1 files changed, 36 insertions, 0 deletions
diff --git a/usecases/server/hydra-server.nix b/usecases/server/hydra-server.nix
new file mode 100644
index 0000000..6fbbdee
--- /dev/null
+++ b/usecases/server/hydra-server.nix
@@ -0,0 +1,36 @@
+inputs:
+{ config, lib, pkgs, ... }:
+{
+  options = with lib; {
+    services.hydra.secretKeyLocation = mkOption {
+      type = types.str;
+      description = ''
+        Absolute location to the secret key used to sign builds
+      '';
+    };
+  };
+  config = {
+    services.hydra = {
+      enable = true;
+      #hydraURL = "https://hydra.huh.gdn";
+      #notificationSender = "hydra@huh.gdn";
+      buildMachinesFiles = [ ];
+      # Don't build *everything* from source
+      useSubstitutes = true;
+      extraConfig = ''
+        binary_cache_secret_key_file = ${config.services.hydra.secretKeyLocation}
+        store_uri = auto?secret-key=${config.services.hydra.secretKeyLocation}
+      '';
+      package = pkgs.hydra-unstable;
+    };
+    nix.allowedUsers = [ "@hydra" ];
+    networking.firewall.interfaces.${config.topology.mainVpn.interfaceName}.allowedTCPPorts = [
+      config.services.hydra.port
+    ];
+  };
+}

diff --git a/usecases/server/hydra-server.nix b/usecases/server/hydra-server.nix new file mode 100644 index 0000000..6fbbdee --- /dev/null +++ b/usecases/server/hydra-server.nix
@@ -0,0 +1,36 @@
	1	inputs:
	2
	3	{ config, lib, pkgs, ... }:
	4
	5	{
	6	options = with lib; {
	7	services.hydra.secretKeyLocation = mkOption {
	8	type = types.str;
	9	description = ''
	10	Absolute location to the secret key used to sign builds
	11	'';
	12	};
	13	};
	14
	15	config = {
	16	services.hydra = {
	17	enable = true;
	18	#hydraURL = "https://hydra.huh.gdn";
	19	#notificationSender = "hydra@huh.gdn";
	20	buildMachinesFiles = [ ];
	21	# Don't build everything from source
	22	useSubstitutes = true;
	23	extraConfig = ''
	24	binary_cache_secret_key_file = ${config.services.hydra.secretKeyLocation}
	25	store_uri = auto?secret-key=${config.services.hydra.secretKeyLocation}
	26	'';
	27	package = pkgs.hydra-unstable;
	28	};
	29
	30	nix.allowedUsers = [ "@hydra" ];
	31
	32	networking.firewall.interfaces.${config.topology.mainVpn.interfaceName}.allowedTCPPorts = [
	33	config.services.hydra.port
	34	];
	35	};
	36	}