1
0
Fork 0

custom cache: remove

This commit is contained in:
Daniel Kempkens 2023-04-05 14:56:50 +02:00
parent 6b6cd47524
commit 5bde072742
Signed by: daniel
SSH key fingerprint: SHA256:Ks/MyhQYcPRQiwMKLAKquWCdCPe3JXlb1WttgnAoSeM
4 changed files with 0 additions and 113 deletions

View file

@ -12,8 +12,6 @@ in
../programs/bat.nix
(import ../programs/custom-nix-cache.nix (args // { inherit secret; }))
../programs/fzf.nix
../programs/jq.nix

View file

@ -15,8 +15,6 @@ in
../programs/bat.nix
(import ../programs/custom-nix-cache.nix (args // { inherit secret; }))
../programs/fzf.nix
../programs/jq.nix

View file

@ -1,103 +0,0 @@
{ config, lib, secret, ... }:
let
user-bin-directory = "${config.home.homeDirectory}/.bin";
cache = secret.nix-cache.nifoc;
in
{
home.file."${user-bin-directory}/upload-nifoc-nix-cache" = lib.mkIf cache.enabled {
text = ''
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p sqlite
# Make sure the files are available to root on NixOS and macOS
sudo mkdir ${cache.rootDir}/.aws 2> /dev/null
sudo cp "$HOME/.aws/credentials" ${cache.rootDir}/.aws/
minTimestamp=$(expr $(date +%s) - 1800)
uncachedHashes=$(echo "SELECT DISTINCT hashPart FROM NARs WHERE present = 0 AND timestamp >= $minTimestamp;" | sudo sqlite3 "${cache.database}")
signingKey="$HOME/.config/nifoc-nix/${cache.signingKey}"
for uncachedHash in $uncachedHashes; do
storePath=$(readlink -f /nix/store/$uncachedHash-*)
if [[ $storePath == *"darwin-system"* ]] ||
[[ $storePath == *"nixos-system"* ]] ||
[[ $storePath == *"-nix-shell-env" ]] ||
[[ $storePath == *"-system-"* ]] ||
[[ $storePath == *"home-manager"* ]] ||
[[ $storePath == *"-etc" ]] ||
[[ $storePath == *"-source" ]] ||
[[ $storePath == *"-launchd" ]] ||
[[ $storePath == *"-fonts" ]] ||
[[ $storePath == *"-darwin-manual-"* ]] ||
[[ $storePath == *"-manual-olinkdb" ]] ||
[[ $storePath == *"-manual-combined" ]] ||
[[ $storePath == *"-man-pages" ]] ||
[[ $storePath == *"-darwin-manpages" ]] ||
[[ $storePath == *"-generated-docbook" ]] ||
[[ $storePath == *"-fish-completions" ]] ||
[[ $storePath == *".drv" ]] ||
[[ $storePath == *".drv.chroot" ]] ||
[[ $storePath == *".check" ]] ||
[[ $storePath == *".lock" ]] ||
[[ $storePath == *"-*" ]]; then
echo "Skipping: $storePath"
continue
fi
# Ignore Neovim-related packages for now, because they will be recreated after every nightly update.
# Might work better once nix is CA.
if [[ $storePath == *"-vim-pack-dir" ]] ||
[[ $storePath == *"-vimplugin-"* ]] ||
[[ $storePath == *"-neovim-unwrapped"* ]] ||
[[ $storePath == *"-vim-command-check-hook" ]] ||
[[ $storePath == *"-neovim-require-check-hook" ]] ||
[[ $storePath == *"-neovim-master-fish-completions" ]]; then
echo "Skipping: $storePath"
continue
fi
if [ "$1" = "--list" ]; then
echo "$storePath"
else
curl -I --fail --silent "https://cache.nixos.org/$uncachedHash.narinfo" > /dev/null
cached_nixos="$?"
if [ $cached_nixos -eq 0 ]; then
echo "Already cached on NixOS: $storePath ..."
else
curl -I --fail --silent "https://nix-community.cachix.org/$uncachedHash.narinfo" > /dev/null
cached_cachix_nixcommunity="$?"
curl -I --fail --silent "https://nifoc.cachix.org/$uncachedHash.narinfo" > /dev/null
cached_cachix_nifoc="$?"
if [ $cached_cachix_nixcommunity -eq 0 ] || [ $cached_cachix_nifoc -eq 0 ]; then
echo "Already cached on Cachix: $storePath ..."
else
sudo -H nix store sign --key-file $signingKey $storePath
echo "Uploading $storePath ..."
sudo -H nix copy --to '${cache.s3Url}' $storePath
fi
fi
fi
done
'';
executable = true;
};
home.file."${config.home.homeDirectory}/.aws/credentials" = lib.mkIf cache.enabled {
text = ''
[nixbldr]
aws_access_key_id=${cache.accessKeyId}
aws_secret_access_key=${cache.secretAccessKey}
'';
};
xdg.configFile."nifoc-nix/${cache.signingKey}" = lib.mkIf cache.enabled {
text = cache.signingKeyValue;
};
}

View file

@ -1,8 +1,6 @@
args@{ pkgs, lib, ... }:
let
inherit (lib) optionals;
secret = import ../../secret/hosts/adsb-antenna.nix;
ssh-keys = import ../shared/ssh-keys.nix;
in
@ -30,16 +28,12 @@ in
"https://nix-community.cachix.org"
"https://wurzelpfropf.cachix.org"
"https://nifoc.cachix.org"
] ++ optionals secret.nix-cache.nifoc.enabled [
secret.nix-cache.nifoc.s3Url
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"wurzelpfropf.cachix.org-1:ilZwK5a6wJqVr7Fyrzp4blIEkGK+LJT0QrpWr1qBNq0="
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
] ++ optionals secret.nix-cache.nifoc.enabled [
secret.nix-cache.nifoc.publicKeyValue
];
};