nixos-configs/devices/servivi/modules/binary-cache.nix

44 lines
969 B
Nix
Raw Normal View History

{
config,
pkgs,
nixpkgs,
...
}: let
secrets = config.sops.secrets;
vars = config.vars;
in {
services.nix-serve = {
enable = true;
secretKeyFile = secrets.binary-cache-key.path;
};
systemd = {
services.buildAll = {
serviceConfig = {
Type = "oneshot";
User = vars.user;
Group = config.users.users.${vars.user}.group;
};
script = ''
cd /tmp
${pkgs.nix}/bin/nix-shell \
-I "nixpkgs=${nixpkgs}" \
-p openssh nix git nixci --run \
"${builtins.concatStringsSep "; " [
"git clone https://git.nelim.org/matt1432/nixos-configs.git nix-clone"
"cd nix-clone"
"nix flake update"
"nixci ."
"cd .."
"rm -r nix-clone"
]}"
'';
};
timers.buildAll = {
wantedBy = ["timers.target"];
partOf = ["buildAll.service"];
timerConfig.OnCalendar = ["*-*-* 0:00:00"];
};
};
}