66 lines
1.7 KiB
Nix
66 lines
1.7 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let
|
|
domain = config.common.subdomain "hydra";
|
|
in
|
|
{
|
|
services.nginx.virtualHosts.${domain} = config.common.nginx.ssl // {
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${builtins.toString config.services.hydra.port}";
|
|
};
|
|
};
|
|
|
|
services.hydra = {
|
|
enable = true;
|
|
port = 3333;
|
|
baseDir = "/srv/hydra";
|
|
hydraURL = "https://${domain}";
|
|
notificationSender = config.common.email.withSubaddress "hydra";
|
|
smtpHost = config.common.email.smtp.address;
|
|
useSubstitutes = true;
|
|
environmentFile = config.secrets.hydra;
|
|
extraEnv = {
|
|
EMAIL_SENDER_TRANSPORT_sasl_username = config.common.email.outgoing;
|
|
EMAIL_SENDER_TRANSPORT_port = builtins.toString config.common.email.smtp.SSLTLS;
|
|
EMAIL_SENDER_TRANSPORT_ssl = "ssl";
|
|
};
|
|
extraConfig = ''
|
|
binary_cache_secret_key_file = ${config.secrets.binary-cache-private-key}
|
|
allow_import_from_derivation = true
|
|
<git-input>
|
|
timeout = 3600
|
|
</git-input>
|
|
'';
|
|
};
|
|
|
|
nix.settings.allowed-uris = [
|
|
"github:"
|
|
"git+https://github.com/"
|
|
"git+ssh://git@github.com/"
|
|
|
|
"git+https://git.inx.moe/"
|
|
"git+ssh://git@inx.moe/"
|
|
|
|
"gitlab:"
|
|
"git+https://gitlab.com/"
|
|
"git+ssh://git@gitlab.com/"
|
|
|
|
"sourcehut:"
|
|
"git+https://git.sr.ht/"
|
|
"git+ssh://git@git.sr.ht/"
|
|
|
|
"https://git.lix.systems/"
|
|
"git+https://git.lix.systems/"
|
|
"git+ssh://git@git.lix.systems/"
|
|
];
|
|
|
|
nix.buildMachines = [
|
|
{
|
|
hostName = "localhost";
|
|
system = "x86_64-linux";
|
|
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
|
|
protocol = null;
|
|
maxJobs = 32;
|
|
speedFactor = 16;
|
|
}
|
|
];
|
|
}
|