diff options
| author | Daiderd Jordan <daiderd@gmail.com> | 2022-02-19 18:50:39 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-02-19 18:50:39 +0100 |
| commit | 1df878b6f8351795a3bebfbe4fd2d02e1e8b29d6 (patch) | |
| tree | 9dd699d10e642dc0951cc9f3159c5b9e3141d061 /modules | |
| parent | 2186a6633196fc9b34d392e877d56dc6795635be (diff) | |
| parent | 6dd5e881a05e88de5ebc23e715c2f37335290c53 (diff) | |
Merge pull request #438 from domenkozar/cachix-deploy
Add Cachix Agent
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/module-list.nix | 1 | ||||
| -rw-r--r-- | modules/services/cachix-agent.nix | 76 |
2 files changed, 77 insertions, 0 deletions
diff --git a/modules/module-list.nix b/modules/module-list.nix index 2b4ee2a..22e11e7 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -41,6 +41,7 @@ ./services/autossh.nix ./services/buildkite-agent.nix ./services/chunkwm.nix + ./services/cachix-agent.nix ./services/dnsmasq.nix ./services/emacs.nix ./services/khd diff --git a/modules/services/cachix-agent.nix b/modules/services/cachix-agent.nix new file mode 100644 index 0000000..29d8329 --- /dev/null +++ b/modules/services/cachix-agent.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.cachix-agent; +in { + options.services.cachix-agent = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Enable to run Cachix Agent as a system service. + + Read <link xlink:href="https://docs.cachix.org/deploy/">Cachix Deploy</link> documentation for more information. + ''; + }; + + name = mkOption { + type = types.str; + default = config.networking.hostName; + description = '' + Agent name, usually the same as the hostname. + ''; + }; + + package = mkOption { + description = '' + Package containing cachix executable. + ''; + type = types.package; + default = pkgs.cachix; + defaultText = literalExample "pkgs.cachix"; + }; + + credentialsFile = mkOption { + type = types.path; + default = "/etc/cachix-agent.token"; + description = '' + Required file that needs to contain CACHIX_AGENT_TOKEN=... + ''; + }; + + logFile = mkOption { + type = types.nullOr types.path; + default = "/var/log/cachix-agent.log"; + description = "Absolute path to log all stderr and stdout"; + }; + }; + + config = mkIf cfg.enable { + launchd.daemons.cachix-agent = { + script = '' + . ${cfg.credentialsFile} + + exec ${cfg.package}/bin/cachix deploy agent ${cfg.name} + ''; + + path = [ config.nix.package pkgs.coreutils ]; + + environment = { + NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + USER = "root"; + }; + + serviceConfig.KeepAlive = true; + serviceConfig.RunAtLoad = true; + serviceConfig.ProcessType = "Interactive"; + serviceConfig.StandardErrorPath = cfg.logFile; + serviceConfig.StandardOutPath = cfg.logFile; + serviceConfig.WatchPaths = [ + cfg.credentialsFile + ]; + }; + }; +} |