custom cache: remove
This commit is contained in:
parent
6b6cd47524
commit
5bde072742
4 changed files with 0 additions and 113 deletions
|
@ -12,8 +12,6 @@ in
|
|||
|
||||
../programs/bat.nix
|
||||
|
||||
(import ../programs/custom-nix-cache.nix (args // { inherit secret; }))
|
||||
|
||||
../programs/fzf.nix
|
||||
|
||||
../programs/jq.nix
|
||||
|
|
|
@ -15,8 +15,6 @@ in
|
|||
|
||||
../programs/bat.nix
|
||||
|
||||
(import ../programs/custom-nix-cache.nix (args // { inherit secret; }))
|
||||
|
||||
../programs/fzf.nix
|
||||
|
||||
../programs/jq.nix
|
||||
|
|
|
@ -1,103 +0,0 @@
|
|||
{ config, lib, secret, ... }:
|
||||
|
||||
let
|
||||
user-bin-directory = "${config.home.homeDirectory}/.bin";
|
||||
cache = secret.nix-cache.nifoc;
|
||||
in
|
||||
{
|
||||
home.file."${user-bin-directory}/upload-nifoc-nix-cache" = lib.mkIf cache.enabled {
|
||||
text = ''
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p sqlite
|
||||
|
||||
# Make sure the files are available to root on NixOS and macOS
|
||||
sudo mkdir ${cache.rootDir}/.aws 2> /dev/null
|
||||
sudo cp "$HOME/.aws/credentials" ${cache.rootDir}/.aws/
|
||||
|
||||
minTimestamp=$(expr $(date +%s) - 1800)
|
||||
uncachedHashes=$(echo "SELECT DISTINCT hashPart FROM NARs WHERE present = 0 AND timestamp >= $minTimestamp;" | sudo sqlite3 "${cache.database}")
|
||||
signingKey="$HOME/.config/nifoc-nix/${cache.signingKey}"
|
||||
|
||||
for uncachedHash in $uncachedHashes; do
|
||||
storePath=$(readlink -f /nix/store/$uncachedHash-*)
|
||||
|
||||
if [[ $storePath == *"darwin-system"* ]] ||
|
||||
[[ $storePath == *"nixos-system"* ]] ||
|
||||
[[ $storePath == *"-nix-shell-env" ]] ||
|
||||
[[ $storePath == *"-system-"* ]] ||
|
||||
[[ $storePath == *"home-manager"* ]] ||
|
||||
[[ $storePath == *"-etc" ]] ||
|
||||
[[ $storePath == *"-source" ]] ||
|
||||
[[ $storePath == *"-launchd" ]] ||
|
||||
[[ $storePath == *"-fonts" ]] ||
|
||||
[[ $storePath == *"-darwin-manual-"* ]] ||
|
||||
[[ $storePath == *"-manual-olinkdb" ]] ||
|
||||
[[ $storePath == *"-manual-combined" ]] ||
|
||||
[[ $storePath == *"-man-pages" ]] ||
|
||||
[[ $storePath == *"-darwin-manpages" ]] ||
|
||||
[[ $storePath == *"-generated-docbook" ]] ||
|
||||
[[ $storePath == *"-fish-completions" ]] ||
|
||||
[[ $storePath == *".drv" ]] ||
|
||||
[[ $storePath == *".drv.chroot" ]] ||
|
||||
[[ $storePath == *".check" ]] ||
|
||||
[[ $storePath == *".lock" ]] ||
|
||||
[[ $storePath == *"-*" ]]; then
|
||||
echo "Skipping: $storePath"
|
||||
continue
|
||||
fi
|
||||
|
||||
# Ignore Neovim-related packages for now, because they will be recreated after every nightly update.
|
||||
# Might work better once nix is CA.
|
||||
if [[ $storePath == *"-vim-pack-dir" ]] ||
|
||||
[[ $storePath == *"-vimplugin-"* ]] ||
|
||||
[[ $storePath == *"-neovim-unwrapped"* ]] ||
|
||||
[[ $storePath == *"-vim-command-check-hook" ]] ||
|
||||
[[ $storePath == *"-neovim-require-check-hook" ]] ||
|
||||
[[ $storePath == *"-neovim-master-fish-completions" ]]; then
|
||||
echo "Skipping: $storePath"
|
||||
continue
|
||||
fi
|
||||
|
||||
if [ "$1" = "--list" ]; then
|
||||
echo "$storePath"
|
||||
else
|
||||
curl -I --fail --silent "https://cache.nixos.org/$uncachedHash.narinfo" > /dev/null
|
||||
cached_nixos="$?"
|
||||
|
||||
if [ $cached_nixos -eq 0 ]; then
|
||||
echo "Already cached on NixOS: $storePath ..."
|
||||
else
|
||||
curl -I --fail --silent "https://nix-community.cachix.org/$uncachedHash.narinfo" > /dev/null
|
||||
cached_cachix_nixcommunity="$?"
|
||||
|
||||
curl -I --fail --silent "https://nifoc.cachix.org/$uncachedHash.narinfo" > /dev/null
|
||||
cached_cachix_nifoc="$?"
|
||||
|
||||
if [ $cached_cachix_nixcommunity -eq 0 ] || [ $cached_cachix_nifoc -eq 0 ]; then
|
||||
echo "Already cached on Cachix: $storePath ..."
|
||||
else
|
||||
sudo -H nix store sign --key-file $signingKey $storePath
|
||||
|
||||
echo "Uploading $storePath ..."
|
||||
sudo -H nix copy --to '${cache.s3Url}' $storePath
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
'';
|
||||
|
||||
executable = true;
|
||||
};
|
||||
|
||||
home.file."${config.home.homeDirectory}/.aws/credentials" = lib.mkIf cache.enabled {
|
||||
text = ''
|
||||
[nixbldr]
|
||||
aws_access_key_id=${cache.accessKeyId}
|
||||
aws_secret_access_key=${cache.secretAccessKey}
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.configFile."nifoc-nix/${cache.signingKey}" = lib.mkIf cache.enabled {
|
||||
text = cache.signingKeyValue;
|
||||
};
|
||||
}
|
|
@ -1,8 +1,6 @@
|
|||
args@{ pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) optionals;
|
||||
|
||||
secret = import ../../secret/hosts/adsb-antenna.nix;
|
||||
ssh-keys = import ../shared/ssh-keys.nix;
|
||||
in
|
||||
|
@ -30,16 +28,12 @@ in
|
|||
"https://nix-community.cachix.org"
|
||||
"https://wurzelpfropf.cachix.org"
|
||||
"https://nifoc.cachix.org"
|
||||
] ++ optionals secret.nix-cache.nifoc.enabled [
|
||||
secret.nix-cache.nifoc.s3Url
|
||||
];
|
||||
|
||||
trusted-public-keys = [
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0="
|
||||
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
|
||||
] ++ optionals secret.nix-cache.nifoc.enabled [
|
||||
secret.nix-cache.nifoc.publicKeyValue
|
||||
];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue