config/profiles/web/services/hydra.nix
2023-03-16 22:29:24 +01:00

39 lines
1.5 KiB
Nix

{ config, pkgs, lib, mkDomain, ... }:
{
# Hydra
# Nix-based continuous build system
# https://github.com/NixOS/hydra
# https://nixos.wiki/wiki/Hydra
# sudo -u hydra hydra-create-user 'admin' --full-name '<NAME>' --email-address '<EMAIL>' --password-prompt --role admin
# https://blog.matejc.com/blogs/myblog/nixos-hydra-nginx
services.hydra = {
enable = true;
hydraURL = "https://${mkDomain "hydra"}";
#smtpHost = ;
listenHost = "localhost";
port = 4758;
notificationSender = "hydra@${config.networking.fqdn}"; # Sender email address used for email notifications.
#buildMachinesFiles = [];
#useSubstitutes = true;
#debugServer = true;
#logo = /some/path.png;
#minimumDiskFree = 0; # Minimum disk space (GiB) determining if queue runner runs or not.
#minimumDiskFreeEvaluator = 0; # Minimum disk space (GiB) determining if evaluator runs or not.
};
services.nginx.virtualHosts.${mkDomain "hydra"} = lib.mkIf config.services.hydra.enable {
forceSSL = true; # addSSL = true;
enableACME = true; #useACMEHost = acmeDomain;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.hydra.port}";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
'';
};
};
}