infrastructure/machines/storage01/atticd.nix

{ config, ... }:

let host = "cachix.dgnum.eu";

in {
  services = {
    atticd = {
      enable = true;

      credentialsFile = config.age.secrets."atticd-credentials_file".path;

      settings = {
        listen = "127.0.0.1:9090";
        api-endpoint = "https://${host}/";

        allowed-hosts = [ host ];

        chunking = {
          # The minimum NAR size to trigger chunking
          #
          # If 0, chunking is disabled entirely for newly-uploaded NARs.
          # If 1, all NARs are chunked.
          nar-size-threshold = 64 * 1024; # 64 KiB

          # The preferred minimum size of a chunk, in bytes
          min-size = 16 * 1024; # 16 KiB

          # The preferred average size of a chunk, in bytes
          avg-size = 64 * 1024; # 64 KiB

          # The preferred maximum size of a chunk, in bytes
          max-size = 256 * 1024; # 256 KiB
        };

        database.url = "postgresql://atticd?host=/run/postgresql";

        storage = {
          type = "s3";
          region = "garage";
          bucket = "cachix-dgnum";
          endpoint = "https://s3.dgnum.eu";
        };
      };
    };

    nginx = {
      enable = true;

      virtualHosts.${host} = {
        enableACME = true;
        forceSSL = true;

        locations."/".proxyPass = "http://127.0.0.1:9090";
      };
    };

    postgresql = {
      enable = true;

      ensureDatabases = [ "atticd" ];

      ensureUsers = [{
        name = "atticd";
        ensurePermissions = { "DATABASE \"atticd\"" = "ALL PRIVILEGES"; };
      }];
    };
  };
}
feat(storage01): Deploy atticd on cachix.dgnum.eu 2023-09-28 17:20:16 +02:00			`{ config, ... }:`

			`let host = "cachix.dgnum.eu";`

			`in {`
			`services = {`
			`atticd = {`
			`enable = true;`

			`credentialsFile = config.age.secrets."atticd-credentials_file".path;`

			`settings = {`
			`listen = "127.0.0.1:9090";`
			`api-endpoint = "https://${host}/";`

			`allowed-hosts = [ host ];`

			`chunking = {`
			`# The minimum NAR size to trigger chunking`
			`#`
			`# If 0, chunking is disabled entirely for newly-uploaded NARs.`
			`# If 1, all NARs are chunked.`
			`nar-size-threshold = 64 * 1024; # 64 KiB`

			`# The preferred minimum size of a chunk, in bytes`
			`min-size = 16 * 1024; # 16 KiB`

			`# The preferred average size of a chunk, in bytes`
			`avg-size = 64 * 1024; # 64 KiB`

			`# The preferred maximum size of a chunk, in bytes`
			`max-size = 256 * 1024; # 256 KiB`
			`};`

			`database.url = "postgresql://atticd?host=/run/postgresql";`

			`storage = {`
			`type = "s3";`
			`region = "garage";`
			`bucket = "cachix-dgnum";`
			`endpoint = "https://s3.dgnum.eu";`
			`};`
			`};`
			`};`

			`nginx = {`
			`enable = true;`

			`virtualHosts.${host} = {`
			`enableACME = true;`
			`forceSSL = true;`

			`locations."/".proxyPass = "http://127.0.0.1:9090";`
			`};`
			`};`

			`postgresql = {`
			`enable = true;`

			`ensureDatabases = [ "atticd" ];`

			`ensureUsers = [{`
			`name = "atticd";`
			`ensurePermissions = { "DATABASE \"atticd\"" = "ALL PRIVILEGES"; };`
			`}];`
			`};`
			`};`
			`}`