diff --git a/base.nix b/base.nix index 0808112..3709042 100644 --- a/base.nix +++ b/base.nix @@ -7,7 +7,7 @@ ./cachix.nix # update with `cachix use --mode nixos -d . FOOBAR` ./secrets ./profiles/locale-no.nix - ./profiles/ccache.nix + ./profiles/ccache ./profiles/upgrade-diff.nix ./profiles/lix.nix ./profiles/mounts/common-nfs.nix diff --git a/profiles/ccache.nix b/profiles/ccache.nix deleted file mode 100644 index e79a5ec..0000000 --- a/profiles/ccache.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -# serge <3 -# TODO: distributed sccache (with redis) - -{ - programs.ccache.enable = true; - programs.ccache.owner = "root"; # default - programs.ccache.group = "nixbld"; # default - - programs.nix-required-mounts.enable = true; - programs.nix-required-mounts.allowedPatterns."ccache" = { - onFeatures = [ - "ccache" - "sccache" - ]; - paths = [ - config.programs.ccache.cacheDir - "/var/cache/sccache" - ]; - }; - - nix.settings.system-features = [ - "ccache" - "sccache" - ]; - systemd.tmpfiles.settings."50-ccache" = - let - tmp = rec { - "d" = { - user = config.programs.ccache.owner; - group = config.programs.ccache.group; - mode = "0770"; - }; - "Z" = d; - }; - in - { - "/var/cache/ccache" = tmp; - "/var/cache/sccache" = tmp; - }; - -} diff --git a/profiles/ccache/default.nix b/profiles/ccache/default.nix new file mode 100644 index 0000000..45a72dd --- /dev/null +++ b/profiles/ccache/default.nix @@ -0,0 +1,73 @@ +{ + config, + pkgs, + lib, + ... +}: + +# serge <3 +# TODO: distributed (s)ccache (with redis?) + +{ + programs.ccache.enable = true; + programs.ccache.owner = "root"; # default + programs.ccache.group = "nixbld"; # default + + programs.nix-required-mounts.enable = true; + programs.nix-required-mounts.allowedPatterns."ccache" = { + onFeatures = [ + "ccache" + "sccache" + ]; + paths = [ + config.programs.ccache.cacheDir + "/var/cache/sccache" # TODO: upstream? + ]; + }; + + nix.settings.system-features = [ + "ccache" + "sccache" + ]; + + # can be monitored with `nix-ccache --show-stats` + systemd.tmpfiles.settings."50-ccache" = + let + tmp = rec { + "d" = { + user = config.programs.ccache.owner; + group = config.programs.ccache.group; + mode = "0770"; + }; + "Z" = d; + }; + in + { + "/var/cache/ccache" = tmp; + "/var/cache/sccache" = tmp; + }; + + # based on https://github.com/NixOS/nixpkgs/blob/d89fc19e405cb2d55ce7cc114356846a0ee5e956/nixos/modules/programs/ccache.nix#L49-L67 + security.wrappers.nix-sccache = + let + cfg = config.programs.ccache; + in + { + inherit (cfg) owner group; + setuid = false; + setgid = true; + source = pkgs.writeScript "nix-sccache.pl" '' + #!${pkgs.perl}/bin/perl + %ENV=( SCCACHE_DIR => '/var/cache/sccache' ); + sub untaint { + my $v = shift; + return '--version' if $v eq '-V' || $v eq '--version'; + return '-s' if $v eq '-s' || $v eq '--show-stats'; + return '--show-adv-stats' if $v eq '--show-adv-stats'; + return '-z' if $v eq '-z' || $v eq '--zero-stats'; + exec('${lib.getExe pkgs.sccache}', '-h'); + } + exec('${lib.getExe pkgs.sccache}', map { untaint $_ } @ARGV); + ''; + }; +} diff --git a/profiles/ccache/server.nix b/profiles/ccache/server.nix new file mode 100644 index 0000000..e69de29 diff --git a/profiles/known-hosts/hosts.toml b/profiles/known-hosts/hosts.toml index 2b57aa9..2a5433c 100644 --- a/profiles/known-hosts/hosts.toml +++ b/profiles/known-hosts/hosts.toml @@ -52,7 +52,7 @@ aliases = [ "bolle.tail9aac63.ts.net" ] buildMachine.systems = ["x86_64-linux", "i686-linux", "riscv64-linux"] buildMachine.maxJobs = 3 # 12 threads 32GB buildMachine.speedFactor = 4 # ??? -buildMachine.supportedFeatures = ["kvm", "nixos-test"] # , "ccache" ] +buildMachine.supportedFeatures = ["kvm", "nixos-test", "ccache" ] ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILeOB/57N1fQPVorIUlkkJZaQduBo+4+km2Qbj4ebd/k" ssh.proxyJump = "hildring.pvv.ntnu.no" # wakeonlan e4:54:e8:51:8c:e9 @@ -62,7 +62,7 @@ aliases = [ "eple.tail9aac63.ts.net" ] buildMachine.systems = ["x86_64-linux", "i686-linux", "riscv64-linux"] buildMachine.maxJobs = 3 # 12 threads 32GB buildMachine.speedFactor = 3 # i7-5820K -buildMachine.supportedFeatures = ["kvm", "nixos-test"] # , "ccache" ] +buildMachine.supportedFeatures = ["kvm", "nixos-test", "ccache" ] # useAsSubstituter = true ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH03MEINNnjBvtmvN2QsCDCLkvF9ow5FQJp9uiyQ1Iwi" ssh.proxyJump = "hildring.pvv.ntnu.no" @@ -73,7 +73,7 @@ aliases = [ "garp.tail9aac63.ts.net" ] buildMachine.systems = ["x86_64-linux", "i686-linux", "riscv64-linux"] buildMachine.maxJobs = 2 # 8 threads 32GB buildMachine.speedFactor = 4 # i7-6700 -buildMachine.supportedFeatures = ["kvm", "nixos-test", "cuda"] # , "ccache" ] +buildMachine.supportedFeatures = ["kvm", "nixos-test", "cuda", "ccache" ] ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOkcZ3cUAKk8uUvZPsX7PDBInkb3Eps3Xh+xVrhPY+sx" ssh.proxyJump = "hildring.pvv.ntnu.no" # wakeonlan 4c:cc:6a:61:d0:20 @@ -91,7 +91,7 @@ ssh.userPublicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7fYndgIXJM+tLSfkbprW aliases = [ "sopp.tail9aac63.ts.net" ] # "sopp.pbsds.net", # buildMachine.maxJobs = 2 # 8 threads 32GB buildMachine.speedFactor = 2 # i7-4790K -buildMachine.supportedFeatures = ["kvm", "nixos-test", "cuda"] # , "ccache" ] +buildMachine.supportedFeatures = ["kvm", "nixos-test", "cuda", "ccache" ] # useAsSubstituter = true remoteStoreSpecialization = true # ssh.listenPort = 26 @@ -104,7 +104,7 @@ ssh.userPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6eTQkxO/1XflHpGf3478+ aliases = [ "nord.tail9aac63.ts.net" ] # "nord.pbsds.net", # buildMachine.maxJobs = 1 # 4 threads 32GB buildMachine.speedFactor = 1 # i5-2500 -buildMachine.supportedFeatures = ["kvm", "nixos-test"] # , "ccache" ] +buildMachine.supportedFeatures = ["kvm", "nixos-test", "ccache" ] # useAsSubstituter = true # ssh.listenPort = 24 ssh.listenPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBSdIUtUfAxnVbPDmDDFdP2S3Wd3+CC8IfZAANJ76oh"