From 3fc75f7d39e9d9b79ffb5c1642f001d45a10eaa2 Mon Sep 17 00:00:00 2001 From: Dmitriy Kholkin Date: Tue, 13 Jun 2023 23:11:47 +0300 Subject: [PATCH] add attic --- flake.lock | 217 ++++++++++++++++++++++----- flake.nix | 1 + machines/AMD-Workstation/default.nix | 1 + machines/Home-Hypervisor/default.nix | 1 + profiles/applications/attic.nix | 23 +++ profiles/servers/atticd.nix | 32 ++++ profiles/servers/nginx.nix | 7 + 7 files changed, 245 insertions(+), 37 deletions(-) create mode 100644 profiles/applications/attic.nix create mode 100644 profiles/servers/atticd.nix diff --git a/flake.lock b/flake.lock index ffbd86a..75c805f 100644 --- a/flake.lock +++ b/flake.lock @@ -37,10 +37,32 @@ "type": "github" } }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1686620679, + "narHash": "sha256-Ck/r3f+W9mOn3cHn5ii/fogBiJtosFnDaOQveaJ0zVU=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "4fedffe6a1020edfcfa7bef18d21321d4983b3a7", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "attic", + "type": "github" + } + }, "base16": { "inputs": { "flake-utils-plus": "flake-utils-plus", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1665506760, @@ -108,6 +130,36 @@ "type": "github" } }, + "crane": { + "inputs": { + "flake-compat": [ + "attic", + "flake-compat" + ], + "flake-utils": [ + "attic", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1677892403, + "narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=", + "owner": "ipetkov", + "repo": "crane", + "rev": "105e27adb70a9890986b6d543a67761cbc1964a2", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -205,6 +257,22 @@ } }, "flake-compat_7": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_8": { "flake": false, "locked": { "lastModified": 1668681692, @@ -238,11 +306,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1644229661, - "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -253,7 +321,7 @@ }, "flake-utils-plus": { "inputs": { - "flake-utils": "flake-utils" + "flake-utils": "flake-utils_2" }, "locked": { "lastModified": 1657226504, @@ -271,7 +339,7 @@ }, "flake-utils-plus_2": { "inputs": { - "flake-utils": "flake-utils_2" + "flake-utils": "flake-utils_3" }, "locked": { "lastModified": 1666080932, @@ -303,6 +371,21 @@ } }, "flake-utils_3": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "inputs": { "systems": "systems" }, @@ -320,7 +403,7 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { "systems": "systems_2" }, @@ -338,7 +421,7 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -353,7 +436,7 @@ "type": "github" } }, - "flake-utils_6": { + "flake-utils_7": { "locked": { "lastModified": 1676283394, "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", @@ -368,7 +451,7 @@ "type": "github" } }, - "flake-utils_7": { + "flake-utils_8": { "inputs": { "systems": "systems_3" }, @@ -451,7 +534,7 @@ "hyprland": { "inputs": { "hyprland-protocols": "hyprland-protocols", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "wlroots": "wlroots", "xdph": "xdph" }, @@ -580,9 +663,9 @@ }, "nix": { "inputs": { - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat_3", "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -601,8 +684,8 @@ }, "nix-alien": { "inputs": { - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", + "flake-compat": "flake-compat_4", + "flake-utils": "flake-utils_4", "nix-index-database": "nix-index-database", "nixpkgs": [ "nixpkgs" @@ -624,8 +707,8 @@ }, "nix-direnv": { "inputs": { - "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs_4" + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1683523436, @@ -664,8 +747,8 @@ }, "nix-vscode-marketplace": { "inputs": { - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_5", + "flake-compat": "flake-compat_5", + "flake-utils": "flake-utils_6", "nixpkgs": [ "nixpkgs" ] @@ -722,16 +805,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1665466769, - "narHash": "sha256-L+qcHpb4Ac3PipMXJY/Ktbu1+KXy23WCZ8pXWmsf7zY=", - "owner": "nixos", + "lastModified": 1686519857, + "narHash": "sha256-VkBhuq67aXXiCoEmicziuDLUPPjeOTLQoj6OeVai5zM=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "0b20bf89e0035b6d62ad58f9db8fdbc99c2b01e8", + "rev": "6b1b72c0f887a478a5aac355674ff6df0fc44f44", "type": "github" }, "original": { - "owner": "nixos", - "ref": "release-22.05", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -784,6 +867,22 @@ } }, "nixpkgs-stable": { + "locked": { + "lastModified": 1685004253, + "narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3e01645c40b92d29f3ae76344a6d654986a91a91", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { "locked": { "lastModified": 1673800717, "narHash": "sha256-SFHraUqLSu5cC6IxTprex/nTsI81ZQAtDvlBvGDWfnA=", @@ -800,6 +899,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1665466769, + "narHash": "sha256-L+qcHpb4Ac3PipMXJY/Ktbu1+KXy23WCZ8pXWmsf7zY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "0b20bf89e0035b6d62ad58f9db8fdbc99c2b01e8", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "release-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1683014792, "narHash": "sha256-6Va9iVtmmsw4raBc3QKvQT2KT/NGRWlvUlJj46zN8B8=", @@ -815,7 +930,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1670461440, "narHash": "sha256-jy1LB8HOMKGJEGXgzFRLDU1CBGL0/LlkolgnqIsF0D8=", @@ -831,7 +946,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { "lastModified": 1683442750, "narHash": "sha256-IiJ0WWW6OcCrVFl1ijE+gTaP0ChFfV6dNkJR05yStmw=", @@ -847,7 +962,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1683408522, "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", @@ -863,7 +978,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1678693419, "narHash": "sha256-bbSv5yqZAW6dz+3f3f3pOUZbxpPN+3OgCljgn7P+nnQ=", @@ -896,7 +1011,7 @@ }, "pre-commit-hooks": { "inputs": { - "flake-compat": "flake-compat_6", + "flake-compat": "flake-compat_7", "flake-utils": [ "prismlauncher", "flake-utils" @@ -906,7 +1021,7 @@ "prismlauncher", "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { "lastModified": 1678376203, @@ -924,10 +1039,10 @@ }, "prismlauncher": { "inputs": { - "flake-compat": "flake-compat_5", - "flake-utils": "flake-utils_6", + "flake-compat": "flake-compat_6", + "flake-utils": "flake-utils_7", "libnbtplusplus": "libnbtplusplus", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_7", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -971,6 +1086,7 @@ "inputs": { "aagl": "aagl", "arkenfox-userjs": "arkenfox-userjs", + "attic": "attic", "base16": "base16", "base16-tokyonight-scheme": "base16-tokyonight-scheme", "cassowary": "cassowary", @@ -986,7 +1102,7 @@ "nix-direnv": "nix-direnv", "nix-vscode-marketplace": "nix-vscode-marketplace", "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "nixpkgs-master": "nixpkgs-master", "nur": "nur", "prismlauncher": "prismlauncher", @@ -996,6 +1112,33 @@ "vscode-server": "vscode-server" } }, + "rust-overlay": { + "inputs": { + "flake-utils": [ + "attic", + "crane", + "flake-utils" + ], + "nixpkgs": [ + "attic", + "crane", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1675391458, + "narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, "rycee": { "flake": false, "locked": { @@ -1015,7 +1158,7 @@ "simple-nixos-mailserver": { "inputs": { "blobs": "blobs", - "flake-compat": "flake-compat_7", + "flake-compat": "flake-compat_8", "nixpkgs": [ "nixpkgs" ], @@ -1113,7 +1256,7 @@ }, "vscode-server": { "inputs": { - "flake-utils": "flake-utils_7", + "flake-utils": "flake-utils_8", "nixpkgs": [ "nixpkgs" ] diff --git a/flake.nix b/flake.nix index f8f5686..9493770 100644 --- a/flake.nix +++ b/flake.nix @@ -23,6 +23,7 @@ url = "github:arkenfox/user.js"; flake = false; }; + attic.url = "github:zhaofengli/attic"; base16.url = "github:AtaraxiaSjel/base16-nix"; base16-tokyonight-scheme = { url = "github:AtaraxiaSjel/base16-tokyonight-scheme"; diff --git a/machines/AMD-Workstation/default.nix b/machines/AMD-Workstation/default.nix index cad4d08..ef50688 100644 --- a/machines/AMD-Workstation/default.nix +++ b/machines/AMD-Workstation/default.nix @@ -9,6 +9,7 @@ nixosProfiles.cassowary nixosProfiles.hoyo nixosProfiles.sunshine + nixosProfiles.attic ]; virtualisation.libvirt.guests = { diff --git a/machines/Home-Hypervisor/default.nix b/machines/Home-Hypervisor/default.nix index 4de413d..2f45370 100644 --- a/machines/Home-Hypervisor/default.nix +++ b/machines/Home-Hypervisor/default.nix @@ -39,6 +39,7 @@ in { nixosProfiles.it-tools nixosProfiles.homepage nixosProfiles.matrix + nixosProfiles.atticd ]; deviceSpecific.devInfo = { diff --git a/profiles/applications/attic.nix b/profiles/applications/attic.nix new file mode 100644 index 0000000..661248e --- /dev/null +++ b/profiles/applications/attic.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, inputs, ... }: +let + home-conf = config.home-manager.users.${config.mainuser}; + config = pkgs.writeText "config.toml" '' + default-server = "dev" + [servers.dev] + endpoint = "https://cache.ataraxiadev.com/" + token = "@token@" + ''; +in { + secrets.attic-token.services = [ "attic-config.service" ]; + + systemd.user.services.attic-config = rec { + serviceConfig.Type = "oneshot"; + script = '' + mkdir -p ${home-conf.home.homeDirectory}/.config/attic > /dev/null 2>&1 + token=$(cat ${secrets.attic-token.decrypted}) + cp ${config} ${home-conf.home.homeDirectory}/.config/attic/config.toml + sed -i "/@token@/$token/" ${home-conf.home.homeDirectory}/.config/attic/config.toml + ''; + wantedBy = [ "default.target" ]; + }; +} \ No newline at end of file diff --git a/profiles/servers/atticd.nix b/profiles/servers/atticd.nix new file mode 100644 index 0000000..964c0b6 --- /dev/null +++ b/profiles/servers/atticd.nix @@ -0,0 +1,32 @@ +{ config, lib, pkgs, inputs, ... }: { + imports = [ inputs.attic.nixosModules.atticd ]; + secrets.attic.services = [ "atticd.service" ]; + + services.atticd = { + enable = true; + credentialsFile = config.secrets.attic.decrypted; + settings = { + # listen = "[::]:8080"; + listen = "127.0.0.1:8083"; + allowed-hosts = [ "cache.ataraxiadev.com" ]; + api-endpoint = "https://cache.ataraxiadev.com/"; + require-proof-of-possession = false; + garbage-collection = { + interval = "7 days"; + default-retention-period = "2 months"; + }; + # Data chunking + chunking = { + nar-size-threshold = 64 * 1024; # 64 KiB + # The preferred minimum size of a chunk, in bytes + min-size = 16 * 1024; # 16 KiB + # The preferred average size of a chunk, in bytes + avg-size = 64 * 1024; # 64 KiB + # The preferred maximum size of a chunk, in bytes + max-size = 256 * 1024; # 256 KiB + }; + }; + }; + + persist.state.directories = [ "/var/lib/private/atticd" ]; +} \ No newline at end of file diff --git a/profiles/servers/nginx.nix b/profiles/servers/nginx.nix index 6be482d..c07732d 100644 --- a/profiles/servers/nginx.nix +++ b/profiles/servers/nginx.nix @@ -75,6 +75,7 @@ in { "tools.ataraxiadev.com" "home.ataraxiadev.com" "openbooks.ataraxiadev.com" + "cache.ataraxiadev.com" "matrix.ataraxiadev.com" "cinny.ataraxiadev.com" @@ -341,6 +342,12 @@ in { ''; }; } // default; + "cache.ataraxiadev.com" = { + locations."/" = { + proxyPass = "http://127.0.0.1:8083"; + extraConfig = proxySettings; + }; + } // default; }; };