ops/modules/www/self-cache.tvl.fyi.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

# per-host addresses for publicly reachable caches, for use with builderball
# TODO(tazjin): merge with the public cache module; but needs ACME fixes
{ config, lib, ... }:

{
  imports = [
    ./base.nix
  ];

  config = lib.mkIf config.services.nix-serve.enable {
    services.nginx.virtualHosts."${config.networking.hostName}.cache.tvl.fyi" = {
      enableACME = true;
      forceSSL = true;

      extraConfig = ''
        location = /cache-key.pub {
          alias /run/agenix/nix-cache-pub;
        }

        location = /nix-cache-info {
          add_header Content-Type text/plain;
          return 200 "StoreDir: /nix/store\nWantMassQuery: 1\nPriority: 50\n";
        }

        location / {
          proxy_pass http://localhost:${toString config.services.nix-serve.port};
        }
      '';
    };
  };
}