default.nix @@ -85,7 +85,6 @@ in version = "1.8.0-unstable"; src = builtins.storePath sources.nixos-generators; })) - pkgs.attic-client pkgs.npins (pkgs.callPackage ./lib/colmena { inherit (nix-pkgs) colmena; }) diff --git a/machines/storage01/_configuration.nix b/machines/storage01/_configuration.nix index 32989ac..06cdb05 100644 --- a/machines/storage01/_configuration.nix +++ b/machines/storage01/_configuration.nix @@ -9,7 +9,6 @@ lib.extra.mkConfig { enabledServices = [ # List of services to enable - "atticd" "tvix-cache" "forgejo" "forgejo-runners" diff --git a/machines/storage01/atticd.nix b/machines/storage01/atticd.nix deleted file mode 100644 index 6947847..0000000 --- a/machines/storage01/atticd.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ config, nixpkgs, ... }: - -let - host = "cachix.dgnum.eu"; -in -{ - services = { - atticd = { - enable = true; - - credentialsFile = config.age.secrets."atticd-credentials_file".path; - - settings = { - listen = "127.0.0.1:9099"; - api-endpoint = "https://${host}/"; - - allowed-hosts = [ host ]; - - chunking = { - # The minimum NAR size to trigger chunking - # - # If 0, chunking is disabled entirely for newly-uploaded NARs. - # If 1, all NARs are chunked. - nar-size-threshold = 0; # 64 KiB - - # The preferred minimum size of a chunk, in bytes - min-size = 16 * 1024; # 16 KiB - - # The preferred average size of a chunk, in bytes - avg-size = 64 * 1024; # 64 KiB - - # The preferred maximum size of a chunk, in bytes - max-size = 256 * 1024; # 256 KiB - }; - - database.url = "postgresql://atticd?host=/run/postgresql"; - - storage = { - type = "s3"; - region = "garage"; - bucket = "attic-dgnum"; - endpoint = "https://s3.dgnum.eu"; - }; - }; - - useFlakeCompatOverlay = false; - package = nixpkgs.unstable.attic-server; - }; - - nginx = { - enable = true; - - virtualHosts.${host} = { - enableACME = true; - forceSSL = true; - - locations."/" = { - proxyPass = "http://127.0.0.1:9099"; - - extraConfig = '' - client_max_body_size 10G; - ''; - }; - }; - }; - - postgresql = { - enable = true; - - ensureDatabases = [ "atticd" ]; - - ensureUsers = [ - { - name = "atticd"; - ensureDBOwnership = true; - } - ]; - }; - }; - - systemd.services.atticd.environment.RUST_LOG = "warn"; -} diff --git a/machines/storage01/secrets/atticd-credentials_file b/machines/storage01/secrets/atticd-credentials_file deleted file mode 100644 index 69d04d0..0000000 --- a/machines/storage01/secrets/atticd-credentials_file +++ /dev/null @@ -1,30 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 jIXfPA HECtxDO0OV6To/Qs3A+2N8+3xqsHp6pz6d4ArgsgXS4 -mnmDwWZ6d1aW5Qejzv2Jo112ee78wKVx90R7r5wQbYo --> ssh-ed25519 QlRB9Q Rx3bV/DkoCCvQCMwJGOfibG8Rif5Ap+W6EqWlFOhUQc -jxEFUWqxedwIK3mNyOG+5dyFFZbJZ3XNFXnk0fe0vyw --> ssh-ed25519 r+nK/Q J591Cg/4oP26LT7Tl/wrdDipR/gpg1WMsiKJN0ygbjw -WToE5xtuF2FOqtvRgz1SZStYGjTsKRxguIioan+vluU --> ssh-rsa krWCLQ -hhp33AzK6wYWM6k7ZroV0J5i8C5MQXjQY9sksPQdABRQUd6XTmYOIOdA0ste0EA9 -hqbbHQwbFy0oE/QKfnUZWbgJo5Us1DWKxip55L875CPfVcmxvC2ADRO5JKKNkQa/ -P4zBALPqf+BXrafcGN4hT8D9gywIWdQ2zPSpKbJE+OdPcUrBVH/ndMUVoLfTEKL9 -B3XgqRvLNkgsdu7FMEPnelWT3WrxkBME7AathdXcEYXSxiTmaKqxDzRtcNLdh+y2 -6XfQU6lLMT+WWPD/Ro7UzLrWUnFJMYK0SinkOuX+PKxMq95lCc5kI3tZ7JL7bC5E -vBGnX9w0unyR//LLqrOPWA --> ssh-ed25519 /vwQcQ eYSTWAYs/L+cYt/16TrKaIqoc9TFJQncM02Vd8hOg3A -lWalXa1ZBtrjXOB+sznWCjStFHF4ulLaBilEc3b7qWc --> ssh-ed25519 0R97PA 78K7uF/mXT4pgTbnmfpyxY2czgs+DNueusuatUx7MCQ -C/pWPdVCWZuHFuM5fzJHdGZomM3Wbt22iwfLbLSznh0 --> ssh-ed25519 JGx7Ng xFzEGNVIiC0cXCbcSKUfmVLAdRBH7xu6/2E7nVoRwjI -+TgvIl03KGm5N55+jGc7UcyRHjMvAFm3Kbvx5Ma4HQ4 --> ssh-ed25519 5SY7Kg 7YO/crKVWSsr3Hy5HPr0/R3oPdCA2kWduZYeSlcxGnI -N0IpdylU+3ybInseGSKPONxeNr8mh/ZlBGCvY2c0WTA --> ssh-ed25519 p/Mg4Q y1ekwzz3sSHGrLmb0NqF6VWfalARy+PykE77hVqD7Xc -0s9QrDsLH6XdzetyIXJEB2MrwwUi8CDpu7SEemm8zJ4 --> ssh-ed25519 rHotTw 7SMzV/pEmDISPL/fMjafXM3URZpbUPTg+9AngZ0GZTc -eIi1+i9JVBLvfQMkmMv5S0N8qgwVtyklX/J+6MdtlSc ---- Gjl7lNWG9gyMlg256Oa5i5bFLm1Cup1upjsEDVurgDo -u;.>pіh2Ό}PJ4==#8eUɊ$ 1!zjlA[@;sAB-R=0ҷdʢ{Fh @%䴛|{ eۯsb].m88Bn"(W!zxn\(5:-ZD)}Hl}SFrn -L-wїj) &:C2BztW!8|l0 -y8kby臃k͙n/-'Zş ƾ\ueu"E /d \ No newline at end of file diff --git a/machines/storage01/secrets/secrets.nix b/machines/storage01/secrets/secrets.nix index ce615b6..58a3be1 100644 --- a/machines/storage01/secrets/secrets.nix +++ b/machines/storage01/secrets/secrets.nix @@ -3,7 +3,6 @@ let publicKeys = lib.getNodeKeys "storage01"; in lib.setDefault { inherit publicKeys; } [ - "atticd-credentials_file" "bupstash-put_key" "forgejo-mailer_password_file" "forgejo_runners-token_file" diff --git a/modules/default.nix b/modules/default.nix index 5d2f6a6..bf1552c 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -61,7 +61,6 @@ ]) ++ [ "${sources.agenix}/modules/age.nix" - "${sources.attic}/nixos/atticd.nix" "${sources.arkheon}/module.nix" ] ++ ((import sources.nix-modules { inherit lib; }).importModules ( diff --git a/npins/sources.json b/npins/sources.json index 733ca16..17ff5c7 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -27,18 +27,6 @@ "url": "https://github.com/RaitoBezarius/arkheon/archive/113724a1a206905e68319676f73d095fcc043a42.tar.gz", "hash": "0yh8g020d7z67iqpg7xywk4dxxa64dxa1igd45nb8w653c82w6gq" }, - "attic": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "zhaofengli", - "repo": "attic" - }, - "branch": "main", - "revision": "aec90814a4ecbc40171d57eeef97c5cab4aaa7b4", - "url": "https://github.com/zhaofengli/attic/archive/aec90814a4ecbc40171d57eeef97c5cab4aaa7b4.tar.gz", - "hash": "0dmcy9r9vks4xnfa4y68vjf3fgc4dz1ix4df9rykq3lprr3q4mcx" - }, "cas-eleves": { "type": "Git", "repository": { diff --git a/scripts/cache.sh b/scripts/cache.sh deleted file mode 100755 index 816ef78..0000000 --- a/scripts/cache.sh +++ /dev/null @@ -1,12 +0,0 @@ -ENDPOINT=${ATTIC_ENDPOINT:-https://cachix.dgnum.eu} - -if [ "$1" == "off" ]; then - echo "Please edit $XDG_CONFIG_HOME/nix/nix.conf to remove the cache" -elif [ "$1" == "on" ]; then - @attic@/bin/attic login dgnum "$ENDPOINT" - @attic@/bin/attic use dgnum:infra -else - echo "Help:" - echo " cache {on|off}" -fi - diff --git a/scripts/default.nix b/scripts/default.nix index 8f31129..4846b8c 100644 --- a/scripts/default.nix +++ b/scripts/default.nix @@ -10,7 +10,6 @@ let git jq ; - attic = pkgs.attic-client; }; mkShellScript = @@ -33,9 +32,7 @@ let "check-deployment" "launch-vm" "list-nodes" - "push-to-cache" "push-to-nix-cache" - "cache" ]; in diff --git a/scripts/push-to-cache.sh b/scripts/push-to-cache.sh deleted file mode 100755 index a753afd..0000000 --- a/scripts/push-to-cache.sh +++ /dev/null @@ -1,13 +0,0 @@ -set -e -set -u -set -o pipefail - -ENDPOINT=${ATTIC_ENDPOINT:-https://cachix.dgnum.eu} - -@attic@/bin/attic login dgnum "$ENDPOINT" "$ATTIC_TOKEN" - -@colmena@/bin/colmena eval -E '{ nodes, lib, ... }: lib.mapAttrsToList (_: v: v.config.system.build.toplevel.drvPath) nodes' |\ -@jq@/bin/jq -r '.[]' |\ -xargs -n 10 nix-store -q -R --include-outputs |\ -sed '/\.drv$/d' |\ -xargs @attic@/bin/attic push dgnum:infra